Common PowerShell commands for Azure Virtual Networks

Applies to: ✔️ Linux VMs ✔️ Windows VMs

If you want to create a virtual machine, you need to create a virtual network or know about an existing virtual network in which the VM can be added. Typically, when you create a VM, you also need to consider creating the resources described in this article.

See How to install and configure Azure PowerShell for information about installing the latest version of Azure PowerShell, selecting your subscription, and signing in to your account.

Some variables might be useful for you if running more than one of the commands in this article:

  • $location - The location of the network resources. You can use Get-AzLocation to find a geographical region that works for you.
  • $myResourceGroup - The name of the resource group where the network resources are located.

Create network resources

Task Command
Create subnet configurations $subnet1 = New-AzVirtualNetworkSubnetConfig -Name "mySubnet1" -AddressPrefix XX.X.X.X/XX
$subnet2 = New-AzVirtualNetworkSubnetConfig -Name "mySubnet2" -AddressPrefix XX.X.X.X/XX

A typical network might have a subnet for an internet facing load balancer and a separate subnet for an internal load balancer.
Create a virtual network $vnet = New-AzVirtualNetwork -Name "myVNet" -ResourceGroupName $myResourceGroup -Location $location -AddressPrefix XX.X.X.X/XX -Subnet $subnet1, $subnet2
Test for a unique domain name Test-AzDnsAvailability -DomainNameLabel "myDNS" -Location $location

You can specify a DNS domain name for a public IP resource, which creates a mapping for to the public IP address in the Azure-managed DNS servers. The name can contain only letters, numbers, and hyphens. The first and last character must be a letter or number and the domain name must be unique within its Azure location. If True is returned, your proposed name is globally unique.
Create a public IP address $pip = New-AzPublicIpAddress -Name "myPublicIp" -ResourceGroupName $myResourceGroup -DomainNameLabel "myDNS" -Location $location -AllocationMethod Dynamic

The public IP address uses the domain name that you previously tested and is used by the frontend configuration of the load balancer.
Create a frontend IP configuration $frontendIP = New-AzLoadBalancerFrontendIpConfig -Name "myFrontendIP" -PublicIpAddress $pip

The frontend configuration includes the public IP address that you previously created for incoming network traffic.
Create a backend address pool $beAddressPool = New-AzLoadBalancerBackendAddressPoolConfig -Name "myBackendAddressPool"

Provides internal addresses for the backend of the load balancer that are accessed through a network interface.
Create a probe $healthProbe = New-AzLoadBalancerProbeConfig -Name "myProbe" -RequestPath 'HealthProbe.aspx' -Protocol http -Port 80 -IntervalInSeconds 15 -ProbeCount 2

Contains health probes used to check availability of virtual machines instances in the backend address pool.
Create a load balancing rule $lbRule = New-AzLoadBalancerRuleConfig -Name HTTP -FrontendIpConfiguration $frontendIP -BackendAddressPool $beAddressPool -Probe $healthProbe -Protocol Tcp -FrontendPort 80 -BackendPort 80

Contains rules that assign a public port on the load balancer to a port in the backend address pool.
Create an inbound NAT rule $inboundNATRule = New-AzLoadBalancerInboundNatRuleConfig -Name "myInboundRule1" -FrontendIpConfiguration $frontendIP -Protocol TCP -FrontendPort 3441 -BackendPort 3389

Contains rules mapping a public port on the load balancer to a port for a specific virtual machine in the backend address pool.
Create a load balancer $loadBalancer = New-AzLoadBalancer -ResourceGroupName $myResourceGroup -Name "myLoadBalancer" -Location $location -FrontendIpConfiguration $frontendIP -InboundNatRule $inboundNATRule -LoadBalancingRule $lbRule -BackendAddressPool $beAddressPool -Probe $healthProbe
Create a network interface $nic1= New-AzNetworkInterface -ResourceGroupName $myResourceGroup -Name "myNIC" -Location $location -PrivateIpAddress XX.X.X.X -Subnet $subnet2 -LoadBalancerBackendAddressPool $loadBalancer.BackendAddressPools[0] -LoadBalancerInboundNatRule $loadBalancer.InboundNatRules[0]

Create a network interface using the public IP address and virtual network subnet that you previously created.

Get information about network resources

Task Command
List virtual networks Get-AzVirtualNetwork -ResourceGroupName $myResourceGroup

Lists all the virtual networks in the resource group.
Get information about a virtual network Get-AzVirtualNetwork -Name "myVNet" -ResourceGroupName $myResourceGroup
List subnets in a virtual network Get-AzVirtualNetwork -Name "myVNet" -ResourceGroupName $myResourceGroup | Select Subnets
Get information about a subnet Get-AzVirtualNetworkSubnetConfig -Name "mySubnet1" -VirtualNetwork $vnet

Gets information about the subnet in the specified virtual network. The $vnet value represents the object returned by Get-AzVirtualNetwork.
List IP addresses Get-AzPublicIpAddress -ResourceGroupName $myResourceGroup

Lists the public IP addresses in the resource group.
List load balancers Get-AzLoadBalancer -ResourceGroupName $myResourceGroup

Lists all the load balancers in the resource group.
List network interfaces Get-AzNetworkInterface -ResourceGroupName $myResourceGroup

Lists all the network interfaces in the resource group.
Get information about a network interface Get-AzNetworkInterface -Name "myNIC" -ResourceGroupName $myResourceGroup

Gets information about a specific network interface.
Get the IP configuration of a network interface Get-AzNetworkInterfaceIPConfig -Name "myNICIP" -NetworkInterface $nic

Gets information about the IP configuration of the specified network interface. The $nic value represents the object returned by Get-AzNetworkInterface.

Manage network resources

Task Command
Add a subnet to a virtual network Add-AzVirtualNetworkSubnetConfig -AddressPrefix XX.X.X.X/XX -Name "mySubnet1" -VirtualNetwork $vnet

Adds a subnet to an existing virtual network. The $vnet value represents the object returned by Get-AzVirtualNetwork.
Delete a virtual network Remove-AzVirtualNetwork -Name "myVNet" -ResourceGroupName $myResourceGroup

Removes the specified virtual network from the resource group.
Delete a network interface Remove-AzNetworkInterface -Name "myNIC" -ResourceGroupName $myResourceGroup

Removes the specified network interface from the resource group.
Delete a load balancer Remove-AzLoadBalancer -Name "myLoadBalancer" -ResourceGroupName $myResourceGroup

Removes the specified load balancer from the resource group.
Delete a public IP address Remove-AzPublicIpAddress-Name "myIPAddress" -ResourceGroupName $myResourceGroup

Removes the specified public IP address from the resource group.

Next Steps

Use the network interface that you just created when you create a VM.