Skip to content

Commit 8e0645a

Browse files
brianlic-msftbrianlic-msft
authored
Merge pull request #41 from AnirbanPaul/patch-29
Update new-networkcontrolleraccesscontrollist.md
2 parents 7e768ed + 9b83571 commit 8e0645a

File tree

1 file changed

+58
-7
lines changed

1 file changed

+58
-7
lines changed

docset/windows/network-controller/new-networkcontrolleraccesscontrollist.md

Lines changed: 58 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ ms.assetid: 5040E9B9-D832-47A5-BB62-4B20C54760D1
2020
# New-NetworkControllerAccessControlList
2121

2222
## SYNOPSIS
23-
Creates an ACL for a Network Controller.
23+
This cmdlet creates a new access control list for allowing/denying traffic to/from a particular subnet or network interface
2424

2525
## SYNTAX
2626

@@ -32,10 +32,41 @@ New-NetworkControllerAccessControlList [-ResourceId] <String> [[-Tags] <PSObject
3232
```
3333

3434
## DESCRIPTION
35-
The **New-NetworkControllerAccessControlList** cmdlet creates an access control list (ACL) for a Network Controller.
35+
The **New-NetworkControllerAccessControlList** cmdlet creates a new access control list for allowing/denying traffic to/from a particular subnet or network interface. Each access control list can contain multiple rules.
3636

3737
## EXAMPLES
38-
38+
This example creates an access control list with two rules. The first rule allows all inbound network traffic. The second rule allows all outbound network traffic.
39+
```
40+
$ruleproperties = new-object Microsoft.Windows.NetworkController.AclRuleProperties 
41+
$ruleproperties.Protocol = "All" 
42+
$ruleproperties.SourcePortRange = "0-65535" 
43+
$ruleproperties.DestinationPortRange = "0-65535" 
44+
$ruleproperties.Action = "Allow" 
45+
$ruleproperties.SourceAddressPrefix = "*" 
46+
$ruleproperties.DestinationAddressPrefix = "*" 
47+
$ruleproperties.Priority = "100" 
48+
$ruleproperties.Type = "Inbound" 
49+
$ruleproperties.Logging = "Enabled" 
50+
$aclrule1 = new-object Microsoft.Windows.NetworkController.AclRule 
51+
$aclrule1.Properties = $ruleproperties 
52+
$aclrule1.ResourceId = "AllowAll_Inbound" 
53+
$ruleproperties = new-object Microsoft.Windows.NetworkController.AclRuleProperties 
54+
$ruleproperties.Protocol = "All" 
55+
$ruleproperties.SourcePortRange = "0-65535" 
56+
$ruleproperties.DestinationPortRange = "0-65535" 
57+
$ruleproperties.Action = "Allow" 
58+
$ruleproperties.SourceAddressPrefix = "*" 
59+
$ruleproperties.DestinationAddressPrefix = "*" 
60+
$ruleproperties.Priority = "110"
61+
$ruleproperties.Type = "Outbound"
62+
$ruleproperties.Logging = "Enabled"
63+
$aclrule2 = new-object Microsoft.Windows.NetworkController.AclRule
64+
$aclrule2.Properties = $ruleproperties
65+
$aclrule2.ResourceId = "AllowAll_Outbound"
66+
$acllistproperties = new-object Microsoft.Windows.NetworkController.AccessControlListProperties
67+
$acllistproperties.AclRules = @($aclrule1, $aclrule2)
68+
New-NetworkControllerAccessControlList -ResourceId "AllowAll" -Properties $acllistproperties -ConnectionUri <NC REST FQDN>
69+
```
3970

4071
## PARAMETERS
4172

@@ -151,7 +182,17 @@ Accept wildcard characters: False
151182
```
152183
153184
### -Properties
154-
Specifies properties of the ACL.
185+
Specifies the properties of an access control list. Each ACL consists of rules, with each rule having the following properties:
186+
1. Name
187+
2. Protocol
188+
3. Source port range
189+
4. Destination port range
190+
5. Action (Allow/Deny)
191+
6. Source Address prefix
192+
7. Destination address prefix
193+
8. Priority
194+
9. Type of rule (inbound/outbound)
195+
10. Whether logging is enabled or disabled
155196
156197
```yaml
157198
Type: AccessControlListProperties
@@ -166,7 +207,7 @@ Accept wildcard characters: False
166207
```
167208
168209
### -ResourceId
169-
Specifies the resource ID of the ACL.
210+
Specifies the unique identifier of the Access Control list.
170211
171212
```yaml
172213
Type: String
@@ -181,7 +222,7 @@ Accept wildcard characters: False
181222
```
182223
183224
### -ResourceMetadata
184-
Specifies metadata for the resource.
225+
Specifies metadata information for the client, such as the tenant ID, group ID, and resource name.
185226
186227
```yaml
187228
Type: ResourceMetadata
@@ -212,7 +253,6 @@ Accept wildcard characters: False
212253
213254
### -WhatIf
214255
Shows what would happen if the cmdlet runs.
215-
The cmdlet is not run.
216256
217257
```yaml
218258
Type: SwitchParameter
@@ -230,6 +270,17 @@ Accept wildcard characters: False
230270
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).
231271
232272
## INPUTS
273+
Each access control list contains multiple ACL rules. Each rule contains the following:
274+
1. Name
275+
2. Protocol
276+
3. Source port range
277+
4. Destination port range
278+
5. Action (Allow/Deny)
279+
6. Source Address prefix
280+
7. Destination address prefix
281+
8. Priority
282+
9. Type of rule (inbound/outbound)
283+
10. Whether logging is enabled or disabled
233284
234285
## OUTPUTS
235286

0 commit comments

Comments
 (0)