Secure network traffic between virtual machines
This script creates two virtual machines and secures incoming traffic to both. One virtual machine is accessible on the internet and has a network security group (NSG) configured to allow traffic on port 3389 and port 80. The second virtual machine is not accessible on the internet, and has an NSG configured to only allow traffic from the first virtual machine.
To run this sample, install the latest version of the Azure CLI. To start, run az login to create a connection with Azure.
Samples for the Azure CLI are written for the bash shell. To run this sample in Windows PowerShell or Command Prompt, you may need to change
elements of the script.
If you don't have an Azure subscription, create an Azure free account before you begin.
Clean up deployment
Run the following command to remove the resource group, VM, and all related resources.
az group delete --name myResourceGroup --yes
Script explanation
This script uses the following commands to create a resource group, virtual machine, and all related resources. Each command in the table links to command specific documentation.
| Command | Notes |
|---|---|
| az group create | Creates a resource group in which all resources are stored. |
| az network vnet create | Creates an Azure virtual network and subnet. |
| az network vnet subnet create | Creates a subnet. |
| az vm create | Creates the virtual machine and connects it to the network card, virtual network, subnet, and NSG. This command also specifies the virtual machine image to be used, and administrative credentials. |
| az network nsg rule update | Updates an NSG rule. In this sample, the back-end rule is updated to pass through traffic only from the front-end subnet. |
| az network nsg rule list | Returns information about a network security group rule. In this sample, the rule name is stored in a variable for use later in the script. |
| az group delete | Deletes a resource group including all nested resources. |
Next steps
For more information on the Azure CLI, see Azure CLI documentation.
Additional virtual machine CLI script samples can be found in the Azure Windows VM documentation.