I have hostname/machine name from logs. I want to know what service is running that. is there any way I can backtrack service name by hostname/machine name?
I tried to search for all queries, tried kudu but can see hostname for the service I select. cant reverse search it
After I've done workaround, there is no direct command to get azure app service with hostname, but I found an alternative to get App Service details with hostnames by using:
Get-Azurermwebapp command with the respective resource group name.
With Get-Azurermwebapp command, Direct hostname retrieval is not supported via a parameter. To do that, I gave the information to a variable and used it to retrieve.
get-azurermwebapp -ResourceGroupName <ResourceGroupName>
$info = get-azurermwebapp -ResourceGroupName <ResourceGroupName> #Storing in info variable
$info.name #retrieving Azure App service names
$hostname = $info.enabledhostnames #retrieve enabledhostnames by passing info to $hostname
$hostname
Note: If you need to view all services operating inside any AzureVM, together with their status, Use Get-service:
get-service -computername <VMName>
Refer MsDoc
Related
I have a Cloud Service (Extended Support) on Azure and want to retrieve the associated public IP address from an Azure script. However when I run
Get-AzCloudServicePublicIPAddress -CloudServiceName $serviceName -ResourceGroupName $resourceGroup -verbose
Nothing seems to happen at all. Moreover, when I run a swap command, i.e.
Switch-AzCloudService -CloudServiceName $serviceName -ResourceGroupName $resourceGroup -Confirm:$false
it is successful and I can see the public IP address for both the services in the output logging! Obviously I don't want to have to call this command to retrieve the IP address.
How do I get the IP information from powershell using the Az powershell module module?
Need to check:
Make sure that you are executing it in correct Azure tenant or subscription. Otherwise, it will not retrieve the exact output. Set azure subscription to the current one.
select-Azuresubscription -subscriptionId <subscriptionID>
Check for the existence of public IP addresses if there are any configured public Ip addresses under a given cloud service.
Cloud Service commands support cloud service (extended support) only. check once whether you are trying to retrieve the same.
Simply you can use below Az CLI command to retrieve the IP configuration:
az network public-ip show -g <ResourceGroup> -n <publicIP>
Or
az network public-ip list
We have an Azure web app that we use for dev\testing. I noticed in Application Insights that it is getting pinged like 500-700 times per minute. I tried blocking the IP in Networking and of course being no network expert didn't realize it will just keep rolling to the next one.
Question 1 is - How do I block by group of IP's used?
Question 2 if that doesn't work - How do I block the "U.K." as I only need in the US currently for dev\testing. I prefer question one so that I can use for my prod. version also and as needed.
Blocking arbitrary IP ranges brings you nowhere. If you really want to restrict access to your test environments on the network level, I suggest defining allowed IP ranges and blocking the rest of the internet. That can be done in the portal, using PS like HariKrishnaRajoli-MT showed or preferably with IaC like Bicep or Terraform.
If you want to have some dynamic blocking (like country-based), you'll need a component in front of your App Service like an Azure App GW with WAF. However, that has some notable costs included.
Lastly, why is pinging an issue? It does not cause any significant stress to the service. If you want to protect your service from outside access, you should enable some authentication. Azure App Service provides an easy way of enabling authentication and authorization with different identity providers.
Question 1 is - How do I block by group of IP's used?
Create a new text file and store all the IP Addresses which you want to allow or block and each separated with a Comma (,) as shown below:
Paste this code in an PowerShell File to read the above text file:
Param``(
[``Parameter``(``Mandatory = $true``)]
[string] $ResourceGroupName``,
[``Parameter``(``Mandatory = $true``)]
[string] $WebAppName``,
[``Parameter``(``Mandatory = $true``)]
[string] $IPAddressSourceFileName
)
#Step1 - Get All IP Addresses from the File
$SourceIPAddresses = (``Get-Content $IPAddressSourceFileName``).Trim() | ConvertFrom-Csv
#Step2 - Get All existing IP Addresses from the Config of App Service
$APIVersion = ((``Get-AzResourceProvider -ProviderNamespace Microsoft.Web).ResourceTypes | Where-Object ResourceTypeName -eq sites).ApiVersions[0]
$config = (``Get-AzResource -ResourceType Microsoft.Web/sites/config -Name $WebAppName -ResourceGroupName $ResourceGroupName -ApiVersion $APIVersion``)
#Step3 - Prepare the new IP Addresses list from that IPAddressList file and collect all the new ones into the $IpSecurityRestrictions collection
foreach``(``$item in $SourceIPAddresses``){
$Rule``=``$config``.Properties.ipSecurityRestrictions | Where-Object { $_``.ipAddress -eq $item``.IPAddress}
if``(``$null -ne $Rule``)
{
Write-Host -ForegroundColor Green 'No Action on the IP:' $item``.ipAddress
}
else
{
$config``.Properties.ipSecurityRestrictions+=``$item
}
}
#Step4 - Finally update the new IP Addresses to Azure App Service
Set-AzResource -ResourceId $config``.ResourceId -Properties $config``.Properties -ApiVersion $APIVersion -Force
Run the above PowerShell Script from VS Code > Terminal > Run this following command:
.\ReadIPAddresses.ps1 azdevops-rg-eus-dev azuredevops-wapp1-eus-dev IPAddresses.txt
After running this command, you can see all the IP Addresses will be added to the Access Restrictions blade as shown here:
I want to delete all the public ip addresses in a resource group in Azure using single command rather than doing it one by one
You can use following Powershell scripts to achieve your requirement:
Get-AzureRmPublicIpAddress -ResourceGroupName <yourresourcegroupname> | Remove-AzureRmPublicIpAddress
Also, you can use the command Force to run without asking for user confirmation:
Get-AzureRmPublicIpAddress -ResourceGroupName <yourresourcegroupname> | Remove-AzureRmPublicIpAddress -Force
I test in my lab and succeed.
I want to check whether a traffic manager is unique or not.
I am using Powershell Commandlets to get the information.
$profile = Get-AzureRmTrafficManagerProfile -Name $ResourceName -ResourceGroupName $ResourceGroupName
This command only checks for the traffic manager profile in the specified group. But traffic manager's are deployed globally. So, when I try to deploy with same traffic manager name in different resource group then error is thrown.
To avoid this error, I want to check at first only if that traffic manager exists globally. Didn't find any solution in documentation.
Is there any way to achieve this?
You can use the Test-AzureTrafficManagerDomainName powershell cmdlet.
C:\> get-help Test-AzureTrafficManagerDomainName
NAME
Test-AzureTrafficManagerDomainName
SYNOPSIS
Checks whether a domain name is available as a Traffic Manager profile.
SYNTAX
Test-AzureTrafficManagerDomainName [-DomainName] <String> [<CommonParameters>]
DESCRIPTION
The Test-AzureTrafficManagerDomainName cmdlet checks whether a domain name is available as a Microsoft Azure
Traffic Manager profile. If the domain name is available, this cmdlet returns a value of $True.
Or you could use a rest call to this endpoint:
https://management.core.windows.net/SUB_GUID/services/WATM/operations/isavailable/%NAME%.trafficmanager.net
I created a VM in Windows Azure and some networking people are asking me for the deployment id. I cannot see this property anywhere on the portal. How can I get the deployment id of a Windows Azure VM? I just created the VM through the portal.
One way is to:
Go to https://resources.azure.com and log in
Search for the name of your VM and click to open details. It should return JSON information about the VM.
In the JSON data, search for deploymentId (it should be under the hardwareProfile section in the JSON)
You can see the deployment ID in the virtual machine's Dashboard tab. Refer to the screenshot-
Here's how you can do it via Powershell:
First log in to azure:
login-AzureRmAccount
Then get a reference to the virtual machine. In my case, I have a virtual machine called malcolms-dad in the resource group breaking-bad:
$vm = (Get-AzureRmResource -ResourceGroupName breaking-bad -ResourceName malcolms-dad -ResourceType MicrosoftClassicComputer/virtualMachines)
Now you have the reference, you can query for the deployment id property:
$vm.Properties.HardwareProfile.DeploymentId
Note that we had to pass in the -ResourceType parameter into the Get-AzureRmResource query. This might seem superfluous, but if you omit the parameter the command returns an object without the Properties field.