Microsoft Azure Security User Configuration allows users to configure and manage security settings for their Azure resources. This includes setting up user access controls, defining permissions and roles, and implementing security policies to protect data and applications hosted on the Azure platform. Users can customize authentication methods, enable multi-factor authentication, and monitor user activity to ensure compliance with security standards.
swagger: '2.0'
info:
title: Microsoft Azure SecurityUserConfiguration
version: 2022-02-01-preview
host: management.azure.com
schemes:
- https
consumes:
- application/json
produces:
- application/json
security:
- azure_auth:
- user_impersonation
securityDefinitions:
azure_auth:
type: oauth2
authorizationUrl: https://login.microsoftonline.com/common/oauth2/authorize
flow: implicit
description: Azure Active Directory OAuth2 Flow.
scopes:
user_impersonation: impersonate your user account
paths:
? /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkManagers/{networkManagerName}/securityUserConfigurations
: get:
tags:
- SecurityUserConfigurations
operationId: microsoftAzureSecurityuserconfigurationsList
description: >-
Lists all the network manager security user configurations in a network
manager, in a paginated format.
parameters:
- $ref: ./network.json#/parameters/ApiVersionParameter
- $ref: ./network.json#/parameters/SubscriptionIdParameter
- $ref: '#/parameters/ResourceGroupNameParameter'
- $ref: '#/parameters/NetworkManagerNameParameter'
- $ref: '#/parameters/ListTopParameter'
- $ref: '#/parameters/ListSkipTokenParameter'
responses:
'200':
description: >-
Get successful. The operation returns all security user
configurations in the specified network manager, in a paginated
format
schema:
$ref: '#/definitions/SecurityUserConfigurationListResult'
default:
description: Error response describing why the operation failed.
schema:
$ref: ./network.json#/definitions/CloudError
x-ms-pageable:
nextLinkName: nextLink
x-ms-examples:
List security user configurations in a network manager:
$ref: ./examples/NetworkManagerSecurityUserConfigurationList.json
summary: >-
Microsoft Azure Get Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Network Networkmanagers Networkmanagername Securityuserconfigurations
? /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkManagers/{networkManagerName}/securityUserConfigurations/{configurationName}
: parameters:
- $ref: ./network.json#/parameters/ApiVersionParameter
- $ref: ./network.json#/parameters/SubscriptionIdParameter
- $ref: '#/parameters/ResourceGroupNameParameter'
- $ref: '#/parameters/NetworkManagerNameParameter'
- $ref: '#/parameters/SecurityConfigurationParameter'
get:
tags:
- SecurityUserConfigurations
description: Retrieves a network manager security user configuration.
operationId: microsoftAzureSecurityuserconfigurationsGet
responses:
'200':
description: Successful operation
schema:
$ref: '#/definitions/SecurityUserConfiguration'
default:
description: Error response describing why the operation failed.
schema:
$ref: ./network.json#/definitions/CloudError
x-ms-examples:
Get security user configurations:
$ref: ./examples/NetworkManagerSecurityUserConfigurationGet.json
summary: >-
Microsoft Azure Get Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Network Networkmanagers Networkmanagername Securityuserconfigurations Configurationname
put:
tags:
- SecurityUserConfigurations
description: Creates or updates a network manager security user configuration.
operationId: microsoftAzureSecurityuserconfigurationsCreateorupdate
parameters:
- name: securityUserConfiguration
in: body
required: true
schema:
$ref: '#/definitions/SecurityUserConfiguration'
description: The security user configuration to create or update
responses:
'200':
description: Updated Configuration
schema:
$ref: '#/definitions/SecurityUserConfiguration'
'201':
description: Created Configuration
schema:
$ref: '#/definitions/SecurityUserConfiguration'
default:
description: Error response describing why the operation failed.
schema:
$ref: ./network.json#/definitions/CloudError
x-ms-examples:
Create network manager security user configuration:
$ref: ./examples/NetworkManagerSecurityUserConfigurationPut.json
summary: >-
Microsoft Azure Put Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Network Networkmanagers Networkmanagername Securityuserconfigurations Configurationname
delete:
tags:
- SecurityUserConfigurations
description: Deletes a network manager security user configuration.
operationId: microsoftAzureSecurityuserconfigurationsDelete
parameters:
- $ref: '#/parameters/ForceDeleteParameter'
responses:
'200':
description: OK
'204':
description: Request successful. Resource does not exist.
default:
description: Error response describing why the operation failed.
schema:
$ref: ./network.json#/definitions/CloudError
x-ms-examples:
Delete network manager security user configuration:
$ref: ./examples/NetworkManagerSecurityUserConfigurationDelete.json
summary: >-
Microsoft Azure Delete Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Network Networkmanagers Networkmanagername Securityuserconfigurations Configurationname
? /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkManagers/{networkManagerName}/securityUserConfigurations/{configurationName}/ruleCollections
: get:
tags:
- UserRuleCollections
operationId: microsoftAzureUserrulecollectionsList
description: >-
Lists all the user rule collections in a security configuration, in a
paginated format.
parameters:
- $ref: ./network.json#/parameters/ApiVersionParameter
- $ref: ./network.json#/parameters/SubscriptionIdParameter
- $ref: '#/parameters/ResourceGroupNameParameter'
- $ref: '#/parameters/NetworkManagerNameParameter'
- $ref: '#/parameters/SecurityConfigurationParameter'
- $ref: '#/parameters/ListTopParameter'
- $ref: '#/parameters/ListSkipTokenParameter'
responses:
'200':
description: >-
Get successful. The operation returns all ruleCollections in the
specified security configuration, in a paginated format
schema:
$ref: '#/definitions/UserRuleCollectionListResult'
default:
description: Error response describing why the operation failed.
schema:
$ref: ./network.json#/definitions/CloudError
x-ms-pageable:
nextLinkName: nextLink
x-ms-examples:
List rule collections in a security configuration:
$ref: ./examples/NetworkManagerUserRuleCollectionList.json
summary: >-
Microsoft Azure Get Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Network Networkmanagers Networkmanagername Securityuserconfigurations Configurationname Rulecollections
? /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkManagers/{networkManagerName}/securityUserConfigurations/{configurationName}/ruleCollections/{ruleCollectionName}
: parameters:
- $ref: ./network.json#/parameters/ApiVersionParameter
- $ref: ./network.json#/parameters/SubscriptionIdParameter
- $ref: '#/parameters/ResourceGroupNameParameter'
- $ref: '#/parameters/NetworkManagerNameParameter'
- $ref: '#/parameters/SecurityConfigurationParameter'
- $ref: '#/parameters/RuleCollectionParameter'
get:
tags:
- RuleCollections
description: Gets a network manager security user configuration rule collection.
operationId: microsoftAzureUserrulecollectionsGet
responses:
'200':
description: Successful operation
schema:
$ref: '#/definitions/UserRuleCollection'
default:
description: Error response describing why the operation failed.
schema:
$ref: ./network.json#/definitions/CloudError
x-ms-examples:
Gets security user rule collection:
$ref: ./examples/NetworkManagerUserRuleCollectionGet.json
summary: >-
Microsoft Azure Get Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Network Networkmanagers Networkmanagername Securityuserconfigurations Configurationname Rulecollections Rulecollectionname
put:
tags:
- UserRuleCollections
description: Creates or updates a user rule collection.
operationId: microsoftAzureUserrulecollectionsCreateorupdate
parameters:
- name: userRuleCollection
in: body
required: true
schema:
$ref: '#/definitions/UserRuleCollection'
description: The User Rule Collection to create or update
responses:
'200':
description: Updated User Rule Collection
schema:
$ref: '#/definitions/UserRuleCollection'
'201':
description: Created User Rule Collection
schema:
$ref: '#/definitions/UserRuleCollection'
default:
description: Error response describing why the operation failed.
schema:
$ref: ./network.json#/definitions/CloudError
x-ms-examples:
Create or Update a User Rule Collection:
$ref: ./examples/NetworkManagerUserRuleCollectionPut.json
summary: >-
Microsoft Azure Put Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Network Networkmanagers Networkmanagername Securityuserconfigurations Configurationname Rulecollections Rulecollectionname
delete:
tags:
- UserRuleCollections
description: Deletes a user rule collection.
parameters:
- $ref: '#/parameters/ForceDeleteParameter'
operationId: microsoftAzureUserrulecollectionsDelete
responses:
'200':
description: OK
'204':
description: Request successful. Resource does not exist.
default:
description: Error response describing why the operation failed.
schema:
$ref: ./network.json#/definitions/CloudError
x-ms-examples:
Deletes a user rule collection:
$ref: ./examples/NetworkManagerUserRuleCollectionDelete.json
summary: >-
Microsoft Azure Delete Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Network Networkmanagers Networkmanagername Securityuserconfigurations Configurationname Rulecollections Rulecollectionname
? /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkManagers/{networkManagerName}/securityUserConfigurations/{configurationName}/ruleCollections/{ruleCollectionName}/rules
: parameters:
- $ref: ./network.json#/parameters/ApiVersionParameter
- $ref: ./network.json#/parameters/SubscriptionIdParameter
- $ref: '#/parameters/ResourceGroupNameParameter'
- $ref: '#/parameters/NetworkManagerNameParameter'
- $ref: '#/parameters/SecurityConfigurationParameter'
- $ref: '#/parameters/RuleCollectionParameter'
- $ref: '#/parameters/ListTopParameter'
- $ref: '#/parameters/ListSkipTokenParameter'
get:
tags:
- UserRules
description: Lists all user rules in a rule collection.
operationId: microsoftAzureUserrulesList
responses:
'200':
description: Successful operation
schema:
$ref: '#/definitions/UserRuleListResult'
default:
description: Error response describing why the operation failed.
schema:
$ref: ./network.json#/definitions/CloudError
x-ms-examples:
List security user rules:
$ref: ./examples/NetworkManagerUserRuleList.json
x-ms-pageable:
nextLinkName: nextLink
summary: >-
Microsoft Azure Get Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Network Networkmanagers Networkmanagername Securityuserconfigurations Configurationname Rulecollections Rulecollectionname Rules
? /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkManagers/{networkManagerName}/securityUserConfigurations/{configurationName}/ruleCollections/{ruleCollectionName}/rules/{ruleName}
: parameters:
- $ref: ./network.json#/parameters/ApiVersionParameter
- $ref: ./network.json#/parameters/SubscriptionIdParameter
- $ref: '#/parameters/ResourceGroupNameParameter'
- $ref: '#/parameters/NetworkManagerNameParameter'
- $ref: '#/parameters/SecurityConfigurationParameter'
- $ref: '#/parameters/RuleCollectionParameter'
- $ref: '#/parameters/SecurityConfigurationsRuleParameter'
get:
tags:
- UserRules
description: Gets a user rule.
operationId: microsoftAzureUserrulesGet
responses:
'200':
description: Successful operation
schema:
$ref: '#/definitions/BaseUserRule'
default:
description: Error response describing why the operation failed.
schema:
$ref: ./network.json#/definitions/CloudError
x-ms-examples:
Gets a user rule:
$ref: ./examples/NetworkManagerUserRuleGet.json
Gets a default user rule:
$ref: ./examples/NetworkManagerDefaultUserRuleGet.json
summary: >-
Microsoft Azure Get Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Network Networkmanagers Networkmanagername Securityuserconfigurations Configurationname Rulecollections Rulecollectionname Rules Rulename
put:
tags:
- UserRules
description: Creates or updates a user rule.
operationId: microsoftAzureUserrulesCreateorupdate
parameters:
- name: userRule
in: body
required: true
schema:
$ref: '#/definitions/BaseUserRule'
description: The user rule to create or update
responses:
'200':
description: Updated rule
schema:
$ref: '#/definitions/BaseUserRule'
'201':
description: Created rule
schema:
$ref: '#/definitions/BaseUserRule'
default:
description: Error response describing why the operation failed.
schema:
$ref: ./network.json#/definitions/CloudError
x-ms-examples:
Create a user rule:
$ref: ./examples/NetworkManagerUserRulePut.json
Create a default user rule:
$ref: ./examples/NetworkManagerDefaultUserRulePut.json
summary: >-
Microsoft Azure Put Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Network Networkmanagers Networkmanagername Securityuserconfigurations Configurationname Rulecollections Rulecollectionname Rules Rulename
delete:
tags:
- UserRules
description: Deletes a user rule.
operationId: microsoftAzureUserrulesDelete
parameters:
- $ref: '#/parameters/ForceDeleteParameter'
responses:
'200':
description: Delete Succeed.
'204':
description: Request successful. Resource does not exist.
default:
description: Error response describing why the operation failed.
schema:
$ref: ./network.json#/definitions/CloudError
x-ms-examples:
Delete a user rule:
$ref: ./examples/NetworkManagerUserRuleDelete.json
summary: >-
Microsoft Azure Delete Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Network Networkmanagers Networkmanagername Securityuserconfigurations Configurationname Rulecollections Rulecollectionname Rules Rulename
definitions:
SecurityUserConfiguration:
type: object
properties:
properties:
x-ms-client-flatten: true
$ref: '#/definitions/SecurityUserConfigurationPropertiesFormat'
description: >-
Indicates the properties for the network manager security user
configuration.
systemData:
readOnly: true
description: The system metadata related to this resource.
$ref: ./network.json#/definitions/SystemData
allOf:
- $ref: ./network.json#/definitions/ProxyResource
description: Defines the security user configuration
SecurityUserConfigurationPropertiesFormat:
type: object
properties:
description:
type: string
description: A description of the security user configuration.
deleteExistingNSGs:
type: string
enum:
- 'False'
- 'True'
x-ms-enum:
name: DeleteExistingNSGs
modelAsString: true
description: Flag if need to delete existing network security groups.
provisioningState:
readOnly: true
$ref: ./network.json#/definitions/ProvisioningState
description: The provisioning state of the resource.
description: Defines the security user configuration properties.
SecurityUserConfigurationListResult:
type: object
properties:
value:
type: array
items:
$ref: '#/definitions/SecurityUserConfiguration'
description: Gets a page of security user configurations
nextLink:
type: string
description: Gets the URL to get the next page of results.
description: A list of network manager security user configurations
UserRuleCollectionListResult:
type: object
properties:
value:
type: array
items:
$ref: '#/definitions/UserRuleCollection'
description: A list of network manager security user configuration rule collections
nextLink:
type: string
description: Gets the URL to get the next set of results.
description: Security user configuration rule collection list result.
UserRuleCollection:
type: object
properties:
properties:
x-ms-client-flatten: true
$ref: '#/definitions/UserRuleCollectionPropertiesFormat'
description: Indicates the properties for the network manager user rule collection.
systemData:
readOnly: true
description: The system metadata related to this resource.
$ref: ./network.json#/definitions/SystemData
allOf:
- $ref: ./network.json#/definitions/ProxyResource
description: Defines the user rule collection.
UserRuleCollectionPropertiesFormat:
type: object
properties:
description:
type: string
description: A description of the user rule collection.
appliesToGroups:
type: array
x-ms-identifiers:
- networkGroupId
items:
$ref: >-
./networkManagerSecurityAdminConfiguration.json#/definitions/NetworkManagerSecurityGroupItem
description: Groups for configuration
provisioningState:
readOnly: true
$ref: ./network.json#/definitions/ProvisioningState
description: The provisioning state of the resource.
required:
- appliesToGroups
description: Defines the user rule collection properties.
BaseUserRule:
type: object
properties:
kind:
type: string
description: Whether the rule is custom or default.
enum:
- Custom
- Default
x-ms-enum:
name: UserRuleKind
modelAsString: true
systemData:
readOnly: true
description: The system metadata related to this resource.
$ref: ./network.json#/definitions/SystemData
allOf:
- $ref: ./network.json#/definitions/ProxyResource
required:
- kind
discriminator: kind
description: Network base rule.
UserRuleListResult:
type: object
properties:
value:
type: array
items:
$ref: '#/definitions/BaseUserRule'
description: A list of user rules
nextLink:
type: string
description: The URL to get the next set of results.
description: security user rule list result.
UserRule:
type: object
properties:
properties:
$ref: '#/definitions/UserRulePropertiesFormat'
x-ms-client-flatten: true
description: Indicates the properties of the security user rule
allOf:
- $ref: '#/definitions/BaseUserRule'
description: Network security user rule.
x-ms-discriminator-value: Custom
UserRulePropertiesFormat:
type: object
properties:
description:
type: string
description: A description for this rule.
protocol:
type: string
$ref: >-
./networkManagerSecurityAdminConfiguration.json#/definitions/RuleProtocol
description: Network protocol this rule applies to.
sources:
type: array
x-ms-identifiers:
- addressPrefix
items:
$ref: >-
./networkManagerSecurityAdminConfiguration.json#/definitions/AddressPrefixItem
description: The CIDR or source IP ranges.
destinations:
type: array
x-ms-identifiers:
- addressPrefix
items:
$ref: >-
./networkManagerSecurityAdminConfiguration.json#/definitions/AddressPrefixItem
description: The destination address prefixes. CIDR or destination IP ranges.
sourcePortRanges:
type: array
items:
type: string
description: The source port.
description: The source port ranges.
destinationPortRanges:
type: array
items:
type: string
description: The destination port.
description: The destination port ranges.
direction:
$ref: >-
./networkManagerSecurityAdminConfiguration.json#/definitions/SecurityConfigurationRuleDirection
description: >-
Indicates if the traffic matched against the rule in inbound or
outbound.
provisioningState:
readOnly: true
$ref: ./network.json#/definitions/ProvisioningState
description: >-
The provisioning state of the security configuration user rule
resource.
required:
- protocol
- direction
description: Security rule resource.
DefaultUserRule:
type: object
properties:
properties:
$ref: '#/definitions/DefaultUserRulePropertiesFormat'
x-ms-client-flatten: true
description: Indicates the properties of the security default user rule
allOf:
- $ref: '#/definitions/BaseUserRule'
description: Network security default user rule.
x-ms-discriminator-value: Default
DefaultUserRulePropertiesFormat:
type: object
properties:
description:
type: string
readOnly: true
description: A description for this rule. Restricted to 140 chars.
flag:
type: string
description: Default rule flag.
protocol:
type: string
readOnly: true
$ref: >-
./networkManagerSecurityAdminConfiguration.json#/definitions/RuleProtocol
description: Network protocol this rule applies to.
sources:
type: array
x-ms-identifiers:
- addressPrefix
readOnly: true
items:
$ref: >-
./networkManagerSecurityAdminConfiguration.json#/definitions/AddressPrefixItem
description: The CIDR or source IP ranges.
destinations:
type: array
x-ms-identifiers:
- addressPrefix
readOnly: true
items:
$ref: >-
./networkManagerSecurityAdminConfiguration.json#/definitions/AddressPrefixItem
description: The destination address prefixes. CIDR or destination IP ranges.
sourcePortRanges:
type: array
readOnly: true
items:
type: string
description: The source port.
description: The source port ranges.
destinationPortRanges:
type: array
readOnly: true
items:
type: string
description: The destination port.
description: The destination port ranges.
direction:
$ref: >-
./networkManagerSecurityAdminConfiguration.json#/definitions/SecurityConfigurationRuleDirection
readOnly: true
description: >-
Indicates if the traffic matched against the rule in inbound or
outbound.
provisioningState:
readOnly: true
$ref: ./network.json#/definitions/ProvisioningState
description: >-
The provisioning state of the security configuration user rule
resource.
description: Security default user rule resource.
parameters:
SecurityConfigurationParameter:
name: configurationName
in: path
description: The name of the network manager Security Configuration.
required: true
type: string
x-ms-parameter-location: method
RuleCollectionParameter:
name: ruleCollectionName
in: path
description: The name of the network manager security Configuration rule collection.
required: true
type: string
x-ms-parameter-location: method
SecurityConfigurationsRuleParameter:
name: ruleName
in: path
description: The name of the rule.
required: true
type: string
x-ms-parameter-location: method
ResourceGroupNameParameter:
name: resourceGroupName
in: path
required: true
type: string
description: The name of the resource group.
x-ms-parameter-location: method
NetworkManagerNameParameter:
name: networkManagerName
in: path
required: true
type: string
description: The name of the network manager.
x-ms-parameter-location: method
ListTopParameter:
name: $top
description: >-
An optional query parameter which specifies the maximum number of records
to be returned by the server.
in: query
required: false
type: integer
format: int32
minimum: 1
maximum: 20
x-ms-parameter-location: method
ListSkipTokenParameter:
name: $skipToken
description: >-
SkipToken is only used if a previous operation returned a partial result.
If a previous response contains a nextLink element, the value of the
nextLink element will include a skipToken parameter that specifies a
starting point to use for subsequent calls.
in: query
required: false
type: string
x-ms-parameter-location: method
ForceDeleteParameter:
name: force
in: query
required: false
type: boolean
description: >-
Deletes the resource even if it is part of a deployed configuration. If
the configuration has been deployed, the service will do a cleanup
deployment in the background, prior to the delete.
x-ms-parameter-location: method
tags:
- name: RuleCollections
- name: SecurityUserConfigurations
- name: UserRuleCollections
- name: UserRules