Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Login-AzureRmAccount
- $vnetName = "MyvNet"
- $resourceGroupName = "hdinsightvnet"
- $subnetName = "MySubnet"
- # Get the Virtual Network object
- $vnet = Get-AzureRmVirtualNetwork `
- -Name $vnetName `
- -ResourceGroupName $resourceGroupName
- # Get the region the Virtual network is in.
- $location = $vnet.Location
- # Get the subnet object
- $subnet = $vnet.Subnets | Where-Object Name -eq $subnetName
- # Create a new Network Security Group.
- # And add exemptions for the HDInsight health and management services.
- $nsg = New-AzureRmNetworkSecurityGroup `
- -Name "NSG" `
- -ResourceGroupName $resourceGroupName `
- -Location $location `
- | Add-AzureRmNetworkSecurityRuleConfig `
- -name "Rule-002" `
- -Description "HDI health and management address 168.61.49.99" `
- -Protocol "*" `
- -SourcePortRange "*" `
- -DestinationPortRange "443" `
- -SourceAddressPrefix "168.61.49.99" `
- -DestinationAddressPrefix "VirtualNetwork" `
- -Access Allow `
- -Priority 300 `
- -Direction Inbound `
- | Add-AzureRmNetworkSecurityRuleConfig `
- -Name "Rule-003" `
- -Description "HDI health and management 23.99.5.239" `
- -Protocol "*" `
- -SourcePortRange "*" `
- -DestinationPortRange "443" `
- -SourceAddressPrefix "23.99.5.239" `
- -DestinationAddressPrefix "VirtualNetwork" `
- -Access Allow `
- -Priority 301 `
- -Direction Inbound `
- | Add-AzureRmNetworkSecurityRuleConfig `
- -Name "Rule-004" `
- -Description "HDI health and management 168.61.48.131" `
- -Protocol "*" `
- -SourcePortRange "*" `
- -DestinationPortRange "443" `
- -SourceAddressPrefix "168.61.48.131" `
- -DestinationAddressPrefix "VirtualNetwork" `
- -Access Allow `
- -Priority 302 `
- -Direction Inbound `
- | Add-AzureRmNetworkSecurityRuleConfig `
- -Name "Rule-005" `
- -Description "HDI health and management 138.91.141.162" `
- -Protocol "*" `
- -SourcePortRange "*" `
- -DestinationPortRange "443" `
- -SourceAddressPrefix "138.91.141.162" `
- -DestinationAddressPrefix "VirtualNetwork" `
- -Access Allow `
- -Priority 303 `
- -Direction Inbound
- # Set the changes to the security group
- Set-AzureRmNetworkSecurityGroup -NetworkSecurityGroup $nsg
- # Apply the NSG to the subnet
- Set-AzureRmVirtualNetworkSubnetConfig `
- -VirtualNetwork $vnet `
- -Name $subnetName `
- -AddressPrefix $subnet.AddressPrefix `
- -NetworkSecurityGroupId $nsg
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement