1. 首页
  2. 问答
  3. 如何从代码创建天蓝色云服务的访问控制规则?

如何从代码创建天蓝色云服务的访问控制规则?

2016-11-21 133 views
1

我的云服务中有一个类似于下面的网络访问控制列表。如何以编程方式而不是从配置文件配置?如何从代码创建天蓝色云服务的访问控制规则?

其中一些IP地址可能会更改。我想解决从域名的IP地址,并添加配置:

<NetworkConfiguration> 
<AccessControls> 
    <AccessControl name="security"> 
    <Rule action="permit" description="Allow access from A" order="100" remoteSubnet="xxx.xxx.xxx.xxx/32" /> 
    <Rule action="permit" description="Allow access from B" order="200" remoteSubnet="xxx.xxx.xxx.xxx/32" /> 
    <Rule action="permit" description="Allow access from C" order="300" remoteSubnet="xxx.xxx.xxx.xxx/32" /> 
    <Rule action="deny" description="Deny access to everyone else" order="400" remoteSubnet="0.0.0.0/0" /> 
    </AccessControl> 
</AccessControls>

来源

2016-11-21 Vijay

回答

0

好的。我最终编写了一个控制台应用程序,该应用程序在构建期间被调用,该应用程序获取除去云服务的IP地址,并检查它是否与配置文件中的内容相对应。

如果不是,那我更新它。非常简单。

这里是构建命令:

$(SolutionDir)<MyProjectName>\$(OutDir)$(ConfigurationName)\MyExeName Update-FrontEnd-IPAddress-For-Azure-MicroService "$(SolutionDir)<AzureDeploymentProjectName>\ServiceConfiguration.Cloud.cscfg"

控制台应用程序的功能:

 private static void HandleCheckRoleEnvironment(string[] args) 
     { 
      if (args[0] == "Check-Role-Environment") 
      { 
       Console.WriteLine("Found Command: Check-Role-Environment"); 

       if (RoleEnvironment.IsAvailable && !RoleEnvironment.IsEmulated) 
       { 
        Console.WriteLine("Running in Azure Cloud Environment"); 
        Environment.Exit(0); 
        return; 
       } 
       else 
       { 
        Console.WriteLine("NOT Running in Azure Cloud Environment"); 
        Environment.Exit(1); 
        return; 
       } 
      } 
     }

这里是更新配置文件中的代码:

 private static void ExecuteUpdateFrontEndIPAddressForAzureMicroService(string configFilePath) 
     { 
      if (!File.Exists(configFilePath)) 
      { 
       return; 
      } 

      var ipAddressList = Dns.GetHostAddresses("MyDomainName"); 
      Console.WriteLine($"The IP address for MyDomainName is {ipAddressList[0].ToString()}"); 

      var correctValue = $"{ipAddressList[0].ToString()}/32"; 

      var document = new XmlDocument(); 
      document.Load(configFilePath); 

      //Rule nodes 
      var rules = document.ChildNodes[1].LastChild.FirstChild.FirstChild.ChildNodes; 

      var rule = (from XmlNode p in rules 
         where p.Attributes["description"].Value == "Allow access from MyDomainName" 
         select p).FirstOrDefault(); 

      var ipAddressValue = rule.Attributes["remoteSubnet"].Value; 
      Console.WriteLine($"The IP address in the config file is {ipAddressValue}"); 

      if (correctValue != ipAddressValue) 
      { 
       rule.Attributes["remoteSubnet"].Value = correctValue; 
       document.Save(configFilePath); 

       Console.WriteLine("The config file has been updated with the correct IP address."); 
      } 
      else 
      { 
       Console.WriteLine("The config file is upto date and will not be updated."); 
      } 
     }

来源

2016-12-05 16:18:12 Vijay

相关问题

 相关问题