Looking for a Better way

Welcome Forums General PowerShell Q&A Looking for a Better way

Viewing 2 reply threads
  • Author
    Posts
    • #232609
      Participant
      Topics: 4
      Replies: 14
      Points: 88
      Rank: Member
      Looking for a better way to do the following from the code block below. I was able to brute force it by running the code in a foreach loop
      $DestAddr = $rule.destination
      $DestAddrSplit = $DestAddr.split(“-“)
      $SorAddr = $rule.source
      $SorAddrSplit = $SorAddr.split(“-“)
      $SorPort = $rule.sorport
      $SorPortSplit = $SorPort.split(“-“)
      $DesPort = $rule.desport
      $DesPortSplit = $DesPort.split(“-“)
      The Script below works however when I import-Csv I could not get it to do the split as need for the Azure Cmdlet.
      script
      $rg = “Test”
      $loc = “EASTUS2”
      $nsgname = Read-Host -Prompt “Please input NSG Name”
      New-AzNetworkSecurityGroup -Name $nsgname -ResourceGroupName $rg -Location $loc
      $NSG = Get-AzureRmNetworkSecurityGroup -Name $nsgname -ResourceGroupName $rg
      $Rules =  Import-Csv “C:\temp\PowerhShell\creatensginput.csv”
      foreach($Rule in $Rules)
      {
      $DestAddr = $rule.destination
      $DestAddrSplit = $DestAddr.split(“-“)
      $SorAddr = $rule.source
      $SorAddrSplit = $SorAddr.split(“-“)
      $SorPort = $rule.sorport
      $SorPortSplit = $SorPort.split(“-“)
      $DesPort = $rule.desport
      $DesPortSplit = $DesPort.split(“-“)
      $NSG | Add-AzNetworkSecurityRuleConfig -Name $rule.name `</div>
      <div> -Access $rule.access `
       -Direction $rule.direction `</div>
      <div> -Priority $rule.priority `
       -SourceAddressPrefix $SorAddrSplit `</div>
      <div> -SourcePortRange $SorPortSplit `
       -DestinationAddressPrefix $DestAddrSplit `</div>
      <div> -DestinationPortRange $DesPortSplit `
       -Protocol $rule.protocol `
       -Description $rule.description
      }
      $NSG | Set-AzureRmNetworkSecurityGroup
      CSV file
      name,direction,priority,access,source,destination,sorport,desport,protocol,description
      AllowPing,Inbound,100,allow,VirtualNetwork,111.111.111.0/24,2,*,”Icmp”,”Allow ICMP Ping”
      AllowRDPToJumpHosts,Inbound,110,allow,VirtualNetwork,111.111-111.224.183.5,3389-443,3389-443,Tcp,”Allow the RDP Protocol.”
      • This topic was modified 1 month, 1 week ago by sreed7743.
      • This topic was modified 1 month, 1 week ago by sreed7743.
      • This topic was modified 1 month, 1 week ago by sreed7743.
    • #232621
      Participant
      Topics: 12
      Replies: 1643
      Points: 2,665
      Helping Hand
      Rank: Community Hero

      There should be -ErrorAction Stop and try\catch around all Set and Add commands, but here is cleaner version:

      $rg = “Test”
      $loc = “EASTUS2”
      $nsgname = Read-Host -Prompt “Please input nsg Name”
      
      $nsgParams = @{
          Name = $nsgname 
          ResourceGroupName = $rg
      }
      
      $nsg = Get-AzureRmNetworkSecurityGroup @nsgParams
      if (!$nsg) {
          $nsg = New-AzNetworkSecurityGroup @nsgParams -Location $loc
      }
      
      $Rules =  Import-Csv “C:\temp\PowerhShell\creatensginput.csv”
      foreach( $Rule in $Rules ){ 
      
          $params = @{
              NetworkSecurityGroup     = $nsg
              Name                     = $rule.name 
              Access                   = $rule.access
              Direction                = $rule.direction
              Priority                 = $rule.priority
              SourceAddressPrefix      = $rule.source.Split('-')
              SourcePortRange          = $rule.sorport.Split('-')
              DestinationAddressPrefix = $rule.destination.Split('-')
              DestinationPortRange     = $rule.desport.Split('-')
              Protocol                 = $rule.protocol
              Description              = $rule.description
          }
      
          Add-AzNetworkSecurityRuleConfig @params
      }
      
      Set-AzureRmNetworkSecurityGroup -NetworkSecurityGroup $nsg
      
    • #232795
      Participant
      Topics: 4
      Replies: 14
      Points: 88
      Rank: Member

      so much better still learning power shell most fo the time I can  brute force it however I’m trying to learn ways to make it better.

       

       

Viewing 2 reply threads
  • You must be logged in to reply to this topic.