search

2.2.9 Configure Network Access

Configuring network access in Azure.

To see current running VMs: az vm list

hashtag
Task 1: Access your Web Server

  1. Run az vm list-ip-addresses to get VM IP address, store the result as a BASH variable:

IPADDRESS="$(az vm list-ip-addresses \
		--resource-group "GROUP-NAME" \
		--name my-vm \
		--query "[].virtualMachine.network.publicIpAddresses[*].ipAddress" \
		--output tsv)"

  1. Run the following curl command to download the homepage:

curl --connect-timeout 5 http://$IPADDRESS

After 5 seconds, an error message indicates the VM is not accessible. 3. To see the VM IP address, run: echo $IPADDRESS.

hashtag
Task 2: List Current Network Security Group Rules

  1. Run the following az network nsg list command to list network security groups associated with VM:

az network nsg list \
--resource-group "GROUP-NAME" \
--query "[].name" \
--output tsv

Every VM on Azure is associated with at least one network security group. Azure creates a group for us called my-vmNSG. 2. Run the following az network nsg rule list command to list rules associated with my-vmNSG:

This will output a block of JSON text. 3. To make this easier to read, run the following command again but this time using --query and --output to format a table:

The default rule, default-allow-ssh allows inbound connections on port 22. The rule priority is 1000. Rules are processed in order, with lower numbers being processed first. To connect to our web server, we need to allow inbound connections on port 80.

hashtag
Task 3: Create the Network Security Rule

  1. Run az network nsg rule create to create a rule called allow-http:

  1. Verify this by running az network nsg rule list:

hashtag
Task 4: Access the Web Server Again

  1. Run the same curl command again:

This should now also work in browser.