I am attempting to configure the VNET of an app service. I am attempting to do this via a powershell script. I have been using the same powershell script for over a year and it has suddenly stopped working without any modifications to the script. The link that is failing is as follows:
$propertiesObject = #{
"vnetResourceId" = "/subscriptions/$($subscriptionId)/resourceGroups/$($vnetToaddResGroup)/providers/Microsoft.Network/virtualNetworks/$($vnetToAdd)"
}
New-AzureRmResource -Location $location -Properties $propertiesObject -ResourceName "$($WebApp)/$($vnetToAdd)/primary" -ResourceType "Microsoft.Web/sites/virtualNetworkConnections/gateways" -ApiVersion 2015-08-01 -ResourceGroupName $WebAppResourceGroup -Force
This then results in the following error:
New-AzureRmResource : {"Code":"NotFound","Message":"Cannot find Vnet with name
VNet-EUDEV02.","Target":null,"Details":[{"Message":"Cannot find Vnet with name
VNet-EUDEV02."},{"Code":"NotFound"},{"ErrorEntity":{"ExtendedCode":"51004","MessageTemplate":"Cannot find {0} with
name {1}.","Parameters":["Vnet","VNet-EUDEV02"],"Code":"NotFound","Message":"Cannot find Vnet with name
VNet-EUDEV02."}}],"Innererror":null}
At C:\Users\Andre\Desktop\Repos\devops-scripting\andre-script-remake\clusterswap.ps1:66 char:5
+ New-AzureRmResource -Location $location -Properties $propertiesOb ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [New-AzureRmResource], ErrorResponseMessageException
+ FullyQualifiedErrorId : NotFound,Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourc
eCmdlet
This is strange as I have checked the VNET exists, and also checked the the resource group, and have tried numerous other Vnets.
How can I add VNet integration via a powershell command using azureRM?
This command is trying to use Gateway-required VNet Integration. I guess you already have a gateway provisioned and intend to use it.
Looking at the command, one thing which stands out is this parameter
-ResourceName "$($WebApp)/$($vnetToAdd)/primary"
Refer this post on how to do this.
Additionally, there is a PS script here that can be used to provision the VPN gateway and then configure it with the Web App.
BTW, there are other options to consider.
If your resources are in the same region, then you could avoid additional costs associated with Gateways, by using Regional VNet Integration. This is super easy to setup. The CLI is available here
There is also NAT Gateway. See this for provisioning NAT Gateways
HTH
Related
I am trying to connect to azure cosmosdb from my local machine via powershell but every command I tried to run it returns the "Argument passed in is not serializable."
Here are a few of my commands,
Get-AzCosmosDBAccount -ResourceGroupName "cosmosbackup"
Invoke-AzCosmosDBSqlDatabaseThroughputMigration -ResourceGroupName "cosmosbackup" -AccountName "liabilitydata" -Name liability
New-AzCosmosDBSqlContainer -AccountName "liabilitydata"-DatabaseName "dailyliability"-ResourceGroupName "cosmosbackup"-Name schemes -PartitionKeyPath /Id -PartitionKeyKind Hash
Get-AzCosmosDBSqlContainer `
-ResourceGroupName "cosmosbackup" `
-AccountName "liabilitydata" `
-DatabaseName "dailyliability"
All of them fail for the same reason Argument passed in is not serializable.
Am I missing something? Please help
The issue here is that you need to set the context for running the script,
Step 1 : Connect with your Azure account
Connect-AzAccount
Step 2 : Pass the resource group and the cosmosdb account name as follows,
Get-AzCosmosDBAccount -ResourceGroupName cosmosbackup
I have existing NSG and VM and planning to add the NSG to existing VM's NIC and simultaneously remove as well. I have prepared this based on example provided in http://windowsitpro.com/azure/manage-network-security-groups-powershel. The below command failing with method not supported errors.
$NICName = 'azwebvm0186'
$RGName = 'Prod_ResourceGroup'
$NsgName = 'Prod_ILB_SG'
$NSG = Get-AzureRmNetworkSecurityGroup -Name $NsgName -ResourceGroupName $RGName
$NIC = Get-AzureRmNetworkInterface -Name $NICName -ResourceGroupName $RGname
$NIC.NetworkSecurityGroup = $NSG
Set-AzureRmNetworkInterface -NetworkInterface $NIC
its failing with below error
$NIC.NetworkSecurityGroup = $NSG : Specified method is not supported.
+ CategoryInfo : NotImplemented: (:) [], PSNotSupportedException
+ FullyQualifiedErrorId : NotSupported
I have tested in my lab, your script works for me. I think you had better check as the following ways:
1.Check $NSG and $NIC.NetworkSecurityGroup value and type. Please ensure they have the same type.
PS C:\Users\v-shshui> $NIC|gm
TypeName: Microsoft.Azure.Commands.Network.Models.PSNetworkInterface
2. Check your Azure Powershell version. My version is 3.3.0. You could get version by use the following cmdlet.
Get-Module -ListAvailable -Name Azure -Refresh
If your version is not latest, I suggest you could update your version to latest. You can download the PS version 3.3.0 installation file from this link
I need to disable some rules configured under network security groups with RDP and SSH port open. I am facing some issues with removing the rule configuration :
This is the command I execute :
Get-AzureRmNetworkSecurityGroup -Name $securityGroupName -ResourceGroupName $resourceGroupName | Remove-AzureRmNetworkSecurityRuleConfig -Name $enabledSecurityRDPRule.Name
However when I check the portal or execute the get cmdlet I don't see the earlier command took effect.
I even tried with Set-AzureRmNetworkSecurityRuleConfig to set the access to deny and got the same result.
The service principal that I use to access my environment has contributor privileges.
The Remove-AzureRmNetworkSecurityRuleConfig command just removes the rule from your local NSG object. In order to sync the cloud side, you need to run the Set-AzureRmNetworkSecurityGroup.
Here is a complete script.
$nsg = Get-AzureRmNetworkSecurityGroup -Name <your nsg name> `
-ResourceGroupName <your resource group name>
$nsg = Remove-AzureRmNetworkSecurityRuleConfig -Name <your rule name> `
-NetworkSecurityGroup $nsg
Set-AzureRmNetworkSecurityGroup -NetworkSecurityGroup $nsg
Using Azure CLI, it's possible to create and assign a public ip address to an existing nic e.g.
Create a public ip in a given resource group and region
azure network public-ip create -g myresourcegroup -a Dynamic -l westus mypublicipname
Assign the pip created in previous step to an existing nic
azure network nic set -g myresourcegroup -p mypublicipname mynicname
However similar code in powershell doesn't work e.g.
Create a new pip (completes successfully)
$pip = New-AzureRmPublicIpAddress -Name $pipName -ResourceGroupName $rgName -Location $locName -AllocationMethod Dynamic -Force
Assign to an existing nic
$nic = Get-AzureRmNetworkInterface -ResourceGroupName $rgName -Name $nicName
$nic.IpConfigurations[0].PublicIpAddress = $pip.IpAddress
Last line doesn't work and throws the following error:
The property 'Id' cannot be found on this object. Verify that the property exists and can be set.
At line:31 char:9
+ $nic.IpConfigurations[0].PublicIpAddress.Id = $pip.Id
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : PropertyNotFound
Though intellisense in PS ISE does show Id property for both! Does anyone knows if this is supposed to work?
Thanks to Tim Wieman (MSFT) of AzureCAT for the solution! Basically you need to assign the newly created pip to nic's PublicIPAddress property and then run Set-AzureRmNetworkInterface command as below:
$nic.IpConfigurations[0].PublicIpAddress = $pip
Set-AzureRmNetworkInterface -NetworkInterface $nic
I'm implementing a site-to-site VPN using Site-to-Site VPN in Azure Virtual Network using Windows Server 2012 Routing and Remote Access Service (RRAS).
To configure it, i need One Windows Server 2012 machine with two NIC.
Using Microsoft Azure Powershell,I'm trying to create it.
I am following the steps from this article at microsoft website.
I select the VM from Azure Image Gallery.
$image = Get-AzureVMImage -ImageName "a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-R2-201408.01-en.us-127GB.vhd"
Then I create a VM configuration with its name, no.of cores(4), and image. I dont what is availabilityset.
$vm = New-AzureVMConfig -Name "MultiNicVM" -InstanceSize "ExtraLarge" -Image $image.ImageName –AvailabilitySetName “MyAVSet”
Create login for the VM.
Add-AzureProvisioningConfig –VM $vm -Windows -AdminUserName “” -Password “”
4.Add our Additional NIC with Static IP address
Add-AzureNetworkInterfaceConfig -Name "Ethernet1" -SubnetName "Midtier"
-StaticVNetIPAddress "10.1.1.111" -VM $vm
Configuration for Default NIC. For default NIC, it should be public IP, why it is given a private Ip?
Set-AzureSubnet -SubnetNames "Frontend" -VM $vm
Set-AzureStaticVNetIP -IPAddress "10.1.0.100" -VM $vm
Create your VM, with "MultiNIC-VNet" already exists as a Virtual Network.
New-AzureVM -ServiceName "MultiNIC-CS" –VNetName “MultiNIC-VNet” –VM $vm
At the Step 6, it get an error "hosted service does not exist"
New-AzureVM : ResourceNotFound: The hosted service does not exist.
At line:1 char:1
+ New-AzureVM -ServiceName "MultiNIC-CS" –VNetName “MultiNIC-VNet” –VM $vm
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [New-AzureVM], CloudException
+ FullyQualifiedErrorId : Microsoft.WindowsAzure.Commands.ServiceManagement.IaaS.PersistentVMs.NewAzureVMCommand
All i need a NIC with public IP and a NIC with private IP which acts as a local area network for the site to site VPN. But the default NIC is given a private IP, a another NIC with public IP will be created automatically?
Why do i get an error "hosted service does not exist"?
Location or AffinityGroup parameter not being specified in New-AzureVM
(one of these is required when creating new service)