Today Day 14 of #AzureFundamentals, I have completed Units 9,10/14 of Modules 2/4 of LP 2 Describe Azure architecture and services, Azure Fundamentals for Exam AZ 900.
| LP 2 | Describe Azure architecture and services |
| Module 2/4 | Describe Azure Compute and Network Services |
| Unit 9,10/14 | 9. Exercise-Configure Network Access, |
10. Describe Azure Virtual Private Networks. |
I. Unit 9/14
Page 1
VM install
az vm create \ --resource-group [sandbox resource group name] \ --name my-vm \ --public-ip-sku Standard \ --image Ubuntu2204 \ --admin-username azureuser \ --generate-ssh-keys
nginx install
az vm extension set \ --resource-group [sandbox resource group name] \ --vm-name my-vm \ --name customScript \ --publisher Microsoft.Azure.Extensions \ --version 2.1 \ --settings '{"fileUris":["https://raw.githubusercontent.com/MicrosoftDocs/mslearn-welcome-to-azure/master/configure-nginx.sh"]}' \ --protected-settings '{"commandToExecute": "./configure-nginx.sh"}'
vm list
az vm list
Page 2
Task 1: Access your web server
command to get your VM's IP address and store the result as a Bash variable:
IPADDRESS="$(az vm list-ip-addresses \ --resource-group [sandbox resource group name] \ --name my-vm \ --query "[].virtualMachine.network.publicIpAddresses[*].ipAddress" \ --output tsv)"
curl command to download the home page:
curl --connect-timeout 5 http://$IPADDRESS
As an optional step, try to access the web server from a browser:
Run the following to print your VM's IP address to the console:
echo $IPADDRESS
Open a new browser tab and go to your web server using the IPADDRESS,
Page 3
Task 2: List the current network security group rules
az network nsg list command to list the network security groups that are associated with your VM:
az network nsg list \ --resource-group [sandbox resource group name] \ --query '[].name' \ --output tsv
az network nsg rule list command to list the rules associated with the NSG named my-vmNSG:
az network nsg rule list \ --resource-group [sandbox resource group name] \ --nsg-name my-vmNSG
Run the az network nsg rule list command a second time. This time, use the --query argument to retrieve only the name, priority, affected ports, and access (Allow or Deny) for each rule. The --output argument formats the output as a table so that it's easy to read.
az network nsg rule list \ --resource-group [sandbox resource group name] \ --nsg-name my-vmNSG \ --query '[].{Name:name, Priority:priority, Port:destinationPortRange, Access:access}' \ --output table
Page 4
Task 3: Create the network security rule
az network nsg rule create command to create a rule called allow-http that allows inbound access on port 80:
az network nsg rule create \ --resource-group [sandbox resource group name] \ --nsg-name my-vmNSG \ --name allow-http \ --protocol tcp \ --priority 100 \ --destination-port-range 80 \ --access Allow
To verify the configuration, run az network nsg rule list to see the updated list of rules:
az network nsg rule list \ --resource-group [sandbox resource group name] \ --nsg-name my-vmNSG \ --query '[].{Name:name, Priority:priority, Port:destinationPortRange, Access:access}' \ --output table
Page 5
Task 4: Access your web server again
Run the same curl command that you ran earlier:
curl --connect-timeout 5 http://$IPADDRESS
As an optional step, refresh your browser tab that points to your web server.
II. Unit 10/14
Page 6
Page 7
Page 8
Page 9
Conclusion
Learning Objectives,
Exercise - Configure Network Access,
Describe Azure Virtual Private Networks.