-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathUpdateNetworkSecurityGroupRule.ps1
More file actions
42 lines (39 loc) · 1.68 KB
/
Copy pathUpdateNetworkSecurityGroupRule.ps1
File metadata and controls
42 lines (39 loc) · 1.68 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# Authenticate with Azure
$connectionName = "AzureRunAsConnection"
try
{
# Get the connection "AzureRunAsConnection "
$servicePrincipalConnection=Get-AutomationConnection -Name $connectionName
"Logging in to Azure..."
Add-AzureRmAccount `
-ServicePrincipal `
-TenantId $servicePrincipalConnection.TenantId `
-ApplicationId $servicePrincipalConnection.ApplicationId `
-CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint
}
catch {
if (!$servicePrincipalConnection)
{
$ErrorMessage = "Connection $connectionName not found."
throw $ErrorMessage
} else{
Write-Error -Message $_.Exception
throw $_.Exception
}
}
# set Network Security Group name
$NetSecGrp = ""
# set Resource Group name
$ResGrp = ""
# set Network Security Group Rule name
$NetSecRul = ""
# get and store the IP using our Azure Function App's URL
$Dyn_IP = Invoke-WebRequest -URI "https://….azurewebsites.net/api/…&name=Office1" -UseBasicParsing -Method Get
# set Priority
$Priority = ""
# Get the network security group
$nsg = Get-AzureRmNetworkSecurityGroup -Name $NetSecGrp -ResourceGroupName $ResGrp
# Use the pipeline operator to pass the security group in $nsg to Get-AzureRmNetworkSecurityRuleConfig (the security rule configuration)
$nsg | Get-AzureRmNetworkSecurityRuleConfig -Name $NetSecRul
# Update the network security rule
Set-AzureRmNetworkSecurityRuleConfig -Name $NetSecRul -NetworkSecurityGroup $nsg -Access "Allow" -DestinationAddressPrefix * -DestinationPortRange 22 -Direction Inbound -Priority $Priority -Protocol * -SourceAddressPrefix $Dyn_IP -SourcePortRange * | Set-AzureRmNetworkSecurityGroup