Azure PowerShell Virtual Network Cmdlets

This documentation provides a comprehensive reference for Azure PowerShell cmdlets used to manage and configure Azure Virtual Networks (VNet).

Overview

Azure Virtual Network enables you to provision private cloud networks in Azure. VNets are a fundamental building block for your private cloud. By allowing you to define IP address spaces, subnets, route tables, and network gateways, VNets allow you to create a logically isolated network that you can manage and secure.

The Azure PowerShell module for Virtual Network provides cmdlets to:

Create, configure, and manage virtual networks and subnets.
Implement network security groups (NSGs) for traffic filtering.
Configure route tables and user-defined routes (UDRs).
Manage virtual network peering for cross-VNet connectivity.
Configure network interfaces (NICs) and IP configurations.
Set up virtual network gateways for VPN and ExpressRoute connections.
Manage Private Link services.

Key Cmdlets

Here are some of the most commonly used cmdlets for managing Azure Virtual Networks:

New-AzVirtualNetwork: Creates a new virtual network.
Get-AzVirtualNetwork: Retrieves information about virtual networks.
Set-AzVirtualNetwork: Modifies the settings of an existing virtual network.
Add-AzVirtualNetworkSubnetConfig: Adds a subnet configuration to a virtual network.
Get-AzVirtualNetworkSubnetConfig: Retrieves subnet configurations.
Remove-AzVirtualNetworkSubnetConfig: Removes a subnet configuration.
New-AzNetworkSecurityGroup: Creates a new network security group.
Get-AzNetworkSecurityGroup: Retrieves network security groups.
Set-AzNetworkSecurityGroup: Modifies network security group settings.
New-AzNetworkSecurityRule: Creates a new security rule for an NSG.
Get-AzNetworkSecurityRule: Retrieves security rules.
New-AzRouteTable: Creates a new route table.
Get-AzRouteTable: Retrieves route tables.
Add-AzRouteConfig: Adds a route to a route table.
New-AzVirtualNetworkPeering: Creates a peering connection between virtual networks.
Get-AzVirtualNetworkPeering: Retrieves virtual network peering configurations.
New-AzNetworkInterface: Creates a new network interface.
Get-AzNetworkInterface: Retrieves network interfaces.

`New-AzVirtualNetwork`

Creates a virtual network. You can specify the address space, resource group, name, and location for the VNet.

New-AzVirtualNetwork -Name "myVNet" -ResourceGroupName "myResourceGroup" -Location "East US" -AddressPrefix "10.0.0.0/16"

`Get-AzVirtualNetwork`

Retrieves one or more virtual networks. You can filter by resource group, name, or location.

Get-AzVirtualNetwork -ResourceGroupName "myResourceGroup"

Get-AzVirtualNetwork -Name "myVNet" -ResourceGroupName "myResourceGroup"

`Add-AzVirtualNetworkSubnetConfig`

Adds a subnet configuration to a virtual network object. Note that this cmdlet modifies the virtual network object in memory; you'll need to use Set-AzVirtualNetwork to apply the changes to Azure.

$vnet = Get-AzVirtualNetwork -Name "myVNet" -ResourceGroupName "myResourceGroup"
$subnet = Add-AzVirtualNetworkSubnetConfig -Name "mySubnet" -AddressPrefix "10.0.1.0/24" -VirtualNetwork $vnet
Set-AzVirtualNetwork -VirtualNetwork $vnet

`New-AzNetworkSecurityGroup`

Creates a network security group, which contains a list of security rules that allow or deny network traffic to resources connected to Azure Virtual Network.

New-AzNetworkSecurityGroup -Name "myNSG" -ResourceGroupName "myResourceGroup" -Location "East US"

`New-AzNetworkSecurityRule`

Creates a network security rule within a network security group. Rules define inbound or outbound traffic filtering.

$nsg = Get-AzNetworkSecurityGroup -Name "myNSG" -ResourceGroupName "myResourceGroup"
Add-AzNetworkSecurityRuleConfig -NetworkSecurityGroup $nsg -Name "AllowHTTP" -Protocol Tcp -Direction Inbound -Priority 100 -SourceAddressPrefix "*" -SourcePortRange "*" -DestinationAddressPrefix "*" -DestinationPortRange "80" -Access Allow
Set-AzNetworkSecurityGroup -NetworkSecurityGroup $nsg

MSDN Documentation