C# 如何使用Azure Mgmt SDK获取端点统计信息和危险端点列表
我正在使用以编程方式(C#.NET核心Web app)在Azure中获取资源,并尝试通过提供服务主体(CS)获取资源信息,如下所示C# 如何使用Azure Mgmt SDK获取端点统计信息和危险端点列表,c#,azure,.net-core,azure-management-api,C#,Azure,.net Core,Azure Management Api,我正在使用以编程方式(C#.NET核心Web app)在Azure中获取资源,并尝试通过提供服务主体(CS)获取资源信息,如下所示 string subscriptionId = "xxx"; string clientId = "xxx"; string tenantId = "xxx"; string clientSecret = "xxx"
string subscriptionId = "xxx";
string clientId = "xxx";
string tenantId = "xxx";
string clientSecret = "xxx";
AzureCredentials cred = new AzureCredentialsFactory()
.FromServicePrincipal(
clientId,
clientSecret,
tenantId,
AzureEnvironment.AzureGlobalCloud
);
var azure = Azure.Configure()
.WithLogLevel(HttpLoggingDelegatingHandler.Level.Basic)
.Authenticate(cred)
.WithSubscription(subscriptionId);
任何示例代码(C#.NET Core Web app),以查找端点统计信息(循环NSG中的开放端口并详细列出它们)和危险端点(循环NSG中的开放端口并识别3389/22等端口)
请提供以上建议
如果您的意思是列出NSG->入站安全规则中的所有端口,请多谢,如下面的屏幕截图: 然后您可以使用如下代码:
foreach (var nsg in azure.NetworkSecurityGroups.List())
{
var rules = nsg.SecurityRules;
foreach (var r in rules)
{
Console.WriteLine($"*** the NSG: {r.Value.Name} ***");
if (r.Value.DestinationPortRange != null)
{
//after you get the port, you can apply your logic here.
Console.WriteLine(r.Value.DestinationPortRange);
}
if (r.Value.DestinationPortRanges != null)
{
foreach (var port in r.Value.DestinationPortRanges)
{
//after you get the port, you can apply your logic here.
Console.WriteLine(port);
}
}
Console.WriteLine("**end**");
}
}
感谢@ivan Yang,,的回应和帮助 下面是工作代码,我根据我的
var ntwrrkDetails = new List<EndTcpPorts>();
EndTcpPorts objEndTcpPorts; // cls object
foreach (var nsg in azure.NetworkSecurityGroups.List())
{
objEndTcpPorts = new EndTcpPorts();
objEndTcpPorts.ResourceGroup = nsg.ResourceGroupName.ToString();
try
{
var rules = nsg.SecurityRules;
foreach (var r in rules)
{
try
{
objEndTcpPorts.NSGName = r.Value.Name.ToString();
}
catch (Exception)
{
objEndTcpPorts.NSGName = "";
}
if (r.Value.DestinationPortRanges != null)
{
try
{
//get ports
objEndTcpPorts.TcpPorts = r.Value.DestinationPortRange.ToString(); //((Microsoft.Azure.Management.ResourceManager.Fluent.Core.IndexableWrapper<Microsoft.Azure.Management.Network.Fluent.Models.SecurityRuleInner>)r.Value).Inner.Protocol.Value.ToString();
}
catch (Exception)
{
objEndTcpPorts.TcpPorts = "";
}
}
}
}
catch (Exception)
{
continue;
}
ntwrrkDetails.Add(objEndTcpPorts); // add to list
}
var ntwrrkDetails=new List();
EndTcpPorts objEndTcpPorts;//cls对象
foreach(azure.NetworkSecurityGroups.List()中的var nsg)
{
objEndTcpPorts=新的EndTcpPorts();
objEndTcpPorts.ResourceGroup=nsg.ResourceGroupName.ToString();
尝试
{
var规则=nsg.SecurityRules;
foreach(规则中的var r)
{
尝试
{
objEndTcpPorts.NSGName=r.Value.Name.ToString();
}
捕获(例外)
{
objEndTcpPorts.NSGName=“”;
}
if(r.Value.DestinationPortRanges!=null)
{
尝试
{
//获取端口
objEndTcpPorts.TcpPorts=r.Value.DestinationPortRange.ToString();/((Microsoft.Azure.Management.ResourceManager.Fluent.Core.IndexableWrapper)r.Value)Inner.Protocol.Value.ToString();
}
捕获(例外)
{
objEndTcpPorts.TcpPorts=“”;
}
}
}
}
捕获(例外)
{
继续;
}
ntwrrkDetails.Add(objEndTcpPorts);//添加到列表
}
现在,我们可以将tcp端口中的(危险端点)检查为NSG中的开放端口,并识别3389/22或*
非常感谢,请提供您尝试过的代码。foreach(azure.NetworkSecurityGroups.List()中的var nsg){foreach(nsg.NetworkInterfaceIds中的var nic){try{//如何查找端点统计信息(在NSG中循环打开的端口并详细列出它们)//和危险端点}catch{}}}@AnirbanGoswami,只需确认,是否要在NSG->入站安全规则中列出所有端口?