module Fog module Network class AzureRM # Real class for Network Request class Real def remove_security_rule(resource_group_name, security_group_name, security_rule_name) Fog::Logger.debug "Deleting security rule #{security_rule_name} from Network Security Group #{security_group_name}." promise = @network_client.network_security_groups.get(resource_group_name, security_group_name) result = promise.value! nsg = result.body updated_security_rule_list = remove_security_rule_from_list(nsg.properties.security_rules, security_rule_name) nsg.properties.security_rules = updated_security_rule_list begin promise = @network_client.network_security_groups.begin_create_or_update(resource_group_name, security_group_name, nsg) result = promise.value! Fog::Logger.debug "Security Rule #{security_rule_name} deleted from Network Security Group #{security_group_name} successfully!" Azure::ARM::Network::Models::NetworkSecurityGroup.serialize_object(result.body) rescue MsRestAzure::AzureOperationError => e msg = "Exception in deleting Security Rule #{security_rule_name} from Network Security Group #{security_group_name} . #{e.body['error']['message']}" raise msg end end def remove_security_rule_from_list(security_rule_list, rule_name) unless security_rule_list.nil? return security_rule_list.select { |sr| sr.name != rule_name } end end end # Mock class for Network Request class Mock def remove_security_rule(resource_group_name, security_group_name, _security_rule_name) { 'id' => "/subscriptions/########-####-####-####-############/resourceGroups/#{resource_group_name}/providers/Microsoft.Network/networkSecurityGroups/#{name}", 'name' => security_group_name, 'type' => 'Microsoft.Network/networkSecurityGroups', 'location' => 'location', 'properties' => { 'securityRules' => [], 'defaultSecurityRules' => [ { 'id' => "/subscriptions/########-####-####-####-############/resourceGroups/#{resource_group_name}/providers/Microsoft.Network/networkSecurityGroups/#{security_group_name}/defaultSecurityRules/AllowVnetInBound", 'properties' => { 'protocol' => '*', 'sourceAddressPrefix' => 'VirtualNetwork', 'destinationAddressPrefix' => 'VirtualNetwork', 'access' => 'Allow', 'direction' => 'Inbound', 'description' => 'Allow inbound traffic from all VMs in VNET', 'sourcePortRange' => '*', 'destinationPortRange' => '*', 'priority' => 65_000, 'provisioningState' => 'Updating' }, 'name' => 'AllowVnetInBound' }, { 'id' => "/subscriptions/########-####-####-####-############/resourceGroups/#{resource_group_name}/providers/Microsoft.Network/networkSecurityGroups/#{security_group_name}/defaultSecurityRules/AllowAzureLoadBalancerInBound", 'properties' => { 'protocol' => '*', 'sourceAddressPrefix' => 'AzureLoadBalancer', 'destinationAddressPrefix' => '*', 'access' => 'Allow', 'direction' => 'Inbound', 'description' => 'Allow inbound traffic from azure load balancer', 'sourcePortRange' => '*', 'destinationPortRange' => '*', 'priority' => 65_001, 'provisioningState' => 'Updating' }, 'name' => 'AllowAzureLoadBalancerInBound' }, { 'id' => "/subscriptions/########-####-####-####-############/resourceGroups/#{resource_group_name}/providers/Microsoft.Network/networkSecurityGroups/#{security_group_name}/defaultSecurityRules/DenyAllInBound", 'properties' => { 'protocol' => '*', 'sourceAddressPrefix' => '*', 'destinationAddressPrefix' => '*', 'access' => 'Deny', 'direction' => 'Inbound', 'description' => 'Deny all inbound traffic', 'sourcePortRange' => '*', 'destinationPortRange' => '*', 'priority' => 65_500, 'provisioningState' => 'Updating' }, 'name' => 'DenyAllInBound' }, { 'id' => "/subscriptions/########-####-####-####-############/resourceGroups/#{resource_group_name}/providers/Microsoft.Network/networkSecurityGroups/#{security_group_name}/defaultSecurityRules/AllowVnetOutBound", 'properties' => { 'protocol' => '*', 'sourceAddressPrefix' => 'VirtualNetwork', 'destinationAddressPrefix' => 'VirtualNetwork', 'access' => 'Allow', 'direction' => 'Outbound', 'description' => 'Allow outbound traffic from all VMs to all VMs in VNET', 'sourcePortRange' => '*', 'destinationPortRange' => '*', 'priority' => 65_000, 'provisioningState' => 'Updating' }, 'name' => 'AllowVnetOutBound' }, { 'id' => "/subscriptions/########-####-####-####-############/resourceGroups/#{resource_group_name}/providers/Microsoft.Network/networkSecurityGroups/#{security_group_name}/defaultSecurityRules/AllowInternetOutBound", 'properties' => { 'protocol' => '*', 'sourceAddressPrefix' => '*', 'destinationAddressPrefix' => 'Internet', 'access' => 'Allow', 'direction' => 'Outbound', 'description' => 'Allow outbound traffic from all VMs to Internet', 'sourcePortRange' => '*', 'destinationPortRange' => '*', 'priority' => 65_001, 'provisioningState' => 'Updating' }, 'name' => 'AllowInternetOutBound' }, { 'id' => "/subscriptions/########-####-####-####-############/resourceGroups/#{resource_group_name}/providers/Microsoft.Network/networkSecurityGroups/#{security_group_name}/defaultSecurityRules/DenyAllOutBound", 'properties' => { 'protocol' => '*', 'sourceAddressPrefix' => '*', 'destinationAddressPrefix' => '*', 'access' => 'Deny', 'direction' => 'Outbound', 'description' => 'Deny all outbound traffic', 'sourcePortRange' => '*', 'destinationPortRange' => '*', 'priority' => 65_500, 'provisioningState' => 'Updating' }, 'name' => 'DenyAllOutBound' } ], 'resourceGuid' => '9dca97e6-4789-4ebd-86e3-52b8b0da6cd4', 'provisioningState' => 'Updating' } } end end end end end