Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

answered 2021-11-17 13:00:00 +0000

nofretete gravatar image

Here is a PowerShell script that can iterate through NSGs, delete existing rules, and then create new ones:

#Connect to Azure
Connect-AzAccount

#Set variables for the subscription and NSG name
$subscriptionId = "your-subscription-id"
$nsgName = "your-nsg-name"

#Get the NSG object
$nsg = Get-AzNetworkSecurityGroup -Name $nsgName -ResourceGroupName YourResourceGroupName

#Delete all existing security rules
$nsg.SecurityRules | ForEach-Object {Remove-AzNetworkSecurityRuleConfig -Name $_.Name -NetworkSecurityGroup $nsg}

#Create new security rules
New-AzNetworkSecurityRuleConfig -Name "Rule1" -Description "Allow traffic on port 80" -Access Allow -Protocol Tcp -Direction Inbound -Priority 300 -SourceAddressPrefix "10.0.0.0/24" -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 80 | Set-AzNetworkSecurityGroup -NetworkSecurityGroup $nsg

New-AzNetworkSecurityRuleConfig -Name "Rule2" -Description "Deny traffic on port 22" -Access Deny -Protocol Tcp -Direction Inbound -Priority 400 -SourceAddressPrefix "10.0.0.0/24" -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 22 | Set-AzNetworkSecurityGroup -NetworkSecurityGroup $nsg

#Update the NSG with the new rules
Set-AzNetworkSecurityGroup -NetworkSecurityGroup $nsg

#Disconnect from Azure
Disconnect-AzAccount

Note: This script assumes that you have already connected to your Azure account using Connect-AzAccount, and that you have replaced "your-subscription-id", "your-nsg-name", and "YourResourceGroupName" with your actual values. You will also need to modify the security rules as needed for your specific needs.


Copyright QStack.ai, 2010-2023. Content on this site is licensed under the Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service | contact