Home > Enterprise >  Using Powershell to modify azure nsg rule
Using Powershell to modify azure nsg rule

Time:11-03

I have a nsg in azure, inside ths nsg i have a rule which blocks specific ip's. i need to write a powershell script that can add ips in to the specific rule i cannot find a way to do it nor can i find documentation about it..

(Get-AzNetworkSecurityGroup -name blabla-test | Get-AzNetworkSecurityRuleConfig -name "blabla").SourceAddressPrefix

also tried (as seen in doc):

Get-AzNetworkSecurityGroup -ResourceGroupName "blabla" -name blabla-sg-test | Add-AzNetworkSecurityRuleConfig -Name "testik" -Description "creted automatic" -Protocol "*" -SourcePortRange "*" -DestinationPortRange "*" -SourceAddressPrefix "1.2.3.4" -Access "Deny" -Priority 200 -Direction "Inbound" | Set-AzNetworkSecurityGroup

there's gotta be a simple way or even just A way

CodePudding user response:

Please try the following:

$NSG = Get-AzNetworkSecurityGroup -Name 'yournsgname' -ResourceGroupName 'nsgrgname'

$Params = @{
  'Name'                     = 'allowRDP'
  'NetworkSecurityGroup'     = $NSG
  'Protocol'                 = 'TCP'
  'Direction'                = 'Inbound'
  'Priority'                 = 200
  'SourceAddressPrefix'      = '1.2.3.4'
  'SourcePortRange'          = '*'
  'DestinationAddressPrefix' = '*'
  'DestinationPortRange'     = 3389
  'Access'                   = 'Allow'
}

Add-AzNetworkSecurityRuleConfig @Params | Set-AzNetworkSecurityGroup
  • Related