<# .SYNOPSIS - Invoke-WebRequest https://www.microsoft.com/en-us/downl

1. <#  
2. .SYNOPSIS  
3.     - Invoke-WebRequest https://www.microsoft.com/en-us/download/confirmation.aspx?id=41653
4.     - looks for 'Click Here' (manual download link)
5.     - loads download into xml variable
6.     - outputs lists of Azure DC subnets in various formats
7.  
8. .Version 0.5
9.    
10. .DESCRIPTION
11.    This is based on the script found here: https://gallery.technet.microsoft.com/scriptcenter/Powershell-script-to-6cc03244 modified to output in a couple of useful formats
12.  
13. .SYNTAX
14.     Get-AzureSubnets -Format <Default|Raw|Fortinet> -Interface <String to use for Fortigate associated-interface>
15.  
16. .NOTES  
17.     File Name    : Get-AzureSubnets.ps1
18.     Author       : sam.firth@codeblue.co.nz
19. #>
20.  
21. param ([string]$Format = "Default", [string]$Interface = "all", $OutFile = "" )
22.  
23. #Grab the XML from MS
24. $AzureIPRangesPage=Invoke-WebRequest -Uri https://www.microsoft.com/en-us/download/confirmation.aspx?id=41653 -Method Get -UseBasicParsing
25. [XML]$AzureIPRanges=Invoke-RestMethod -uri ($AzureIPRangesPage.Links |Where {$_.outerhtml -like "*Click here*"}).href[0]
26.  
27. #This is the original output from drew's script, this script will give identical output if no arguments are given
28. Function Default{
29.     Foreach ($iprange in $Azureipranges.AzurePublicIpAddresses.region)
30.         {
31.         Write-Host $iprange.name -ForegroundColor Yellow
32.         Foreach ($ipsubnet in $iprange.iprange.subnet)
33.             {
34.             Write-Host $ipsubnet
35.             }
36.         Write-Host "---------------------" -ForegroundColor White
37.         }
38. }
39.  
40. #Raw list of subnets, one per line
41. Function Raw{
42.     Foreach ($iprange in $Azureipranges.AzurePublicIpAddresses.region)
43.         {
44.         Foreach ($ipsubnet in $iprange.iprange.subnet)
45.             {
46.             Write-Output $ipsubnet
47.             }
48.         }
49. }
50.  
51. #Output formatted for Fortigate firewalls
52. Function Fortinet{
53.     $group = [System.Collections.ArrayList]@()
54.     Foreach ($iprange in $Azureipranges.AzurePublicIpAddresses.region)
55.         {
56.         $count=1
57.         Write-Output "config firewall address"
58.         Foreach ($ipsubnet in $iprange.iprange.subnet)
59.             {
60.             $name="azure-" + $iprange.name + "-" +  "{0:000}" -f $count
61.             Write-Output "edit $name"
62.             Write-Output "set associated-interface ""$Interface"""
63.             Write-Output "set subnet $ipsubnet"
64.             Write-Output "next"
65.             $count ++
66.             $group += "`"$name`""
67.             }
68.         Write-Output "end"
69.         }
70.    
71.     # Fortigate only accepts 300 Members in a single statement
72.     $groupnum = 1
73.     while ($group.Length -gt 1)
74.         {
75.         Write-Output "config firewall addrgrp"
76.         Write-Output "edit ""Azure IPs $groupnum"""
77.         Write-Output "set member $($group[0..299])"
78.         Write-Output "next"
79.         Write-Output "end"
80.         $edgecase = $group[-1]
81.         $group = $group[300..($group.Length-1)]
82.         $groupnum ++
83.         }
84.        
85.         #This is here in case $group contained exactly 301 items on the last run
86.         if ($edgecase -ne $group)
87.             {
88.             Write-Output "config firewall addrgrp"
89.             Write-Output "edit ""Azure IPs"""
90.             Write-Output "set member $group"
91.             Write-Output "next"
92.             Write-Output "end"
93.             }
94. }
95.  
96. #arg processing
97. if ($Format -eq "Default") { Default }
98. elseif ($Format -eq "Fortinet")
99.     {
100.     if ($OutFile -ne "" )
101.         { Fortinet|Out-File -Encoding utf8 $OutFile }
102.     else { Fortinet }
103.     }
104. elseif ($Format -eq "Raw") { Raw }