Citrix Virtual Apps and Desktops SDK

Grant-HypSecurityGroupIngress

Adds an ingress rule to a security group.

Syntax

Grant-HypSecurityGroupIngress
     [-LiteralPath] <String>
     -Protocol <String>
     [-FromPort <Decimal>]
     [-ToPort <Decimal>]
     -GroupId <String[]>
     [-LoggingId <Guid>]
     [<CitrixCommonParameters>]
     [<CommonParameters>]
<!--NeedCopy-->
Grant-HypSecurityGroupIngress
     [-LiteralPath] <String>
     -Protocol <String>
     [-FromPort <Decimal>]
     [-ToPort <Decimal>]
     -IPRange <String[]>
     [-LoggingId <Guid>]
     [<CitrixCommonParameters>]
     [<CommonParameters>]
<!--NeedCopy-->

Description

This cmdlet is deprecated. Adding an egress rule permits network traffic from source CIDR IP address ranges or security groups to pass to instances within a security group.

Examples

EXAMPLE 1

Create a security group and grant ingress on port 80 from anywhere.

$Group = New-Item -ItemType SecurityGroup -Path XDHyp:\Connections\AWS -Name MySecurityGroup -Description 'Example group'
Grant-HypSecurityGroupIngress $Group.FullPath -FromPort 80 -ToPort 80 -Protocol tcp -IPRange '0.0.0.0/0'
<!--NeedCopy-->

EXAMPLE 2

Make 2 security groups and permit group 1 access to group 2 only on port 8080 while granting full access to group 1 from group 2.

$Group1 = New-Item -ItemType SecurityGroup -Path XDHyp:\Connections\AWS -Name MySecurityGroup1 -Description 'Example group 1'
$Group2 = New-Item -ItemType SecurityGroup -Path XDHyp:\Connections\AWS\MySecurityGroup2 -Description 'Example group 2'
Grant-HypSecurityGroupEgress $Group1.FullPath -FromPort 8080 -ToPort 8080 -Protocol tcp -GroupId $Group2.Id
Grant-HypSecurityGroupIngress $Group2.FullPath -FromPort 8080 -ToPort 8080 -Protocol tcp -GroupId $Group1.Id
Grant-HypSecurityGroupEgress $Group2.FullPath -Protocol '-1' -GroupId $Group1.Id
Grant-HypSecurityGroupIngress $Group1.FullPath -Protocol '-1' -GroupId $Group2.Id
<!--NeedCopy-->

Parameters

-LiteralPath

Specifies the full XDHyp provider path to the security group, equivalent to the FullPath property of the security group object. The path can specify a security group relative to a hypervisor conection or hosting unit.

Type: String
Position: 1
Default value: None
Required: True
Accept pipeline input: True (ByValue)
Accept wildcard characters: False

-Protocol

Specifies the protocol name or number. Protocol numbers can be found at: http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml

Use -1 to specify all protocols.

Type: String
Position: Named
Default value: None
Required: True
Accept pipeline input: False
Accept wildcard characters: False

-GroupId

Specifies one or more source security groups from which traffic will be permitted by this rule. This parameter cannot be specified in conjunction with IPRange.

Type: String[]
Position: Named
Default value: None
Required: True
Accept pipeline input: False
Accept wildcard characters: False

-IPRange

Specifies one or more source CIDR IP address ranges from which traffic will be permitted by this rule. This parameter cannot be specified in conjunction with IPRange.

Type: String[]
Position: Named
Default value: None
Required: True
Accept pipeline input: False
Accept wildcard characters: False

-FromPort

The start of the port range for port based protocols. For ICMP this specifies the type number.

Use -1 to specify all ICMP types.

Type: Decimal
Position: Named
Default value: 0
Required: False
Accept pipeline input: False
Accept wildcard characters: False

-ToPort

The end of the port range for port based protocols. For ICMP this specifies the type number, where -1 can be used to specify all ICMP types.

Type: Decimal
Position: Named
Default value: 0
Required: False
Accept pipeline input: False
Accept wildcard characters: False

-LoggingId

Specifies the identifier of the high-level operation this cmdlet call forms a part of. Citrix Studio and Director typically create high-level operations. PowerShell scripts can also wrap a series of cmdlet calls in a high-level operation by way of the Start-LogHighLevelOperation and Stop-LogHighLevelOperation cmdlets.

Type: Guid
Position: Named
Default value: None
Required: False
Accept pipeline input: False
Accept wildcard characters: False

CitrixCommonParameters

This cmdlet supports the common Citrix parameters: -AdminAddress, -AdminClientIP, -BearerToken, -TraceParent, -TraceState and -VirtualSiteId. For more information, see about_CitrixCommonParameters.

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Inputs

String

The LiteralPath can be piped in.

Outputs

None

By default, this cmdlet returns no output.

Notes

Security groups can be added and removed using the New-Item and Remove-Item cmdlets.

Grant-HypSecurityGroupIngress