Skip to content

Instantly share code, notes, and snippets.

View mmckechney's full-sized avatar

Michael McKechney mmckechney

26 followers · 4 following
View GitHub Profile
@mmckechney
mmckechney / dtl-create-vm-from-customimage.json
Last active October 10, 2017 18:54
JSON template to create a DevTest lab from a custom image
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"newVMName": {
"type": "string",
"metadata": {
"description": "Name of an VM to be created"
}
},
@mmckechney
mmckechney / Create-DtlVm-FromVhd.ps1
Last active October 12, 2017 16:06
Automates the steps to go from a VHD file in Azure storage to create a VM in Azure DevTest Labs
param
(
[Parameter(Mandatory = $true)]
[string] $subscriptionId = $(Read-Host -prompt "Specify the subscription Id"),
[Parameter(Mandatory = $true)]
[string] $labResourceGroup = $(Read-Host -prompt "Specify the resource group for the DevTest Lab"),
[Parameter(Mandatory = $true)]
[string] $labName = $(Read-Host -prompt "Specify the name of the DevTest Lab"),
@mmckechney
mmckechney / DevTestLabsAdvancedUser-customrole.ps1
Created January 5, 2019 01:18
PowerShell Script to create an advanced user for Azure DevTest Labs
$subscriptionId = "<insert your subscription id here>"
$policyRoleDef = (Get-AzureRmRoleDefinition "DevTest Labs User")
$policyRoleDef.Actions.Remove('Microsoft.DevTestLab/Environments/*')
$policyRoleDef.Id = $null
$policyRoleDef.Name = "DevTest Labs Advanced User"
$policyRoleDef.Description = "Lets you connect, start, restart, shutdown and resize ALL virtual machines in your Azure DevTest Labs."
$policyRoleDef.IsCustom = $true
$policyRoleDef.AssignableScopes.Clear()
$policyRoleDef.AssignableScopes.Add("/subscriptions/$($subscriptionId )")
@mmckechney
mmckechney / DevTestLabsAdvancedUser-customrole.json
Created January 5, 2019 01:22
JSON template to create an advanced DevTest User role
{
"Name": "Dev Test Labs Advanced User",
"Id": null,
"IsCustom": true,
"Description": "Lets you connect, start, restart, shutdown and resize ALL virtual machines in your Azure DevTest Labs.",
"Actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Compute/availabilitySets/read",
"Microsoft.Compute/virtualMachines/*/read",
"Microsoft.Compute/virtualMachines/deallocate/action",
@mmckechney
mmckechney / ADLSGen2_createfilesystem.ps1
Last active June 13, 2019 17:28
PowerShell to create ADLS Gen2 filesystem, path and file via REST
$AadTenant = "" # <-- AAD tenant ID
$AadAppId = "" # <-- App Id of the identity to use
$AadAppKey = "" # <-- Secret key of this identity
$AdlsAccountName = "" # <-- name of your ASLD Gen2 account
$FileSystemName = "" # <-- name of the file system to create
$DirPath = "" # <-- Directory path to create
$FileName = "" # <-- File name to create on ADLS
@mmckechney
mmckechney / Get-ApplicationGateway-Skus.ps1
Created June 12, 2019 14:27
Get Application Gateway Sku's for all gateways
$properties = @{Name = ""; ResourceGroupName =""; Location = ""; SkuName = ""; SkuTier = ""; Subscription = ""}
$gwTemplate = New-Object -TypeName PSObject -Property $properties
$qwCollection = @()
$subs = Get-AzSubscription
foreach($sub in $subs)
{
Select-AzSubscription -Subscription $sub.Name
@mmckechney
mmckechney / ManagedDiskCopy.ps1
Last active June 20, 2019 13:02
Copy a managed disk to another region
<#
.SYNOPSIS
Managed disks in Azure have no direct facilitites to access the underlying URL/path the disk resides in since
they are placed into storage accounts under the hood by Azure. Often times there's a desire to take a disk from a single
VM and move to another region where you can create a new VM and attach to the disk that's copied. This script
provides a means to do that and has been tested as working using the new AZ PowerShell cmdlets.
If this is run in a PowerShell context without the new AZ cmdlets installed; simply do a search and replace of Az to AzureRM.
Note: The SOURCE VM needs to be powered off to create the SAS URL and to ensure no writes are occuring to the disk during the copy.
.DESCRIPTION
This script will require you to populate the source resource group and source managed disk name as well as the destination resource group,
@mmckechney
mmckechney / ApplyNSGIfMIssing.json
Created June 20, 2019 19:34
Azure Policy to add a specified Network Security Group to a Subnet if none is specified at creation time
{
"properties": {
"displayName": "Append NSG if missing",
"description": "Sets default NSG if none is specified",
"policyType": "Custom",
"mode": "All",
"parameters": {
"nsgResourceId": {
"type": "String",
"metadata": {
@mmckechney
mmckechney / ActivityLog_EventHubArchiving.ps1
Created September 25, 2019 11:33
Archive Azure Activity Logs for multiple subscriptions
<#
.SYNOPSIS
This script will configure EventHub logging for all Azure Activity logs in multiple subscriptions so that you can then archive the logs to another system
See: https://docs.microsoft.com/en-us/powershell/module/az.monitor/add-azlogprofile
.DESCRIPTION
Using an AAD account that has access to all of the subscriptions that you need to configure, this will loop through all of those
subscriptions, find all of the EventHub namespaces in those subscriptions and then find an EventHub that meets a specific naming format.
Once the proper EventHub is found, it will set the log profile for you
The naming format of the EventHub is up to you and can be edited on the "if($eventHub.Name ..." line #45
@mmckechney
mmckechney / TagManagerRole.json
Last active December 3, 2019 19:32
Tag Manager - Custom Azure RBAC role
{
"Name": "Tag Manager Role",
"Description": "Can only add/edit/delete resource tags",
"Id": null,
"IsCustom": true,
"Actions": [
"*/read",
"Microsoft.Resources/tags/write",
"Microsoft.Resources/tags/delete"
],