Manage Network Security Groups with PowerShell

Configure Network Security Groups in ARM with PowerShell.

John Savill

August 13, 2016

1 Min Read
Manage Network Security Groups with PowerShell

Q. How do I manage ARM Network Security Groups with PowerShell?

A. Below is example PowerShell I have commented that walks through the various actions of managing Network Security Groups in ARM with PowerShell.

#Set variables for the Resource Group and the location$RGName = 'RG-SCUSA'$Location = 'South Central US'#Create a new rule to allow traffic from the Internet to port 443$NSGRule1 = New-AzureRmNetworkSecurityRuleConfig -Name 'WEB' -Direction Inbound -Priority 100 `    -Access Allow -SourceAddressPrefix 'INTERNET' -SourcePortRange '*' `    -DestinationAddressPrefix '*' -DestinationPortRange '443' -Protocol TCP$Create a new NSG using the Rule createdNew-AzureRmNetworkSecurityGroup -Name "NSGFrontEnd" -Location $Location -ResourceGroupName $RGName `    -SecurityRules $NSGRule1 #could use array of rules or separate by comma, e.g. $Rule1, $Rule2$NSG = Get-AzureRmNetworkSecurityGroup -Name "NSGFrontEnd" -ResourceGroupName $RGName#Add rule to existing to allow RDP Add-AzureRmNetworkSecurityRuleConfig -NetworkSecurityGroup $NSG -Name 'RDP' -Direction Inbound -Priority 101 `    -Access Allow -SourceAddressPrefix 'INTERNET' -SourcePortRange '*' `    -DestinationAddressPrefix '*' -DestinationPortRange '3389' -Protocol TCPSet-AzureRmNetworkSecurityGroup -NetworkSecurityGroup $NSG #Apply the change to the in memory object#Remove a ruleGet-AzurermNetworkSecurityGroup -Name "NSGFrontEnd" -ResourceGroupName $RGName |     Remove-AzureRmNetworkSecurityRuleConfig -Name 'RDP' |    Set-AzureRmNetworkSecurityGroup#NSG must be same region as the resource#Associate a NSG to a Virtual machine NIC$NICName = 'dummyvm292'$NIC = Get-AzureRmNetworkInterface -Name $NICName -ResourceGroupName $RGname$NIC.NetworkSecurityGroup = $NSGSet-AzureRmNetworkInterface -NetworkInterface $NIC#Remove a NSG from a VM NIC$NIC.NetworkSecurityGroup = $nullSet-AzureRmNetworkInterface -NetworkInterface $NIC#Associate a NSG to a subnet$VNetName = 'vnetRG-SCUSA'$VNetRG = 'RG-SCUSA'$SubnetNm = 'Subnet2'$VNET = Get-AzureRmVirtualNetwork -Name $VNetName -ResourceGroupName $VNetRGSet-AzureRmVirtualNetworkSubnetConfig -VirtualNetwork $VNET -Name $SubnetNm `    -AddressPrefix 10.0.1.0/24 -NetworkSecurityGroup $NSGSet-AzureRmVirtualNetwork -VirtualNetwork $VNET#Remove a NSG from the subnet$VNET = Get-AzureRmVirtualNetwork -Name $VNetName -ResourceGroupName $VNetRG$VNSubnet = Get-AzureRmVirtualNetworkSubnetConfig -VirtualNetwork $VNET -Name $SubnetNm$VNSubnet.NetworkSecurityGroup = $nullSet-AzureRmVirtualNetwork -VirtualNetwork $VNET#Delete a NSGRemove-AzureRmNetworkSecurityGroup -Name "NSGFrontEnd" -ResourceGroupName $RGName

 

About the Author(s)

John Savill

John Savill

https://savilltech.net

See more from John Savill
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

You May Also Like

Editor's Choice

robot and human fingers touching
Career Management
Employees Beginning to See Benefits of AI Autonomy in the WorkplaceEmployees Beginning to See Benefits of AI Autonomy in the Workplace
byNathan Eddy
Jul 3, 2024
4 Min Read
cloud-native
Cloud Native
How Cloud-Native Development Benefits SaaSHow Cloud-Native Development Benefits SaaS
byForrester Blog Network
Jun 28, 2024
3 Min Read
abstract string backgroud
PowerShell
Advanced String Manipulation Techniques in PowerShellAdvanced String Manipulation Techniques in PowerShell
byBrien Posey
Jun 28, 2024
3 Min Read