As part of my day to day work, I often have to either log into an Azure a “jumpbox” (VM) or allow others to do so. Like any
self-respecting paranoid dev, the jumpbox has a whitelist of IP addresses that are allowed to connect to it. Also, like a lot people I (and my co-workers) have dynamic IP addresses at home. Manually going into the Azure portal every time to adjust all the Network Security Group inbound IP settings is a pain.
There are only really a couple of steps required.
1) Create authorizer to communicate with the Azure Management API.
2) Create SecurityGroup client
3) List all security groups
4) modify appropriate one and save
I won’t bother repeating the code here (see the github link earlier), but one thing that was slightly annoying is that for steps 1-3 I didn’t need to know the Azure Resource Group. In fact I intentionally didn’t want to have to specify one, I wanted the tool to be able to find any matching NSG rule. BUT, to save the change I needed the Resource Group name. To get this I had to regex it out of part of the initial response (containing the security groups). Annoying but not critical.
Overall I now have a useful tool that lets me easily modify anyones NSG rule without a bunch of manual clicking about.
The Go SDK is definitely improving 🙂