0
# Network Security
1
2
Private endpoint connections and network security perimeter configuration for secure network access to Azure Batch resources.
3
4
## Capabilities
5
6
### Private Endpoint Connection Management
7
8
Manages private endpoint connections for secure network access to Batch accounts.
9
10
```python { .api }
11
def list_by_batch_account(
12
resource_group_name: str,
13
account_name: str,
14
maxresults: int = None,
15
**kwargs: Any
16
) -> ItemPaged[PrivateEndpointConnection]:
17
"""
18
Lists all private endpoint connections in the Batch account.
19
20
Args:
21
resource_group_name (str): The name of the resource group
22
account_name (str): The name of the Batch account
23
maxresults (int, optional): Maximum number of results to return
24
25
Returns:
26
ItemPaged[PrivateEndpointConnection]: List of private endpoint connections
27
"""
28
29
def get(
30
resource_group_name: str,
31
account_name: str,
32
private_endpoint_connection_name: str,
33
**kwargs: Any
34
) -> PrivateEndpointConnection:
35
"""
36
Gets information about the specified private endpoint connection.
37
38
Args:
39
resource_group_name (str): The name of the resource group
40
account_name (str): The name of the Batch account
41
private_endpoint_connection_name (str): The private endpoint connection identifier
42
43
Returns:
44
PrivateEndpointConnection: The private endpoint connection details
45
"""
46
47
def update(
48
resource_group_name: str,
49
account_name: str,
50
private_endpoint_connection_name: str,
51
parameters: PrivateEndpointConnection,
52
if_match: str = None,
53
**kwargs: Any
54
) -> LROPoller[PrivateEndpointConnection]:
55
"""
56
Updates the properties of an existing private endpoint connection.
57
58
Args:
59
resource_group_name (str): The name of the resource group
60
account_name (str): The name of the Batch account
61
private_endpoint_connection_name (str): The private endpoint connection identifier
62
parameters (PrivateEndpointConnection): Connection update parameters
63
if_match (str, optional): ETag value for conditional operations
64
65
Returns:
66
LROPoller[PrivateEndpointConnection]: Long-running operation poller
67
"""
68
69
def delete(
70
resource_group_name: str,
71
account_name: str,
72
private_endpoint_connection_name: str,
73
**kwargs: Any
74
) -> LROPoller[None]:
75
"""
76
Deletes the specified private endpoint connection.
77
78
Args:
79
resource_group_name (str): The name of the resource group
80
account_name (str): The name of the Batch account
81
private_endpoint_connection_name (str): The private endpoint connection identifier
82
83
Returns:
84
LROPoller[None]: Long-running operation poller for the deletion
85
"""
86
```
87
88
### Private Link Resource Discovery
89
90
Discovers available private link resources for creating private endpoints.
91
92
```python { .api }
93
def list_by_batch_account(
94
resource_group_name: str,
95
account_name: str,
96
maxresults: int = None,
97
**kwargs: Any
98
) -> ItemPaged[PrivateLinkResource]:
99
"""
100
Lists the private link resources supported for the Batch account.
101
102
Args:
103
resource_group_name (str): The name of the resource group
104
account_name (str): The name of the Batch account
105
maxresults (int, optional): Maximum number of results to return
106
107
Returns:
108
ItemPaged[PrivateLinkResource]: List of private link resources
109
"""
110
111
def get(
112
resource_group_name: str,
113
account_name: str,
114
private_link_resource_name: str,
115
**kwargs: Any
116
) -> PrivateLinkResource:
117
"""
118
Gets information about the specified private link resource.
119
120
Args:
121
resource_group_name (str): The name of the resource group
122
account_name (str): The name of the Batch account
123
private_link_resource_name (str): The private link resource name
124
125
Returns:
126
PrivateLinkResource: The private link resource details
127
"""
128
```
129
130
### Network Security Perimeter Management
131
132
Manages network security perimeter configurations for advanced network isolation.
133
134
```python { .api }
135
def list_configurations(
136
resource_group_name: str,
137
account_name: str,
138
**kwargs: Any
139
) -> ItemPaged[NetworkSecurityPerimeterConfiguration]:
140
"""
141
Lists all network security perimeter configurations in the Batch account.
142
143
Args:
144
resource_group_name (str): The name of the resource group
145
account_name (str): The name of the Batch account
146
147
Returns:
148
ItemPaged[NetworkSecurityPerimeterConfiguration]: List of NSP configurations
149
"""
150
151
def get_configuration(
152
resource_group_name: str,
153
account_name: str,
154
network_security_perimeter_configuration_name: str,
155
**kwargs: Any
156
) -> NetworkSecurityPerimeterConfiguration:
157
"""
158
Gets information about the specified network security perimeter configuration.
159
160
Args:
161
resource_group_name (str): The name of the resource group
162
account_name (str): The name of the Batch account
163
network_security_perimeter_configuration_name (str): The NSP configuration name
164
165
Returns:
166
NetworkSecurityPerimeterConfiguration: The NSP configuration details
167
"""
168
169
def reconcile_configuration(
170
resource_group_name: str,
171
account_name: str,
172
network_security_perimeter_configuration_name: str,
173
**kwargs: Any
174
) -> LROPoller[None]:
175
"""
176
Reconciles the specified network security perimeter configuration.
177
178
Args:
179
resource_group_name (str): The name of the resource group
180
account_name (str): The name of the Batch account
181
network_security_perimeter_configuration_name (str): The NSP configuration name
182
183
Returns:
184
LROPoller[None]: Long-running operation poller for reconciliation
185
"""
186
```
187
188
## Types
189
190
### Private Endpoint Types
191
192
```python { .api }
193
class PrivateEndpointConnection:
194
id: str
195
name: str
196
type: str
197
etag: str
198
private_endpoint: PrivateEndpoint
199
private_link_service_connection_state: PrivateLinkServiceConnectionState
200
provisioning_state: PrivateEndpointConnectionProvisioningState
201
202
class PrivateEndpoint:
203
id: str
204
205
class PrivateLinkServiceConnectionState:
206
status: PrivateLinkServiceConnectionStatus
207
description: str
208
actions_required: str
209
210
class PrivateLinkResource:
211
id: str
212
name: str
213
type: str
214
properties: dict
215
group_id: str
216
required_members: list
217
required_zone_names: list
218
```
219
220
### Network Security Perimeter Types
221
222
```python { .api }
223
class NetworkSecurityPerimeterConfiguration:
224
id: str
225
name: str
226
type: str
227
properties: NetworkSecurityPerimeterConfigurationProperties
228
229
class NetworkSecurityPerimeterConfigurationProperties:
230
provisioning_state: NetworkSecurityPerimeterConfigurationProvisioningState
231
provisioning_issues: list
232
network_security_perimeter: NetworkSecurityPerimeter
233
resource_association: ResourceAssociation
234
profile: NetworkSecurityProfile
235
236
class NetworkSecurityPerimeter:
237
id: str
238
location: str
239
perimeter_guid: str
240
241
class NetworkSecurityProfile:
242
name: str
243
access_rules_version: int
244
access_rules: list
245
diagnostic_settings_version: int
246
enabled_log_categories: list
247
```
248
249
### Security Enums
250
251
```python { .api }
252
class PrivateEndpointConnectionProvisioningState:
253
SUCCEEDED = "Succeeded"
254
UPDATING = "Updating"
255
DELETING = "Deleting"
256
FAILED = "Failed"
257
258
class PrivateLinkServiceConnectionStatus:
259
PENDING = "Pending"
260
APPROVED = "Approved"
261
REJECTED = "Rejected"
262
DISCONNECTED = "Disconnected"
263
264
class NetworkSecurityPerimeterConfigurationProvisioningState:
265
SUCCEEDED = "Succeeded"
266
CREATING = "Creating"
267
UPDATING = "Updating"
268
DELETING = "Deleting"
269
ACCEPTED = "Accepted"
270
FAILED = "Failed"
271
CANCELED = "Canceled"
272
```
273
274
## Usage Examples
275
276
### Managing Private Endpoint Connections
277
278
```python
279
# List all private endpoint connections
280
pe_connections = client.private_endpoint_connection.list_by_batch_account(
281
"my-resource-group",
282
"my-batch-account"
283
)
284
285
for connection in pe_connections:
286
print(f"Connection: {connection.name}")
287
print(f"Status: {connection.private_link_service_connection_state.status}")
288
print(f"Description: {connection.private_link_service_connection_state.description}")
289
```
290
291
### Approving Private Endpoint Connections
292
293
```python
294
from azure.mgmt.batch.models import (
295
PrivateEndpointConnection,
296
PrivateLinkServiceConnectionState,
297
PrivateLinkServiceConnectionStatus
298
)
299
300
# Get existing connection
301
connection = client.private_endpoint_connection.get(
302
"my-resource-group",
303
"my-batch-account",
304
"my-private-endpoint-connection"
305
)
306
307
# Update connection state to approved
308
connection.private_link_service_connection_state = PrivateLinkServiceConnectionState(
309
status=PrivateLinkServiceConnectionStatus.APPROVED,
310
description="Approved by administrator"
311
)
312
313
# Apply the update
314
operation = client.private_endpoint_connection.update(
315
"my-resource-group",
316
"my-batch-account",
317
"my-private-endpoint-connection",
318
connection
319
)
320
321
updated_connection = operation.result()
322
print(f"Connection approved: {updated_connection.private_link_service_connection_state.status}")
323
```
324
325
### Discovering Private Link Resources
326
327
```python
328
# List available private link resources
329
pl_resources = client.private_link_resource.list_by_batch_account(
330
"my-resource-group",
331
"my-batch-account"
332
)
333
334
for resource in pl_resources:
335
print(f"Resource: {resource.name}")
336
print(f"Group ID: {resource.group_id}")
337
print(f"Required members: {', '.join(resource.required_members)}")
338
if resource.required_zone_names:
339
print(f"Required zones: {', '.join(resource.required_zone_names)}")
340
```
341
342
### Network Security Perimeter Configuration
343
344
```python
345
# List network security perimeter configurations
346
nsp_configs = client.network_security_perimeter.list_configurations(
347
"my-resource-group",
348
"my-batch-account"
349
)
350
351
for config in nsp_configs:
352
print(f"NSP Configuration: {config.name}")
353
print(f"Provisioning State: {config.properties.provisioning_state}")
354
355
if config.properties.provisioning_issues:
356
print("Provisioning Issues:")
357
for issue in config.properties.provisioning_issues:
358
print(f" - {issue.properties.issue_type}: {issue.properties.description}")
359
```
360
361
### Reconciling Network Security Perimeter
362
363
```python
364
# Reconcile a network security perimeter configuration
365
operation = client.network_security_perimeter.reconcile_configuration(
366
"my-resource-group",
367
"my-batch-account",
368
"my-nsp-configuration"
369
)
370
371
# Wait for reconciliation to complete
372
operation.result()
373
print("Network security perimeter reconciliation completed")
374
```
375
376
### Complete Private Endpoint Setup
377
378
```python
379
def setup_private_endpoint_security(resource_group: str, account_name: str):
380
"""Set up private endpoint security for a Batch account."""
381
382
print(f"Setting up private endpoint security for {account_name}...")
383
384
# Discover available private link resources
385
print("\n1. Discovering private link resources...")
386
pl_resources = client.private_link_resource.list_by_batch_account(
387
resource_group, account_name
388
)
389
390
for resource in pl_resources:
391
print(f" Available: {resource.group_id}")
392
393
# List existing private endpoint connections
394
print("\n2. Checking existing connections...")
395
connections = client.private_endpoint_connection.list_by_batch_account(
396
resource_group, account_name
397
)
398
399
pending_connections = []
400
for connection in connections:
401
status = connection.private_link_service_connection_state.status
402
print(f" Connection {connection.name}: {status}")
403
404
if status == PrivateLinkServiceConnectionStatus.PENDING:
405
pending_connections.append(connection)
406
407
# Approve pending connections
408
if pending_connections:
409
print(f"\n3. Approving {len(pending_connections)} pending connections...")
410
for connection in pending_connections:
411
connection.private_link_service_connection_state.status = \
412
PrivateLinkServiceConnectionStatus.APPROVED
413
connection.private_link_service_connection_state.description = \
414
"Auto-approved by setup script"
415
416
operation = client.private_endpoint_connection.update(
417
resource_group, account_name, connection.name, connection
418
)
419
operation.result()
420
print(f" Approved: {connection.name}")
421
422
print("\nPrivate endpoint security setup complete!")
423
424
# Run setup
425
setup_private_endpoint_security("my-resource-group", "my-batch-account")
426
```