Last week I came across a small toolkit, built by Mark Scholman, a Dutch ITpro, blogging with Hyper-V.nu and via his personal blog. This toolkit has some interesting features, not available through a Graphical User Interface (GUI) before. Before we can explore those features, you’ll need to connect the toolkit to your Azure Subscription. But even before you can accomplish thát task, you will need to have the Microsoft Azure Powershell cmdlets installed. When you haven’t installed this, the tool kindly requests you to do so.
After you’ve taken care of this pre-requisite, you can connect your Azure subscription, by clicking the “Add Azure Account” button. This will open a pop-up where you can enter the proper credentials. Afterwards you will find all of your subscriptions in the drop-down menu to the left.
Select the subscription you want to service at this time in the drop-down menu. In the principal screen, you have the basic controls of VM’s. These virtual machines can be selected based on the availability of a cloud service. When the appropriate Cloud Service is chosen, the underlying virtual machines are shown. When you’ve selected a Virtual Machine, you can start, stop delete or connect to it through RDP. So far, nothing out of the ordinary for IT pro’s, currently using one of the Azure Web portals, App Controller, or VMM 2016. All of these basic tasks (and more) can be carried out from these management portals.
What differentiates this tool from the ones mentioned earlier, is the ease with which you can deploy Network Security Groups in Microsoft Azure. For those of you who are new to Azure, or might not of heard of this feature before, here’s a small explanation. You can use a Network Security Group (NSG) to control traffic to one or more virtual machines in your virtual network. An NSG contains access control rules that allow or deny traffic to VM instances. The rules of an NSG can be changed at any time, and changes are applied to all associated instances.
To find out more in-depth about Network Security Groups click here. These NSG’s can be created using Powershell ór the Azure IaaS Toolkit. To do so, click on the “Network Security Groups” tab and fill in a (descriptive) name for your Network Security Group, NSG1 in this case would be a bad suggestion.. Supply a region where the NSG will be created and for your own administration, fill in the Label field and click on create.
When the job is finished, you can configure the Network Security Group you’ve just created and populate it with the required rule sets.
Once all rules are in place, you can make the connection between the Network Security Group and the VM or the network subnet.
Since the proof is in the pudding, we would like to show you that the VM and the NSG are indeed connected. And here our victory dance stops… Although we’ve managed to create a Network Security Group, visible in Powershell with Get-AzureNetworkSecurityGroup -Name “NSG1”
However, the cmdlet to show the connection between NSG and the VM seems to be “broken” at this time. When we place the VM in a variable, with “$vm = Get-AzureVM -ServiceName HybridVM1 -Name HybridVM1”, and run a “Get-AzureNetworkSecurityGroupConfig -VM $VM” the screen shows the following conclusion.
For a 0.1 version of this tool, it isn’t that bad, but I’m looking forward to all improvements, even the ones from the Azure team regarding the broken cmdlet.