How to write powershell script to identify whether the Azure Virtual machine has Jumpbox or bastionhost or other private vms

Question

How to write powershell script to identify if one VM has jumpbox connection or Bastion host or other private network VMs. The script output will tell that this VM has Jumpbox Connection etc.

Answer

Hello @Priya Dharshini M

Its not simple write this.

but I believe you are looking for this:

# Authenticate with Azure
Connect-AzAccount

# Specify the resource group name and VM name
$resourceGroupName = "resource-group-name"
$vmName = "vm-name"

# Get the VM object
$vm = Get-AzVM -ResourceGroupName $resourceGroupName -Name $vmName

# Get the VM's network interface object
$nic = Get-AzNetworkInterface -ResourceId $vm.NetworkProfile.NetworkInterfaces[0].Id

# Get the VM's private IP address
$privateIpAddress = $nic.IpConfigurations.PrivateIpAddress

# Check if the VM is connected to a jumpbox
$jumpbox = Get-AzVM -ResourceGroupName $resourceGroupName -Name "jumpbox-name"
if ($jumpbox) {
    $jumpboxNic = Get-AzNetworkInterface -ResourceId $jumpbox.NetworkProfile.NetworkInterfaces[0].Id
    $jumpboxPrivateIpAddress = $jumpboxNic.IpConfigurations.PrivateIpAddress
    if ($privateIpAddress -eq $jumpboxPrivateIpAddress) {
        Write-Host "This VM is connected to a jumpbox"
        exit
    }
}

# Check if the VM is connected to a Bastion host
$bastion = Get-AzBastionDeployment -ResourceGroupName $resourceGroupName
if ($bastion) {
    $bastionSubnet = $bastion.SubnetId
    if ($nic.IpConfigurations.Subnet.Id -eq $bastionSubnet) {
        Write-Host "This VM is connected to a Bastion host"
        exit
    }
}

# Check if the VM is connected to other private network VMs
$vnet = Get-AzVirtualNetwork -ResourceGroupName $resourceGroupName -Name $nic.IpConfigurations.Subnet.VirtualNetwork.Name
$otherPrivateIps = $vnet.AddressSpace.AddressPrefixes | Where-Object { $_ -ne $nic.IpConfigurations.Subnet.AddressPrefix } | ForEach-Object {
    $ip = [System.Net.IPAddress]::Parse($_.Split("/")[0])
    [System.BitConverter]::ToUInt32($ip.GetAddressBytes(), 0)
}
if ($otherPrivateIps -contains [System.BitConverter]::ToUInt32([System.Net.IPAddress]::Parse($privateIpAddress).GetAddressBytes(), 0)) {
    Write-Host "This VM is connected to other private network VMs"
    exit
}

Write-Host "This VM is not connected to a jumpbox, Bastion host, or other private network VMs"

Please, if this help you, don't forget to accept and upvote this answer

good luck

Regards

Answer

Hello @Priya Dharshini M

Answer your second question>

"to create an Azure Jump Serve via portal"

Log in to the Azure portal with your account credentials.
Navigate to the Azure Virtual Machines section of the portal.
Click the "+ Add" button to create a new virtual machine.
Select the desired options for the virtual machine, such as the operating system, size, and networking settings.
In the "Management" section of the virtual machine creation wizard, select "Yes" for "Enable Auto-Shutdown" and set a schedule for automatic shutdown to reduce costs.
In the "Networking" section, configure the virtual network settings for the Jump Server, including subnets, security groups, and public IP address if needed.
In the "Management" section, configure the Jump Server to allow RDP or SSH access.
Review the configuration options and click "Create" to create the virtual machine.