How to update existing routing rule in Azure Frontdoor using PowerShell? - automation

I need to update the backend pool (Maintenance) used by an existing routing rule in Azure Frontdoor to a different existing backend pool (Maintenance2). Here is the UI screen from where it can be done. Can someone advise on how to do this via PowerShell. I have tried via the cmdlets (https://learn.microsoft.com/en-us/powershell/module/az.frontdoor/set-azfrontdoor?view=azps-9.0.1 ) but unable to get the correct set of commands.
I have tried via the cmdlets (https://learn.microsoft.com/en-us/powershell/module/az.frontdoor/set-azfrontdoor?view=azps-9.0.1 ) but unable to get the correct set of commands.

In order to update the backend pool (Poo1) used by an existing routing rule in Azure Front Door to a different existing backend pool (Pool2).
Created a Front Door environment with backend Pools [Pool1/Pool2] which they are pointing to routing rules
Pool1 -> Rule1 and Pool2 -> Rules2
Click on Rule1
WorkAround:
Login into Powershell
tag to the current subscription where Front Door was created. using below command
az account set --subscription "******-****-****-****-*********"
Verify the Backend Pool on Front Door using this command
az network front-door backend-pool list --front-door-name "FrontDoorName" --resource-group "ResoruceGroupName"
Update Backend Pool for Rule1 from pool1 to pool2
using below command
az network front-door routing-rule update --front-door-name "Front Door Name" --name "Rule Name" --resource-group "Resource Group Name" --backend-pool "New Backend Pool"
example:
az network front-door routing-rule update --front-door-name "testfrontdoor" --name "Rule1" --resource-group "rg-testdemo" --backend-pool "pool2"
Output:
Resulted output on Front Door Rule1
Now Rule1 is points to Backend Pool "Pool2" instead of original one "Pool1".

Thank you Swarna. The solution provided is in CLI and the question was for powershell.
I was able to figure out how to do this in PowerShell. It requires the use of 3 Azure PS cmdlets- Get-AzFrontDoor, New-AzFrontDoorRoutingRuleObject and Set-AzFrontDoor. The way it works in the background is that when an update is performed on the Routing Rule, the routing rule is deleted and recreated with the changes. In-order to do this via PS, we have to get the existing frontdoor properties, routing rule properties and put the changes in New-AzFrontDoorRoutingRuleObject. Lastly use Set-AzFrontDoor to apply the changes to frontdoor.
$subscription='Sub1'
Select-AzSubscription $Sub1
$frontdoorName='Frontdoor1'
$resourcegroupname='fdrrg'
$MaintenanceBackPool='Maintenance2'
$PrimaryBackPool='Maintenance1'
$RoutingRuleName='Route1'
#get the current frontdoor property object
$frontdoorobj=Get-AzFrontDoor -ResourceGroupName $resourcegroupname -Name $frontdoorName
#get the Routing Rules and filter the one which needs to be modified
$RoutingRuleUpdate=$frontdoorobj.RoutingRules
$RoutingRuleUpdate2=$RoutingRuleUpdate|Where-Object {$_.Name -contains $RoutingRuleName}
#get the list of all frontendendpointIds as an array (this is required to account for more than 1 frontends/domains associated with the routing rule)
#Perform string manipulation to get the frontend/domain name from the ID
[String[]] $frontdoorHostnames=$RoutingRuleUpdate2.FrontendEndpointIds | ForEach-Object {"$PSItem" -replace '.*/'}
#get the position of the Routing Rule (to be modified) in the Routing Rules collection
$i=[array]::indexof($RoutingRuleUpdate.Name,$RoutingRuleName)
#Update the Routing Rule object with the changes needed- in this case a different backendpool
$updatedRouteObj=New-AzFrontDoorRoutingRuleObject -Name $RoutingRuleUpdate[$i].Name  -FrontDoorName $frontDoorName -ResourceGroupName $resourcegroupname -FrontendEndpointName $frontdoorHostnames -BackendPoolName $MaintenanceBackPool
$RoutingRuleUpdate[$i]=$updatedRouteObj
#Finally update the frontdoor object with the change in Routing Rule
Set-AzFrontDoor -InputObject $frontdoorobj -RoutingRule $RoutingRuleUpdate
Write-Output "Successfully Updated RoutingRule:$RoutingRuleName to backendpool:$MaintenanceBackPool"**

Related

Applying filters on Google Cloud API - Instance list

I was trying to filter GCP instance based on IP Range or subnet.
API : https://cloud.google.com/compute/docs/reference/rest/v1/instances/list
I am able to use below CLI commands and get the list of desired instances
gcloud compute instances list --filter="networkInterfaces.networkIP>172.23.0.0 AND networkInterfaces.networkIP<172.23.0.170"
gcloud compute instances list --filter="networkInterfaces.subnetwork:default"
But I am not able to use these filters in API explorer provide by GCP.
When I use networkInterfaces.networkIP = "some IP" as filter I am getting below error
"Invalid value for field 'filter': 'networkInterfaces.networkIP = "172.23.0.10"'.
Is there any way we can filter the instance based on IPs?
I am aware that we can filter out once we get the response, but I am looking to apply the filter at request level itself.
Thanks,
Rmp

Getting 'Minimum TLS Version' setting of Azure webapp with Az PowerShell

I have a PowerShell script that uses Az PowerShell modules to retrieve properties of all webapps within a resource group. Now, I also need to fetch the MinTlsVersion property as in below. Can I do it using one of Az modules?
When a call to Get-AzWebApp command is made in the script, a request is sent to /subscriptions/<s>/resourceGroups/<rg>/providers/Microsoft.Web/sites endpoint. The response object has property siteConfig set to null. Is there a way to call Get-AzWebApp such that the property is not null so I can use the minTlsVersion sub-property under the siteConfig object?
If there's no way to above:
I see that the client receives minTlsVersion by sending a GET request to /subscriptions/<s>/resourceGroups/<rg>/providers/Microsoft.Web/sites/<st>/config/web endpoint. Can we hit the same endpoint by using one of the Az PowerShell modules? Though, I would prefer a request that can return minTlsVersion of all webapps in a resource group in a single call.
You need to iterate through each app, try the command as below, it works on my side.
$grouname = "<resource-group-name>"
$apps = Get-AzWebApp -ResourceGroupName $grouname
$names = $apps.Name
foreach($name in $names){
$tls = (Get-AzWebApp -ResourceGroupName $grouname -Name $name).SiteConfig.MinTlsVersion
Write-Host "minTlsVersion of web app" $name "is" $tls
}

How to obtain Image details of unpublished images

I have been using the Azure PowerShell module and I use this cmdlet to obtain either published or unpublished image details:
Get-AzureVMImage | where-object { $_.Label -like "$ImageName" }
I need to move to the Az module. The replacement cmdlet seems to be Get-AzVMImage. And that does not seem to provide a way to list unpublished images.
So, how do you obtain a list of unpublished images and their details?
According to my understanding, you want to get the custom image. If so you can use the command "Get-AzImage" to get it. For example:
Connect-AzAccount -Subscription "your subscrition id" -Tenant "your tenant id"
Get-AzImage -ImageName "" -ResourceGroupName ""

Is it possible to create Azure alerts for multiple subscriptions at once?

I am trying to create Alerts for different services on Azure but i need to create it for all subscriptions at once using PowerShell.
I have tried with GUI but failed.
Depending on the number of subscriptions on the account it might take awhile, but you can pull an array of subscriptions from the account and perform the same actions on each of them in a loop. If you only want to run through certain subscriptions I would probably create a list in a csv file and then replace az account list | ConvertFrom-Json with the csv file.
$subs = az account list | ConvertFrom-Json
foreach($sub in $subs) {
az account set --subscription $sub.id
"Current Account:"
az account show
# create alert 1
# create alert 2
# ....
}

Clear/change CustomDomainName for storage account using Powershell

I want to setup a custom domain for a azure storage account(v2?, not classic).
With this answer I managed to use powershell to set it up for one domain and one storage account.
For another domain and another storage account I thought I had it configured correctly but when I try to configure it now I get this error:
Set-AzureRmStorageAccount -ResourceGroupName "ExampleGroup" -Name "test" -CustomDomainName test.example.com -UseSubDomain $true
Set-AzureRmStorageAccount : CustomDomainNameAlreadySet: Custom domain name is already set. Current value must be cleared before setting a new value.
+ Set-AzureRmStorageAccount -ResourceGroupName "ExampleGroup" -Name " ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Set-AzureRmStorageAccount], CloudException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Management.Storage.SetAzureStorageAccountCommand
The only answer I've found implies that one should use the classical portal which is not an option as v2 storage accounts does not show up there.
How can I clear the CustomDomainName value?
At the moment if you have a custom domain name set and want to replace it, you have to unregister it first. To unregister it, set the CustomDomainName to an empty string and don't send UseSubDomain.