What’s wrong with removing a RouteTable association with AzureAz Powershell

31st of July, 2019 / / 1 Comment

Originally published on Lucian’s blog, lucian.blog. Follow Lucian on Twitter @LucianFrango.

Background

For a change recently, I needed to disassociate Azure RouteTable’s from subnets, specifically: I needed to this at scale. It wasn’t a matter of a couple of RouteTable’s. Rather, the design had close to a RouteTable per subnet (with many subnets across many VNETs). The environment is also spread across multiple logical zone types and VNETs are also spread across multiple subscriptions.… [Keep reading] “What’s wrong with removing a RouteTable association with AzureAz Powershell”

Deploying a SailPoint IdentityNow Virtual Appliance in Azure

3rd of May, 2018 / / No Comments

Introduction

The CentOS image that SailPoint provide for the IdentityNow Virtual Appliance that performs integration between ‘Sources’ and IdentityNow is VMWare based. I don’t have any VMWare Infrastructure to run it on and really didn’t want to run up any VMWare environments for this component. All my other infrastructure is in Azure. I’d love to run my VA(s) in Azure too.
In discussions with SailPoint I understand it is simply a case that they haven’t certified their CentOS image on Azure.… [Keep reading] “Deploying a SailPoint IdentityNow Virtual Appliance in Azure”

Enabling and Scripting Azure Virtual Machine Just-In-Time Access

24th of July, 2017 / / No Comments

Last week (19 July 2017) one of Microsoft’s Azure Security Center’s latest features went from Private Preview to Public Preview. The feature is Azure Just in time Virtual Machine Access.

What is Just in time Virtual Machine access ?

Essentially JIT VM Access is a wrapper for automating an Azure Network Security Group rule set for access to an Azure VM(s) for a temporal period on a set of network ports restricted to a source IP/Network.… [Keep reading] “Enabling and Scripting Azure Virtual Machine Just-In-Time Access”

Automating Source IP Address updates on an Azure Network Security Group RDP Access Rule

25th of April, 2017 / / No Comments

Recently I’ve migrated a bunch of Virtual Box Virtual Machines to Azure as detailed here. These VM’s are in Resource Groups with a Network Security Group associated that restricts access to them for RDP based on a source TCPIP address. All good practice. However from a usability perspective, when I want to use these VM’s, I’m not always in the same location, and rarely on a connection with a static IP address.
This post details a simple little script that;

  • Has a couple of variables associated with a Resource Group, Network Security Group, Virtual Machine Name and an RDP Configuration File associated with the VM
  • Gets the public IP Address of the machine I’m running the script from
  • Prompts for Authentication to Azure, and retrieves the NSG associated with the Resource Group
  • Compares the Source IP Address in the ‘RDP’ Inbound Rule to my current IP Address.
[Keep reading] “Automating Source IP Address updates on an Azure Network Security Group RDP Access Rule”

How to quickly recover from a FAILED AzureRM Virtual Machine using Powershell

25th of August, 2016 / / 3 Comments

Problem

I have a development sandpit in Azure which I use quite a lot to test and mess with different ideas and concepts. This week when shutting it down things didn’t go that smoothly. All but one virtual machine finally stopped and de-allocated, but one virtual machine just didn’t make it. I tried resizing the VM. I tried changing the configuration of it and obviously tried starting it up many times via the portal and Powershell all without any success.… [Keep reading] “How to quickly recover from a FAILED AzureRM Virtual Machine using Powershell”

PowerShell error “Run Login-AzureRmAccount to login.” in AzureRM when already logged in

12th of July, 2016 / / 5 Comments

Usually when I’m writing PowerShell scripts I do it from a development virtual machine with a known environment state. However, yesterday I was trying to do something simple and quick and was writing it on my everyday laptop.

My script was using Windows Management Framework 5.0 and I was creating a new burn environment in AzureRM. I was authenticated and could query and enumerate most of my AzureRM environment, however I was getting erroneous responses on some cmdlets and was unable to create a new resource group.… [Keep reading] “PowerShell error “Run Login-AzureRmAccount to login.” in AzureRM when already logged in”