Use the Azure Network Security Group to filter network traffic to and from Azure resources in an Azure virtual network.
This document provides information about the Azure Network Security Group Connector, which facilitates automated interactions, with an Azure Network Security Group server using FortiSOAR™ playbooks. Add the Azure Network Security Group Connector as a step in FortiSOAR™ playbooks and perform automated operations such as creating or updating a network security group in Azure Network Security Group, retrieving a list of all network security groups from Azure Network Security Group, etc.
Connector Version: 1.2.0
FortiSOAR™ Version Tested on: 7.4.1-3167
Azure Network Security Group Version Tested on: 2023-02-01
Authored By: Fortinet
Certified: Yes
Following enhancements have been made to the Azure Network Security Group Connector in version 1.2.0:
Update Network Security Group action wherein the action was removing all the existing rules in a Network Security Group while adding rules.Update Network Security Group action now supports deletion of rules in a Network Security Group.Operation to Perform on Network Security Group is added to the Update Network Security Group action which provides the options to Add or Remove rule in a Network Security Group.Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command as a root user to install the connector:
yum install cyops-connector-azure-network-security-group
For the procedure to configure a connector, click here.
In FortiSOAR™, on the Content Hub (or Connector Store) page, click the Manage tab, and then click the Azure Network Security Group connector card. On the connector popup, click the Configurations tab to enter the required configuration details.
| Parameter | Description |
|---|---|
| Get Access Token | Select the method using which you will get authentication tokens used to access the network security group APIs. You can choose from following options:
|
| Server URL | The service-based URL to which you will connect and perform the automated operations. |
| Directory (Tenant) ID | The ID of the tenant that you have been provided for your Azure Network Security Group instance. |
| Application (client) ID | Unique ID of the Azure Network Security Group application that is used to create an authentication token required to access the API. |
| Application (client) Secret | Unique Client Secret of the Azure Network Security Group application that is used to create an authentication token required to access the API. For information on how to get the secret key, see https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp. |
| Authorization Code | (Only Applicable to On behalf of User – Delegate Permission) The authorization code that you acquired during the authorization step. For more information, see the Getting Access Tokens using the On behalf of the user – Delegate Permission method section. |
| Redirect URL | (Only Applicable to On behalf of User – Delegate Permission) The redirect_uri of your app, where authentication responses can be sent and received by your app. The redirect URL that you specify here must exactly match one of the redirect_uri's you have registered in your app registration portal. |
| Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. By default, this option is set as True. |
The following automated operations can be included in playbooks and you can also use the annotations to access operations:
| Function | Description | Annotation and Category |
|---|---|---|
| Create Network Security Group | Creates a network security group in the specified resource group based on the input parameters, such as subscription ID, name of the network security group, location of the network security group, etc. you have specified. | create_network_security_group Investigation |
| List Network Security Groups | Retrieves a list of all network security groups from the specified resource group in Azure Network Security Group. | list_of_network_security_groups Investigation |
| Get Network Security Group Info | Retrieves all the details of the specified network security group from the specified resource group in Azure Network Security Group. | get_network_security_group_info Investigation |
| Update Network Security Group | Updates a network security group in the specified resource group based on the input parameters, such as subscription ID, name of the network security group, location of the network security group, etc. you have specified. | update_network_security_group Investigation |
| Delete Network Security Group | Deletes the specified network security group from the specified resource group in Azure Network Security Group. | delete_network_security_group Investigation |
| Parameter | Description |
|---|---|
| Subscription ID | Select the subscription credentials that uniquely identify Azure subscription. The subscription ID forms part of the URI for every service call. This parameter makes an API call named list_of_subscriptions to dynamically populate the Subscription ID's drop-down selections. |
| Resource Group Name | Select the name of the resource group in which you want to create the network security group. This parameter makes an API call named list_of_resource_groups to dynamically populate the Resource Group Name's drop-down selections. |
| Network Security Group Name | Specify the name of the network security group that you want to create in the Azure Network Security Group. |
| Location | Select the location of the network security group that you want to create in the Azure Network Security Group. This parameter makes an API call named list_of_locations to dynamically populate the Location's drop-down selections. |
| Rule Type | Select whether you want to associate a single rule or multiple (or custom) rules with the network security group that you want to create in the Azure Network Security Group. If you select Single Rule, then you must specify the following parameters:
|
The output contains the following populated JSON schema:
{
"name": "",
"id": "",
"etag": "",
"type": "",
"location": "",
"properties": {
"provisioningState": "",
"resourceGuid": "",
"securityRules": [
{
"name": "",
"id": "",
"etag": "",
"type": "",
"properties": {
"provisioningState": "",
"protocol": "",
"sourcePortRange": "",
"destinationPortRange": "",
"sourceAddressPrefix": "",
"destinationAddressPrefix": "",
"access": "",
"priority": "",
"direction": "",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
],
"defaultSecurityRules": [
{
"name": "",
"id": "",
"etag": "",
"type": "",
"properties": {
"provisioningState": "",
"description": "",
"protocol": "",
"sourcePortRange": "",
"destinationPortRange": "",
"sourceAddressPrefix": "",
"destinationAddressPrefix": "",
"access": "",
"priority": "",
"direction": "",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
]
}
}
| Parameter | Description |
|---|---|
| Subscription ID | Select the subscription credentials that uniquely identify Azure subscription. The subscription ID forms part of the URI for every service call. This parameter makes an API call named list_of_subscriptions to dynamically populate the Subscription ID's drop-down selections. |
| Resource Group Name | Select the name of the resource group from which you want to retrieve a list of all network security groups. This parameter makes an API call named list_of_resource_groups to dynamically populate the Resource Group Name's drop-down selections. |
The output contains the following populated JSON schema:
[
{
"name": "",
"id": "",
"etag": "",
"type": "",
"location": "",
"properties": {
"provisioningState": "",
"resourceGuid": "",
"securityRules": [
{
"name": "",
"id": "",
"etag": "",
"type": "",
"properties": {
"provisioningState": "",
"protocol": "",
"sourcePortRange": "",
"destinationPortRange": "",
"sourceAddressPrefix": "",
"destinationAddressPrefix": "",
"access": "",
"priority": "",
"direction": "",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
],
"defaultSecurityRules": [
{
"name": "",
"id": "",
"etag": "",
"type": "",
"properties": {
"provisioningState": "",
"description": "",
"protocol": "",
"sourcePortRange": "",
"destinationPortRange": "",
"sourceAddressPrefix": "",
"destinationAddressPrefix": "",
"access": "",
"priority": "",
"direction": "",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
]
}
}
]
| Parameter | Description |
|---|---|
| Subscription ID | Select the subscription credentials that uniquely identify Azure subscription. The subscription ID forms part of the URI for every service call. This parameter makes an API call named list_of_subscriptions to dynamically populate the Subscription ID's drop-down selections. |
| Resource Group Name | Select the name of the resource group from which you want to retrieve the specified network security group. This parameter makes an API call named list_of_resource_groups to dynamically populate the Resource Group Name's drop-down selections. |
| Network Security Group Name | Select the name of the network security group whose details you want to retrieve from the specified resource group. This parameter makes an API call named list_of_network_security_groups_only_names to dynamically populate the Network Security Group Name's drop-down selections. |
The output contains the following populated JSON schema:
{
"name": "",
"id": "",
"etag": "",
"type": "",
"location": "",
"properties": {
"provisioningState": "",
"resourceGuid": "",
"securityRules": [
{
"name": "",
"id": "",
"etag": "",
"type": "",
"properties": {
"provisioningState": "",
"protocol": "",
"sourcePortRange": "",
"destinationPortRange": "",
"sourceAddressPrefix": "",
"destinationAddressPrefix": "",
"access": "",
"priority": "",
"direction": "",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
],
"defaultSecurityRules": [
{
"name": "",
"id": "",
"etag": "",
"type": "",
"properties": {
"provisioningState": "",
"description": "",
"protocol": "",
"sourcePortRange": "",
"destinationPortRange": "",
"sourceAddressPrefix": "",
"destinationAddressPrefix": "",
"access": "",
"priority": "",
"direction": "",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
]
}
}
| Parameter | Description |
|---|---|
| Subscription ID | Select the subscription credentials that uniquely identify Azure subscription. The subscription ID forms part of the URI for every service call. This parameter makes an API call named list_of_subscriptions to dynamically populate the Subscription ID's drop-down selections. |
| Resource Group Name | Select the name of the resource group in which you want to update the network security group. This parameter makes an API call named list_of_resource_groups to dynamically populate the Resource Group Name's drop-down selections. |
| Network Security Group Name | Select the name of the network security group that you want to update in the Azure Network Security Group. This parameter makes an API call named list_of_network_security_groups_only_names to dynamically populate the Network Security Group Name's drop-down selections. |
| Operation to Perform on Network Security Group | Select the operation to perform on the Network Security Group. You can choose from following options:
|
The output contains the following populated JSON schema:
{
"name": "",
"id": "",
"etag": "",
"type": "",
"location": "",
"properties": {
"provisioningState": "",
"resourceGuid": "",
"securityRules": [
{
"name": "",
"id": "",
"etag": "",
"type": "",
"properties": {
"provisioningState": "",
"protocol": "",
"sourcePortRange": "",
"destinationPortRange": "",
"sourceAddressPrefix": "",
"destinationAddressPrefix": "",
"access": "",
"priority": "",
"direction": "",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
],
"defaultSecurityRules": [
{
"name": "",
"id": "",
"etag": "",
"type": "",
"properties": {
"provisioningState": "",
"description": "",
"protocol": "",
"sourcePortRange": "",
"destinationPortRange": "",
"sourceAddressPrefix": "",
"destinationAddressPrefix": "",
"access": "",
"priority": "",
"direction": "",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
]
}
}
| Parameter | Description |
|---|---|
| Subscription ID | Select the subscription credentials that uniquely identify Azure subscription. The subscription ID forms part of the URI for every service call. This parameter makes an API call named list_of_subscriptions to dynamically populate the Subscription ID's drop-down selections. |
| Resource Group Name | Select the name of the resource group from which you want to delete the specified network security group. This parameter makes an API call named list_of_resource_groups to dynamically populate the Resource Group Name's drop-down selections. |
| Network Security Group Name | Select the name of the network security group that you want to delete from the specified resource group. This parameter makes an API call named list_of_network_security_groups_only_names to dynamically populate the Network Security Group Name's drop-down selections. |
The output contains the following populated JSON schema:
{
"result": ""
}
The Sample - Azure Network Security Group - 1.2.0 playbook collection comes bundled with the Azure Network Security Group connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Azure Network Security Group connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
You can get authentication tokens to access the Network Security Group APIs using two methods:
For more information, see https://docs.microsoft.com/en-us/azure/virtual-network/network-security-groups-overview.
Microsoft.Authorization/*/readMicrosoft.Insights/alertRules/*Microsoft.Network/*Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.Resources/deployments/*Microsoft.Resources/subscriptions/resourceGroups/readuser_impersonation to the application created in Azure portalMicrosoft.Support/*of type Delegate.TENANT_ID, CLIENT_ID, and REDIRECT_URI with your own tenant ID, client ID, and redirect URL: https://login.microsoftonline.com/TENANT_ID/oauth2/v2.0/authorize?response_type=code&scope=https://management.azure.com/.default offline_access&client_id=CLIENT_ID&redirect_uri=REDIRECT_URIREDIRECT_URI?code=AUTH_CODE&session_state=SESSION_STATEAUTH_CODE (without the code= prefix) and paste it into your instance configuration in the Authorization Code parameter.Microsoft.Authorization/*/readMicrosoft.Insights/alertRules/*Microsoft.Network/*Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.Resources/deployments/*Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Support/*of type Application.Use the Azure Network Security Group to filter network traffic to and from Azure resources in an Azure virtual network.
This document provides information about the Azure Network Security Group Connector, which facilitates automated interactions, with an Azure Network Security Group server using FortiSOAR™ playbooks. Add the Azure Network Security Group Connector as a step in FortiSOAR™ playbooks and perform automated operations such as creating or updating a network security group in Azure Network Security Group, retrieving a list of all network security groups from Azure Network Security Group, etc.
Connector Version: 1.2.0
FortiSOAR™ Version Tested on: 7.4.1-3167
Azure Network Security Group Version Tested on: 2023-02-01
Authored By: Fortinet
Certified: Yes
Following enhancements have been made to the Azure Network Security Group Connector in version 1.2.0:
Update Network Security Group action wherein the action was removing all the existing rules in a Network Security Group while adding rules.Update Network Security Group action now supports deletion of rules in a Network Security Group.Operation to Perform on Network Security Group is added to the Update Network Security Group action which provides the options to Add or Remove rule in a Network Security Group.Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command as a root user to install the connector:
yum install cyops-connector-azure-network-security-group
For the procedure to configure a connector, click here.
In FortiSOAR™, on the Content Hub (or Connector Store) page, click the Manage tab, and then click the Azure Network Security Group connector card. On the connector popup, click the Configurations tab to enter the required configuration details.
| Parameter | Description |
|---|---|
| Get Access Token | Select the method using which you will get authentication tokens used to access the network security group APIs. You can choose from following options:
|
| Server URL | The service-based URL to which you will connect and perform the automated operations. |
| Directory (Tenant) ID | The ID of the tenant that you have been provided for your Azure Network Security Group instance. |
| Application (client) ID | Unique ID of the Azure Network Security Group application that is used to create an authentication token required to access the API. |
| Application (client) Secret | Unique Client Secret of the Azure Network Security Group application that is used to create an authentication token required to access the API. For information on how to get the secret key, see https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp. |
| Authorization Code | (Only Applicable to On behalf of User – Delegate Permission) The authorization code that you acquired during the authorization step. For more information, see the Getting Access Tokens using the On behalf of the user – Delegate Permission method section. |
| Redirect URL | (Only Applicable to On behalf of User – Delegate Permission) The redirect_uri of your app, where authentication responses can be sent and received by your app. The redirect URL that you specify here must exactly match one of the redirect_uri's you have registered in your app registration portal. |
| Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. By default, this option is set as True. |
The following automated operations can be included in playbooks and you can also use the annotations to access operations:
| Function | Description | Annotation and Category |
|---|---|---|
| Create Network Security Group | Creates a network security group in the specified resource group based on the input parameters, such as subscription ID, name of the network security group, location of the network security group, etc. you have specified. | create_network_security_group Investigation |
| List Network Security Groups | Retrieves a list of all network security groups from the specified resource group in Azure Network Security Group. | list_of_network_security_groups Investigation |
| Get Network Security Group Info | Retrieves all the details of the specified network security group from the specified resource group in Azure Network Security Group. | get_network_security_group_info Investigation |
| Update Network Security Group | Updates a network security group in the specified resource group based on the input parameters, such as subscription ID, name of the network security group, location of the network security group, etc. you have specified. | update_network_security_group Investigation |
| Delete Network Security Group | Deletes the specified network security group from the specified resource group in Azure Network Security Group. | delete_network_security_group Investigation |
| Parameter | Description |
|---|---|
| Subscription ID | Select the subscription credentials that uniquely identify Azure subscription. The subscription ID forms part of the URI for every service call. This parameter makes an API call named list_of_subscriptions to dynamically populate the Subscription ID's drop-down selections. |
| Resource Group Name | Select the name of the resource group in which you want to create the network security group. This parameter makes an API call named list_of_resource_groups to dynamically populate the Resource Group Name's drop-down selections. |
| Network Security Group Name | Specify the name of the network security group that you want to create in the Azure Network Security Group. |
| Location | Select the location of the network security group that you want to create in the Azure Network Security Group. This parameter makes an API call named list_of_locations to dynamically populate the Location's drop-down selections. |
| Rule Type | Select whether you want to associate a single rule or multiple (or custom) rules with the network security group that you want to create in the Azure Network Security Group. If you select Single Rule, then you must specify the following parameters:
|
The output contains the following populated JSON schema:
{
"name": "",
"id": "",
"etag": "",
"type": "",
"location": "",
"properties": {
"provisioningState": "",
"resourceGuid": "",
"securityRules": [
{
"name": "",
"id": "",
"etag": "",
"type": "",
"properties": {
"provisioningState": "",
"protocol": "",
"sourcePortRange": "",
"destinationPortRange": "",
"sourceAddressPrefix": "",
"destinationAddressPrefix": "",
"access": "",
"priority": "",
"direction": "",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
],
"defaultSecurityRules": [
{
"name": "",
"id": "",
"etag": "",
"type": "",
"properties": {
"provisioningState": "",
"description": "",
"protocol": "",
"sourcePortRange": "",
"destinationPortRange": "",
"sourceAddressPrefix": "",
"destinationAddressPrefix": "",
"access": "",
"priority": "",
"direction": "",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
]
}
}
| Parameter | Description |
|---|---|
| Subscription ID | Select the subscription credentials that uniquely identify Azure subscription. The subscription ID forms part of the URI for every service call. This parameter makes an API call named list_of_subscriptions to dynamically populate the Subscription ID's drop-down selections. |
| Resource Group Name | Select the name of the resource group from which you want to retrieve a list of all network security groups. This parameter makes an API call named list_of_resource_groups to dynamically populate the Resource Group Name's drop-down selections. |
The output contains the following populated JSON schema:
[
{
"name": "",
"id": "",
"etag": "",
"type": "",
"location": "",
"properties": {
"provisioningState": "",
"resourceGuid": "",
"securityRules": [
{
"name": "",
"id": "",
"etag": "",
"type": "",
"properties": {
"provisioningState": "",
"protocol": "",
"sourcePortRange": "",
"destinationPortRange": "",
"sourceAddressPrefix": "",
"destinationAddressPrefix": "",
"access": "",
"priority": "",
"direction": "",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
],
"defaultSecurityRules": [
{
"name": "",
"id": "",
"etag": "",
"type": "",
"properties": {
"provisioningState": "",
"description": "",
"protocol": "",
"sourcePortRange": "",
"destinationPortRange": "",
"sourceAddressPrefix": "",
"destinationAddressPrefix": "",
"access": "",
"priority": "",
"direction": "",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
]
}
}
]
| Parameter | Description |
|---|---|
| Subscription ID | Select the subscription credentials that uniquely identify Azure subscription. The subscription ID forms part of the URI for every service call. This parameter makes an API call named list_of_subscriptions to dynamically populate the Subscription ID's drop-down selections. |
| Resource Group Name | Select the name of the resource group from which you want to retrieve the specified network security group. This parameter makes an API call named list_of_resource_groups to dynamically populate the Resource Group Name's drop-down selections. |
| Network Security Group Name | Select the name of the network security group whose details you want to retrieve from the specified resource group. This parameter makes an API call named list_of_network_security_groups_only_names to dynamically populate the Network Security Group Name's drop-down selections. |
The output contains the following populated JSON schema:
{
"name": "",
"id": "",
"etag": "",
"type": "",
"location": "",
"properties": {
"provisioningState": "",
"resourceGuid": "",
"securityRules": [
{
"name": "",
"id": "",
"etag": "",
"type": "",
"properties": {
"provisioningState": "",
"protocol": "",
"sourcePortRange": "",
"destinationPortRange": "",
"sourceAddressPrefix": "",
"destinationAddressPrefix": "",
"access": "",
"priority": "",
"direction": "",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
],
"defaultSecurityRules": [
{
"name": "",
"id": "",
"etag": "",
"type": "",
"properties": {
"provisioningState": "",
"description": "",
"protocol": "",
"sourcePortRange": "",
"destinationPortRange": "",
"sourceAddressPrefix": "",
"destinationAddressPrefix": "",
"access": "",
"priority": "",
"direction": "",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
]
}
}
| Parameter | Description |
|---|---|
| Subscription ID | Select the subscription credentials that uniquely identify Azure subscription. The subscription ID forms part of the URI for every service call. This parameter makes an API call named list_of_subscriptions to dynamically populate the Subscription ID's drop-down selections. |
| Resource Group Name | Select the name of the resource group in which you want to update the network security group. This parameter makes an API call named list_of_resource_groups to dynamically populate the Resource Group Name's drop-down selections. |
| Network Security Group Name | Select the name of the network security group that you want to update in the Azure Network Security Group. This parameter makes an API call named list_of_network_security_groups_only_names to dynamically populate the Network Security Group Name's drop-down selections. |
| Operation to Perform on Network Security Group | Select the operation to perform on the Network Security Group. You can choose from following options:
|
The output contains the following populated JSON schema:
{
"name": "",
"id": "",
"etag": "",
"type": "",
"location": "",
"properties": {
"provisioningState": "",
"resourceGuid": "",
"securityRules": [
{
"name": "",
"id": "",
"etag": "",
"type": "",
"properties": {
"provisioningState": "",
"protocol": "",
"sourcePortRange": "",
"destinationPortRange": "",
"sourceAddressPrefix": "",
"destinationAddressPrefix": "",
"access": "",
"priority": "",
"direction": "",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
],
"defaultSecurityRules": [
{
"name": "",
"id": "",
"etag": "",
"type": "",
"properties": {
"provisioningState": "",
"description": "",
"protocol": "",
"sourcePortRange": "",
"destinationPortRange": "",
"sourceAddressPrefix": "",
"destinationAddressPrefix": "",
"access": "",
"priority": "",
"direction": "",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
]
}
}
| Parameter | Description |
|---|---|
| Subscription ID | Select the subscription credentials that uniquely identify Azure subscription. The subscription ID forms part of the URI for every service call. This parameter makes an API call named list_of_subscriptions to dynamically populate the Subscription ID's drop-down selections. |
| Resource Group Name | Select the name of the resource group from which you want to delete the specified network security group. This parameter makes an API call named list_of_resource_groups to dynamically populate the Resource Group Name's drop-down selections. |
| Network Security Group Name | Select the name of the network security group that you want to delete from the specified resource group. This parameter makes an API call named list_of_network_security_groups_only_names to dynamically populate the Network Security Group Name's drop-down selections. |
The output contains the following populated JSON schema:
{
"result": ""
}
The Sample - Azure Network Security Group - 1.2.0 playbook collection comes bundled with the Azure Network Security Group connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Azure Network Security Group connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
You can get authentication tokens to access the Network Security Group APIs using two methods:
For more information, see https://docs.microsoft.com/en-us/azure/virtual-network/network-security-groups-overview.
Microsoft.Authorization/*/readMicrosoft.Insights/alertRules/*Microsoft.Network/*Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.Resources/deployments/*Microsoft.Resources/subscriptions/resourceGroups/readuser_impersonation to the application created in Azure portalMicrosoft.Support/*of type Delegate.TENANT_ID, CLIENT_ID, and REDIRECT_URI with your own tenant ID, client ID, and redirect URL: https://login.microsoftonline.com/TENANT_ID/oauth2/v2.0/authorize?response_type=code&scope=https://management.azure.com/.default offline_access&client_id=CLIENT_ID&redirect_uri=REDIRECT_URIREDIRECT_URI?code=AUTH_CODE&session_state=SESSION_STATEAUTH_CODE (without the code= prefix) and paste it into your instance configuration in the Authorization Code parameter.Microsoft.Authorization/*/readMicrosoft.Insights/alertRules/*Microsoft.Network/*Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.Resources/deployments/*Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Support/*of type Application.