Azure Demo - Single VM with NSG.ps1

#Log into both old and new Azure
Login-AzureRmAccount
 
#Choose subscription 'new' Azure
$subscription = (Get-AzureRmSubscription | Out-GridView -Title "Select the Azure subscription that you want to use ..." -PassThru).SubscriptionName
Select-AzureRmSubscription -SubscriptionName $subscription
 
$RGName = "Show-DMZ_VM"
$location = "australiaeast"
 
####################### | Create the Resource Group | ####################### | @marckean
cls
Write-Host "`n`tCreating the target resource group $RGName (if it don't exist already)..." -ForegroundColor Cyan
#region
if(!(Get-AzureRmResourceGroup -Name $RGName -Location $location -ErrorAction SilentlyContinue)){
New-AzureRmResourceGroup -Name $RGName -Location $location -Force}
 
####################### | Variable Settings | ####################### | @marckean
$date = "20160517"
$random = Get-Random -Minimum 10 -Maximum 999
$publisher = "MicrosoftWindowsServer"
$offer = "WindowsServer"
$sku = "2012-R2-Datacenter"
$version = "latest"
#Storage
$StorageAccountName = $date + "stg" + $random # Storage account name must be between 3 and 24 characters in length and use numbers and lower-case letters only
$StorageType = "Standard_LRS"
#Virtual Machine
$VMName = "Demo-VM"
$VMSize = "Standard_A2"
$DiskName = "$RGName-os.vhd"
$cred = Get-Credential -Message "Type the name and password for the local administrator account."
#Virtual Network
$vNetName = "Demo-vNet"
$vNetRGName = "Show-vNet"
$subnetName = "DMZ"
#PIP
$PIPName = "Demo-PIP"
$PublicPIPName = "demopip" + $random # Name must conform to the following regular expression: ^[a-z][a-z0-9-]{1,61}[a-z0-9]$
#NIC
$NICName = "Demo-NIC"
$NICPrivateIP = "10.123.250.10"
#NSG
$NSGname = "Demo-NSG"
 
### Create Storage Account
New-AzureRmStorageAccount -ResourceGroupName $RGName -Name $StorageAccountName -Location $location -Type $StorageType
 
### Create security rule allowing access from the Internet to port 3389
$RDPrule = New-AzureRmNetworkSecurityRuleConfig `
            -Name rdp-rule `
            -Description "Allow RDP" `
            -Access Allow `
            -Protocol Tcp `
            -Direction Inbound `
            -Priority 100 `
            -SourceAddressPrefix Internet `
            -SourcePortRange * `
            -DestinationAddressPrefix * `
            -DestinationPortRange 65234
 
### Add the rules to a new NSG
$nsg = New-AzureRmNetworkSecurityGroup -ResourceGroupName $RGName -Location $location -Name $NSGname -SecurityRules $RDPrule
 
### Create Public IP Address
$pip = New-AzureRmPublicIpAddress -ResourceGroupName $RGName -Name $PIPName -Location $location -AllocationMethod Dynamic -DomainNameLabel $PublicPIPName
 
### Create NIC
$vnet = Get-AzureRmVirtualNetwork -ResourceGroupName $vNetRGName -Name $vNetName
$subnet = Get-AzureRmVirtualNetworkSubnetConfig -Name $subnetName -VirtualNetwork $vnet
$nic = New-AzureRmNetworkInterface -ResourceGroupName $RGName -Name $NICName `
           -Subnet $subnet -Location $location -PublicIpAddress $pip -PrivateIpAddress $NICPrivateIP -NetworkSecurityGroup $nsg
 
### Virtual Machine Configuration
$vmConfig = New-AzureRmVMConfig -VMName $VMName -VMSize $VMSize | 
 
        Set-AzureRmVMOperatingSystem -Windows -ComputerName $VMName `
           -Credential $cred -ProvisionVMAgent -EnableAutoUpdate | 
 
        Set-AzureRmVMSourceImage -PublisherName $publisher -Offer $offer -Skus $sku `
           -Version $version | 
 
        Set-AzureRmVMOSDisk -Name $VMName -VhdUri "https://$StorageAccountName.blob.core.windows.net/vhds/$DiskName" `
           -Caching ReadWrite -CreateOption fromImage | 
 
        Add-AzureRmVMNetworkInterface -Id $nic.Id
 
### Create the Virtual Machine
New-AzureRmVM -ResourceGroupName $RGName -Location $location -VM $vmConfig