Categories: Azure InfrastructureAzureRMPowerShell

Automating Source IP Address updates on an Azure Network Security Group RDP Access Rule

Recently I’ve migrated a bunch of Virtual Box Virtual Machines to Azure as detailed here. These VM’s are in Resource Groups with a Network Security Group associated that restricts access to them for RDP based on a source TCPIP address. All good practice. However from a usability perspective, when I want to use these VM’s, I’m not always in the same location, and rarely on a connection with a static IP address.

This post details a simple little script that;

Has a couple of variables associated with a Resource Group, Network Security Group, Virtual Machine Name and an RDP Configuration File associated with the VM
Gets the public IP Address of the machine I’m running the script from
Prompts for Authentication to Azure, and retrieves the NSG associated with the Resource Group
Compares the Source IP Address in the ‘RDP’ Inbound Rule to my current IP Address. If they aren’t a match it updates the Source IP Address to be my current public IP Address
Starts the Virtual Machine configured at the start of the script
Launches Remote Desktop using the RDP Configuration file

The Script

Here’s the raw script. Update lines 2-8 for your environment and away you go. Simple but useful as is often the way.

See the gist on github.

Enabling and Scripting Azure Virtual Machine Just-In-Time Access

July 24, 2017

In "azure vm"

Migrating a VirtualBox (Linux) Windows VDI Virtual Machines to Azure

April 5, 2017

In "Azure"

Simultaneously Start|Stop all Azure Resource Manager Virtual Machines in a Resource Group

February 10, 2016

In "Azure Infrastructure"

Darren Robinson

Bespoke learnings from a Microsoft Identity and Access Management Architect using lots of Microsoft Identity Manager, Azure Active Directory, PowerShell, SailPoint IdentityNow and Lithnet products and services.