You are here:   Blog
Register   |  Login

Blog Archive:

* Can be used in order to search for older blogs Entries

Search in blogs

Blog Categories:

* Can be used in order to search for blogs Entries by Categories

Blog Tags:

* Can be used in order to search for blogs by keywords


Awared MVP


Microsoft® Community Contributor 

Microsoft® Community Contributor

 Read this before you use the blog! Maximize

Recent Entries


Written by: ronen ariely
10/11/2022 20:56 RssIcon

Simple script to edit Azure VM Firewall rule using PowerShell and use the current public IP. This can be use to update for example the RDP rule or the SQL Server rule so we will be able to connect the server from local location.

#------------------------------------ Input
$FirewallRule_Name = "RDP" # use rule name like: SQL_Port_1433
$My_ResourceGroupName = "Your_Resource_Group_Name"
$My_nsg_Name = "Your_VM_nsg_Name"
#------------------------------------ Change Firewall rule
$myIP = (Invoke-WebRequest -uri "https://api.ipify.org/" -UseBasicParsing).Content
$Mew_IP = [System.String[]] @($myIP)
$nsg = Get-AzNetworkSecurityGroup -ResourceGroupName $My_ResourceGroupName -Name $My_nsg_Name
($nsg.SecurityRules | Where-Object {$_.Name -eq $FirewallRule_Name}).SourceAddressPrefix = ($Mew_IP)
$nsg | Set-AzNetworkSecurityGroup | Get-AzNetworkSecurityRuleConfig -Name $FirewallRule_Name

If you encounter issue connecting the Azure then follow these:

#  Open PS as Administrator
Install-Module Az
# Can take long time until the installation start
Import-Module Az
# If you get error:
# cannot be loaded because running scripts is disabled on this system.
# Check current policy:
# We can set to:
# Restricted – No scripting allowed
# Unrestricted - remove all restrictions on your security policy
# RemoteSigned – Good for Test, Dev environments. Only files from the internet need to be signed. This is the default setting in servers.
# AllSigned  – local, remote script, it should be signed by a trusted publisher.
# If you get "Restricted" then you can change it on your own responsibility!
# Do it only on developing machine
Set-ExecutionPolicy RemoteSigned
# Now try again:
Import-Module Az
# You might get some alerts
# If we get errors/alerts then using the following command will work
# This option allow us to use the browser login first
# and then we use the machine Authentication
Connect-AzAccount -UseDeviceAuthentication
# Get all scriptions
# Get specific scriptions
Get-AzSubscription -SubscriptionId <add your subscription id here>