[Azure]使用Powershell输出某台ARM虚拟机的NSG
来源:互联网 发布:电力系统短路计算软件 编辑:程序博客网 时间:2024/05/16 19:01
这个脚本用于输出ARM模式下虚拟机的NSG,对于多网卡虚拟机也同样适用。可以输出所有网络接口的NSG以及虚拟机所在子网的NSG。
脚本如下:
param( #The name of the subscription to take all the operations within. [Parameter(Mandatory = $true)] [string]$SubscriptionName, # Resource Group Name. [Parameter(Mandatory = $true)] [string]$ResourceGroupName, # Virtual Machine Name. [Parameter(Mandatory = $true)] [string]$VMName)$cred = Get-Credential;Login-AzureRmAccount -EnvironmentName AzureChinaCloud -Credential $cred;Select-AzureRmSubscription -SubscriptionName $SubscriptionName;Function GetResourceNameFromResourceId($resourceId){ return $resourceId.Substring($resourceId.LastIndexOf('/')+1);}Function GetResourcePropertyFromResourceId($resourceId, $propertyName){ $propertyName = $propertyName + "/"; $rgName = $resourceId.Substring($resourceId.IndexOf($propertyName)+$propertyName.Length); return $rgName.Substring(0, $rgName.IndexOf("/"));}Function PrintVirtualMachineNetworkSecurityRules($vm){ #loop all the network interfaces $customRules = New-Object System.Collections.ArrayList; #$defaultRules = New-Object System.Collections.ArrayList; $duplicateRules = New-Object System.Collections.ArrayList; foreach($nic in $vm.NetworkProfile.NetworkInterfaces) { # get network interface object $nicId = $nic.Id; $nicName = GetResourceNameFromResourceId $nicId; $nicRgName = GetResourcePropertyFromResourceId $nicId "resourceGroups"; $interface = Get-AzureRmNetworkInterface -Name $nicName -ResourceGroupName $nicRgName; # get nsg for this network interface $nicNsgId = $interface.NetworkSecurityGroup.Id; if($nicNsgId -ne $NULL) { if(!$duplicateRules.Contains($nicNsgId)) { $duplicateRules.Add($nicNsgId); $nicNsgName = GetResourceNameFromResourceId $nicNsgId; $nicNsgRgName = GetResourcePropertyFromResourceId $nicNsgId "resourceGroups"; $nicNsg = Get-AzureRmNetworkSecurityGroup -Name $nicNsgName -ResourceGroupName $nicNsgRgName; $nicNsgCustomRules = $nicNsg.SecurityRules; foreach($nicNsgCustomRule in $nicNsgCustomRules) { $customRules.Add(@{RuleName=$nicNsgCustomRule.Name; Protocol=$nicNsgCustomRule.Protocol; Source=$nicNsgCustomRule.SourceAddressPrefix; SourcePort=$nicNsgCustomRule.SourcePortRange; Dest=$nicNsgCustomRule.DestinationAddressPrefix; DestPortRange=$nicNsgCustomRule.DestinationPortRange; Access=$nicNsgCustomRule.Access; Priority=$nicNsgCustomRule.Priority; Direction=$nicNsgCustomRule.Direction; Catagory="Interface NSG";}); } #$nicNsgDefaultRules = $nicNsg.DefaultSecurityRules; #foreach($nicNsgDefaultRule in $nicNsgDefaultRules) #{ # $customRules.Add(@{RuleName=$nicNsgDefaultRule.Name; Protocol=$nicNsgDefaultRule.Protocol; Source=$nicNsgDefaultRule.SourceAddressPrefix; SourcePort=$nicNsgDefaultRule.SourcePortRange; Dest=$nicNsgDefaultRule.DestinationAddressPrefix; DestPortRange=$nicNsgDefaultRule.DestinationPortRange; Access=$nicNsgDefaultRule.Access; Priority=$nicNsgDefaultRule.Priority; Direction=$nicNsgDefaultRule.Direction;}); #} } } # get subnet object $subnetId = $interface.IpConfigurations.Subnet.Id; $subnetName = GetResourceNameFromResourceId $subnetId; $subnetRgName = GetResourcePropertyFromResourceId $subnetId "resourceGroups"; $virtualNetworkName = GetResourcePropertyFromResourceId $subnetId "virtualNetworks"; $vnet = Get-AzureRmVirtualNetwork -Name $virtualNetworkName -ResourceGroupName $subnetRgName; $subnet = Get-AzureRmVirtualNetworkSubnetConfig -Name $subnetName -VirtualNetwork $vnet # get nsg for the subnet $subnetNsgId = $subnet.NetworkSecurityGroup.Id; if($subnetNsgId -ne $NULL) { if(!$duplicateRules.Contains($subnetNsgId)) { $duplicateRules.Add($subnetNsgId); $subnetNsgName = GetResourceNameFromResourceId $subnetNsgId; $subnetNsgRgName = GetResourcePropertyFromResourceId $subnetNsgId "resourceGroups"; $subnetNsg = Get-AzureRmNetworkSecurityGroup -Name $subnetNsgName -ResourceGroupName $subnetNsgRgName; $subnetNsgCustomRules = $subnetNsg.SecurityRules; foreach($subnetNsgCustomRule in $subnetNsgCustomRules) { $customRules.Add(@{RuleName=$subnetNsgCustomRule.Name; Protocol=$subnetNsgCustomRule.Protocol; Source=$subnetNsgCustomRule.SourceAddressPrefix; SourcePort=$subnetNsgCustomRule.SourcePortRange; Dest=$subnetNsgCustomRule.DestinationAddressPrefix; DestPortRange=$subnetNsgCustomRule.DestinationPortRange; Access=$subnetNsgCustomRule.Access; Priority=$subnetNsgCustomRule.Priority; Direction=$subnetNsgCustomRule.Direction; Catagory="Subnet NSG";}); } #$subnetNsgDefaultRules = $subnetNsg.DefaultSecurityRules; #foreach($subnetNsgDefaultRule in $subnetNsgDefaultRules) #{ # $customRules.Add(@{RuleName=$subnetNsgDefaultRule.Name; Protocol=$subnetNsgDefaultRule.Protocol; Source=$subnetNsgDefaultRule.SourceAddressPrefix; SourcePort=$subnetNsgDefaultRule.SourcePortRange; Dest=$subnetNsgDefaultRule.DestinationAddressPrefix; DestPortRange=$subnetNsgDefaultRule.DestinationPortRange; Access=$subnetNsgDefaultRule.Access; Priority=$subnetNsgDefaultRule.Priority; Direction=$subnetNsgDefaultRule.Direction;}); #} } } } $customRules | select @{Name="Name"; Expression={$_["RuleName"]}}, @{Name="Protocol";Expression={$_["Protocol"]}}, @{Name="Source"; Expression={$_["Source"]}}, @{Name="SourcePort"; Expression={$_["SourcePort"]}}, @{Name="Dest"; Expression={$_["Dest"]}}, @{Name="DestPortRange"; Expression={$_["DestPortRange"]}}, @{Name="Access"; Expression={$_["Access"]}}, @{Name="Priority"; Expression={$_["Priority"]}}, @{Name="Direction"; Expression={$_["Direction"]}}, @{Name="Catagory"; Expression={$_["Catagory"]}} | Out-GridView;}$vm = Get-AzureRmVM -ResourceGroupName $ResourceGroupName -Name $VMName;PrintVirtualMachineNetworkSecurityRules $vm;
调用方法:
[ARM]show_virtual_machine_nsgs.ps1 -SubscriptionName <Subscription Name> -ResourceGroupName <ResourceGroupName> -VMName <VM Name>
输出结果:
50 0
- [Azure]使用Powershell输出某台ARM虚拟机的NSG
- [Azure]使用Powershell输出某台ASM虚拟机的NSG和ACL
- [Azure]使用Azure Powershell查看ARM模式下Azure存储中的vhd文件对应的虚拟机
- [Azure]使用Powershell输出Azure订阅下所有虚拟机的ACL信息
- [Azure]使用Powershell重新生成ARM虚拟机网卡
- [Azure]使用Powershell将ARM虚拟机加入可用性集
- [Azure]使用Powershell克隆ARM虚拟机(非托管磁盘)
- [Azure]使用Powershell克隆ARM虚拟机(托管磁盘)
- [Azure]使用Powershell获取ARM模式下可用的虚拟机平台映像信息
- [Azure]使用Powershell调整ARM虚拟机的系统磁盘和数据磁盘大小
- [Azure]使用Azure Powershell输出ARM模式下某个账号中所有订阅下的虚拟网络拓扑
- 使用Azure powershell 创建Azure虚拟机
- [Azure]使用Azure Powershell查看ASM模式下Azure存储中的vhd文件对应的虚拟机
- [Azure][ARM]关于NSG规则配置时的VirtualNetwork和AzureLoadbalancer参数
- [Azure]使用Powershell将ARM虚拟机(托管磁盘)加入可用性集
- [Azure]使用Powershell删除ARM模式下单台虚拟机及相关资源(非托管磁盘)
- [Azure]使用Powershell删除ARM模式下单台虚拟机及相关资源(托管磁盘)
- 使用Powershell 管理Azure云端虚拟机!
- Java基础(流程控制语句、方法、数组)
- 【HDU-OJ】-6016-Count the Sheep(二分图,vector)
- use vue vuex vue-router, not use webpack
- 51nod 贪心入门之四 独木舟问题
- JAVA 加密技术
- [Azure]使用Powershell输出某台ARM虚拟机的NSG
- Adaboost+Haar
- Android开发五大布局
- 文章标题 HDU-3067 小t的游戏
- 58. Length of Last Word
- Android-自定义环形统计图
- POJ1308 Is It A Tree? 并查集
- 【Codeforces 776 D The Door Problem】+ 并查集
- ===运算符