Last active
June 4, 2018 20:38
-
-
Save jujhars13/a2f1bc678d229c37de1271bd4547e96f to your computer and use it in GitHub Desktop.
To open a particular port on an Azure security group to your current IP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# 2018-06-04 script to add your current IP address to access a specific | |
# $PORT on a security group | |
# for az cli tools install see https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest | |
# | |
# to run for your current IP address: | |
# NAME="mySecGroup" PORT=6379 ./azOpenPortOnRg.sh | |
# or to run for another IP address: | |
# IP=43.22.33.11 NAME="mySecGroup" PORT=6379 ./azOpenPortOnRg.sh | |
if [ -z "$NAME" ]; then | |
echo "please supply the Azure resource group \$NAME" | |
exit 1 | |
fi | |
if [ -z "$PORT" ]; then | |
echo "please supply the TCP port you wisht to open \$PORT" | |
exit 1 | |
fi | |
if [ -z "$IP" ]; then | |
# get ip address | |
IP=`curl -s https://ifconfig.io/` | |
fi | |
# you may need to login firstlogin first | |
#az login | |
# does our connection work ? | |
az network nsg show \ | |
--name ${NAME} \ | |
--resource-group ${NAME} \ | |
if [ $? -ne 0 ]; then | |
(>&2 echo "error") | |
exit 1 | |
fi | |
# need a friendly IP for the name as it probably won't accept full stops | |
friendlyIp="$(sed 's/\./_/g' <<< $IP)" | |
# add rule to ip address | |
# we'll just use the port number as priority as they cannot be the same for an IP | |
az network nsg rule create \ | |
--name "a_${PORT}-${friendlyIp}" \ | |
--resource-group ${NAME} \ | |
--nsg-name ${NAME} \ | |
--access Allow \ | |
--priority ${PORT} \ | |
--source-address-prefixes ${IP}/32 --source-port-ranges ${PORT} \ | |
--destination-address-prefixes '*' --destination-port-ranges ${PORT} \ | |
--protocol Tcp \ | |
--description "Allow from ${IP}. Via cli on $(date '+%Y-%m-%d %H:%M:%S')" | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment