Last active
August 27, 2023 11:38
-
-
Save stanleytangerror/b4bb8d1f848dcdf8aaff39ad482dd032 to your computer and use it in GitHub Desktop.
[Azure VM] Renew public ip
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| param ( | |
| [string]$vmName, | |
| [string]$vmSize, | |
| [string]$ubuntuOSVersion, | |
| [string]$location | |
| ) | |
| $resourceGroupName = $vmName | |
| New-AzResourceGroup -Name $resourceGroupName -Location $location | |
| New-AzResourceGroupDeployment -ResourceGroupName $resourceGroupName -mode Complete -TemplateFile ./new-vm.bicep ` | |
| -vmName $vmName ` | |
| -adminUsername $vmName ` | |
| -vmSize $vmSize ` | |
| -ubuntuOSVersion $ubuntuOSVersion |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| param resourceName string = '' | |
| param domainName string = '' | |
| param location string = resourceGroup().location | |
| resource publicIp 'Microsoft.Network/publicIPAddresses@2023-02-01' = { | |
| name: resourceName | |
| location: location | |
| sku: { | |
| name: 'Basic' | |
| } | |
| properties: { | |
| publicIPAllocationMethod: 'Static' | |
| dnsSettings: { | |
| domainNameLabel: domainName | |
| } | |
| } | |
| } | |
| output publicIpAddress object = publicIp |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @description('The name of you Virtual Machine.') | |
| param vmName string | |
| @description('Username for the Virtual Machine.') | |
| param adminUsername string | |
| @description('Type of authentication to use on the Virtual Machine. SSH key is recommended.') | |
| @allowed([ | |
| 'sshPublicKey' | |
| 'password' | |
| ]) | |
| param authenticationType string = 'password' | |
| @description('SSH Key or password for the Virtual Machine. SSH key is recommended.') | |
| @secure() | |
| param adminPasswordOrKey string | |
| @description('Unique DNS Name for the Public IP used to access the Virtual Machine.') | |
| param dnsLabelPrefix string = toLower(vmName) | |
| @description('The Ubuntu version for the VM. This will pick a fully patched image of this given Ubuntu version.') | |
| @allowed([ | |
| 'Ubuntu-1804-gen2' | |
| 'Ubuntu-2004-gen1' | |
| 'Ubuntu-2004-gen2' | |
| 'Ubuntu-2204-gen2' | |
| ]) | |
| param ubuntuOSVersion string | |
| @description('Location for all resources.') | |
| param location string = resourceGroup().location | |
| @description('The size of the VM') | |
| param vmSize string | |
| @description('Name of the VNET') | |
| param virtualNetworkName string = 'vNet' | |
| @description('Name of the subnet in the virtual network') | |
| param subnetName string = 'Subnet' | |
| @description('Name of the Network Security Group') | |
| param networkSecurityGroupName string = 'SecGroupNet' | |
| @description('Security Type of the Virtual Machine.') | |
| @allowed([ | |
| 'Standard' | |
| 'TrustedLaunch' | |
| ]) | |
| param securityType string = 'Standard' | |
| var imageReference = { | |
| 'Ubuntu-1804-gen2': { | |
| publisher: 'Canonical' | |
| offer: 'UbuntuServer' | |
| sku: '18_04-lts-gen2' | |
| version: 'latest' | |
| } | |
| 'Ubuntu-2004-gen2': { | |
| publisher: 'Canonical' | |
| offer: '0001-com-ubuntu-server-focal' | |
| sku: '20_04-lts-gen2' | |
| version: 'latest' | |
| } | |
| 'Ubuntu-2204-gen2': { | |
| publisher: 'Canonical' | |
| offer: '0001-com-ubuntu-server-jammy' | |
| sku: '22_04-lts-gen2' | |
| version: 'latest' | |
| } | |
| 'Ubuntu-2004-gen1': { | |
| publisher: 'canonical' | |
| offer: '0001-com-ubuntu-server-focal' | |
| sku: '20_04-lts' | |
| version: 'latest' | |
| } | |
| } | |
| var publicIPAddressName = '${vmName}PublicIP' | |
| var networkInterfaceName = '${vmName}NetInt' | |
| var osDiskType = 'Standard_LRS' | |
| var subnetAddressPrefix = '10.1.0.0/24' | |
| var addressPrefix = '10.1.0.0/16' | |
| var linuxConfiguration = { | |
| disablePasswordAuthentication: true | |
| ssh: { | |
| publicKeys: [ | |
| { | |
| path: '/home/${adminUsername}/.ssh/authorized_keys' | |
| keyData: adminPasswordOrKey | |
| } | |
| ] | |
| } | |
| } | |
| var securityProfileJson = { | |
| uefiSettings: { | |
| secureBootEnabled: true | |
| vTpmEnabled: true | |
| } | |
| securityType: securityType | |
| } | |
| var extensionName = 'GuestAttestation' | |
| var extensionPublisher = 'Microsoft.Azure.Security.LinuxAttestation' | |
| var extensionVersion = '1.0' | |
| var maaTenantName = 'GuestAttestation' | |
| var maaEndpoint = substring('emptystring', 0, 0) | |
| resource networkInterface 'Microsoft.Network/networkInterfaces@2021-05-01' = { | |
| name: networkInterfaceName | |
| location: location | |
| properties: { | |
| ipConfigurations: [ | |
| { | |
| name: 'ipconfig1' | |
| properties: { | |
| subnet: { | |
| id: subnet.id | |
| } | |
| privateIPAllocationMethod: 'Dynamic' | |
| publicIPAddress: { | |
| id: publicIPAddress.id | |
| } | |
| } | |
| } | |
| ] | |
| networkSecurityGroup: { | |
| id: networkSecurityGroup.id | |
| } | |
| } | |
| } | |
| resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2021-05-01' = { | |
| name: networkSecurityGroupName | |
| location: location | |
| properties: { | |
| securityRules: [ | |
| { | |
| name: 'SSH' | |
| properties: { | |
| priority: 1000 | |
| protocol: 'Tcp' | |
| access: 'Allow' | |
| direction: 'Inbound' | |
| sourceAddressPrefix: '*' | |
| sourcePortRange: '*' | |
| destinationAddressPrefix: '*' | |
| destinationPortRange: '22' | |
| } | |
| } | |
| ] | |
| } | |
| } | |
| resource virtualNetwork 'Microsoft.Network/virtualNetworks@2021-05-01' = { | |
| name: virtualNetworkName | |
| location: location | |
| properties: { | |
| addressSpace: { | |
| addressPrefixes: [ | |
| addressPrefix | |
| ] | |
| } | |
| } | |
| } | |
| resource subnet 'Microsoft.Network/virtualNetworks/subnets@2021-05-01' = { | |
| parent: virtualNetwork | |
| name: subnetName | |
| properties: { | |
| addressPrefix: subnetAddressPrefix | |
| privateEndpointNetworkPolicies: 'Enabled' | |
| privateLinkServiceNetworkPolicies: 'Enabled' | |
| } | |
| } | |
| resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2021-05-01' = { | |
| name: publicIPAddressName | |
| location: location | |
| sku: { | |
| name: 'Basic' | |
| } | |
| properties: { | |
| publicIPAllocationMethod: 'Dynamic' | |
| publicIPAddressVersion: 'IPv4' | |
| dnsSettings: { | |
| domainNameLabel: dnsLabelPrefix | |
| } | |
| idleTimeoutInMinutes: 4 | |
| } | |
| } | |
| resource vm 'Microsoft.Compute/virtualMachines@2021-11-01' = { | |
| name: vmName | |
| location: location | |
| properties: { | |
| hardwareProfile: { | |
| vmSize: vmSize | |
| } | |
| storageProfile: { | |
| osDisk: { | |
| createOption: 'FromImage' | |
| managedDisk: { | |
| storageAccountType: osDiskType | |
| } | |
| } | |
| imageReference: imageReference[ubuntuOSVersion] | |
| } | |
| networkProfile: { | |
| networkInterfaces: [ | |
| { | |
| id: networkInterface.id | |
| } | |
| ] | |
| } | |
| osProfile: { | |
| computerName: vmName | |
| adminUsername: adminUsername | |
| adminPassword: adminPasswordOrKey | |
| linuxConfiguration: ((authenticationType == 'password') ? null : linuxConfiguration) | |
| } | |
| securityProfile: ((securityType == 'TrustedLaunch') ? securityProfileJson : null) | |
| } | |
| } | |
| resource vmExtension 'Microsoft.Compute/virtualMachines/extensions@2022-03-01' = if ((securityType == 'TrustedLaunch') && ((securityProfileJson.uefiSettings.secureBootEnabled == true) && (securityProfileJson.uefiSettings.vTpmEnabled == true))) { | |
| parent: vm | |
| name: extensionName | |
| location: location | |
| properties: { | |
| publisher: extensionPublisher | |
| type: extensionName | |
| typeHandlerVersion: extensionVersion | |
| autoUpgradeMinorVersion: true | |
| enableAutomaticUpgrade: true | |
| settings: { | |
| AttestationConfig: { | |
| MaaSettings: { | |
| maaEndpoint: maaEndpoint | |
| maaTenantName: maaTenantName | |
| } | |
| } | |
| } | |
| } | |
| } | |
| output adminUsername string = adminUsername | |
| output hostname string = publicIPAddress.properties.dnsSettings.fqdn | |
| output sshCommand string = 'ssh ${adminUsername}@${publicIPAddress.properties.dnsSettings.fqdn}' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| param ( | |
| [string]$tenantId, | |
| [string]$subscriptionId, | |
| [string]$resourceGroupName, | |
| [string]$nicName | |
| ) | |
| $ErrorActionPreference = "Stop" | |
| Write-Host '>>>>>> Connect to Azure' | |
| Connect-AzAccount -TenantId $tenantId | |
| Select-AzSubscription -SubscriptionId $subscriptionId | |
| Write-Host '>>>>>> Get NIC' | |
| $nic = Get-AzNetworkInterface -ResourceGroupName $resourceGroupName -Name $nicName | |
| Write-Host '>>>>>> Get Public Ip and DNS name' | |
| $curPubIpAddrId = $nic.IpConfigurations[0].PublicIpAddress.id | |
| $curPubIpAddrId -match ".*/Microsoft.Network/publicIPAddresses/(?<name>.*)" | |
| $curPubIpAddrName = $matches['name'] | |
| $curPubIpAddr = Get-AzPublicIpAddress -ResourceGroupName $resourceGroupName -Name $curPubIpAddrName | |
| $domainName = $curPubIpAddr.DnsSettings.DomainNameLabel | |
| if ([string]::IsNullOrEmpty($domainName)) { | |
| throw "Current Public IP Address $($curPubIpAddrId) does not contain a valid DNS domain name" | |
| } | |
| Write-Host '>>>>>> Clear DNS name' | |
| $curPubIpAddr.DnsSettings = $null | |
| Set-AzPublicIpAddress -PublicIpAddress $curPubIpAddr | |
| Write-Host '>>>>>> Deploy new Public Ip with DNS name' | |
| $newPubIpAddrName = "$($curPubIpAddrName)-1" | |
| New-AzResourceGroupDeployment -ResourceGroupName $resourceGroupName -TemplateFile ./new-publicip.bicep -resourceName $newPubIpAddrName -domainName $domainName | |
| $newPubIpAddr = Get-AzPublicIpAddress -ResourceGroupName $resourceGroupName -Name $newPubIpAddrName | |
| Write-Host '>>>>>> NIC use new Public Ip' | |
| $nic.IpConfigurations[0].PublicIpAddress = $newPubIpAddr | |
| Set-AzNetworkInterface -NetworkInterface $nic | |
| Write-Host '>>>>>> Remove old Public Ip' | |
| Remove-AzResource -ResourceId $curPubIpAddrId |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment