Daniel Mauser dmauser
dmauser
/ sample-deploy.sh
Last active
December 4, 2025 20:16
AzurePolicy storage enforce TLS and Soft delete
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Variables | |
| subscriptionId="<YOUR_SUBSCRIPTION_ID>" | |
| resourceGroup="rg-storage-lab" | |
| location="eastus" | |
| storageAccount="storagelab$(date +%s)" | |
| retentionDays=7 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # --- Inputs --- | |
| $ResourceGroup = "<rg-name>" | |
| $StorageAccount = "<storage-account-name>" | |
| $Container = "<container-name>" | |
| $BlobName = "<blob-name>" | |
| # Optional: use MSI/Azure login (instead of key) | |
| Connect-AzAccount | Out-Null | |
| # Get storage context |
dmauser
/ vng-deploy-az.azcli
Last active
July 25, 2025 20:28
Sample AZ VNG VPN deployment on non-AZ region
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Variables | |
| rg=lab-vpngw | |
| gwname=az-vng-vpn | |
| gwsize=VpnGw1AZ | |
| asn=65515 | |
| vnet=hub-vnet | |
| location=westus | |
| addressprefix=10.0.0.0/24 | |
| mainprefix=10.0.0.0/27 | |
| gwsubnetprefix=10.0.0.32/27 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| export subscriptionId="96799577-30b5-4a07-b0d3-ca5b40c5c05d"; | |
| export resourceGroup="arc-lab"; | |
| export tenantId="b1fa3d67-2da0-44d9-84f5-6bb580bd1d15"; | |
| export location="northcentralus"; | |
| export authType="token"; | |
| export correlationId="5f7d1872-3bb4-4445-8eab-53d15747ce09"; | |
| export cloud="AzureCloud"; | |
| LINUX_INSTALL_SCRIPT="/tmp/install_linux_azcmagent.sh" | |
| if [ -f "$LINUX_INSTALL_SCRIPT" ]; then rm -f "$LINUX_INSTALL_SCRIPT"; fi; |
dmauser
/ afd-premium-pe.azcli
Last active
June 3, 2022 02:01
Azure Front Door Premimum and Private Endpoint CLI commands
dmauser
/ vwandumproutes.azcli
Last active
May 5, 2022 02:19
Dump effective routes of all vWAN Hubs route tables (AZCLI)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #vHUB effective routes | |
| #parameters | |
| rg=vwan-pair #Set your resource group | |
| #variables (do not change) | |
| #Parameter | |
| $rg=vwan-pair | |
| # Dump all vHUB route tables. | |
| for vhubname in `az network vhub list -g $rg --query "[].id" -o tsv | rev | cut -d'/' -f1 | rev` | |
| do | |
| for routetable in `az network vhub route-table list --vhub-name $vhubname -g $rg --query "[].id" -o tsv` |
dmauser
/ azfwpolicynetrule.azcli
Last active
March 19, 2024 21:01
Azure Firewall Policy and adding a network rule using Azure CLI
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Firewall Policy and network rules over CLI | |
| # Variables: | |
| Commands to create a networking rule with Firewall Policy: | |
| #Create firewall rules | |
| fwpolicyname=NewPolicyTest #Firewall Policy Name | |
| rg=FW-Policies # Set your Resource Group |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| The scenario below we have four URIs: | |
| 1) afduri - pointing to the frontdoor name which has WebApps backends hosted in three different Azure Regions (EastUS, WestUS and CentralUS) | |
| 2) easturi - East US WebApp | |
| 3) westuri - West US WebApp | |
| 4) centraluri - Central US WebApp | |
| 1st GOAL - When client sends a request to Azure Front Door URI it will show | |
| 2nd GOAL - Turn off primary WebApp and validate failover from one region to another. | |
| #> |
dmauser
/ servicetag-iprange.ps1
Last active
January 12, 2021 19:43
Script dumps IP range info associated to Service Tags
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Dumping Service Tags IP Ranges. | |
| # 1) Specify target region variable. | |
| $serviceTags = Get-AzNetworkServiceTag -Location uksouth | |
| # 2) Get all service tags that can be queried | |
| $serviceTags.Values.Name | |
| # 3) Example dumping info for SQL service tag info on UK South (SQL.uksouth). You can replace with any value dumped on step 2. | |
| $tag = $serviceTags.Values | Where-Object { $_.Name -eq "SQL.uksouth" } | |
| # 4) Example dumps amount of Prefixes. | |
| $tag.Properties.AddressPrefixes.count | |
| # 5) Example dumping all Address Spaces used by specific Serive Tag |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ExpressRoute or VPN Virtual Network Gateway (VNG) BGP info. | |
| $RG="<Replace>" # Add Resource Group ExpressRoute or VPN Virtual Network Gateway | |
| $VNGName = "<Replace>" # Add ExpressRoute or VPN Gateway Name | |
| $Peerinfo = Get-AzVirtualNetworkGatewayBGPPeerStatus -ResourceGroupName $RG -VirtualNetworkGatewayName $VNGName | |
| #Shows Peer Connections State, Routes Received, BGP Messages send and received | |
| $Peerinfo | Format-Table | |
| #Shows all routes learned by Virtual Network Gateway | |
| Get-AzVirtualNetworkGatewayLearnedRoute -ResourceGroupName $RG -VirtualNetworkGatewayName $VNGName | Format-Table | |
| #Shows all routes advertised by Virtual Network Gateway | |
| foreach ($Peer in $Peerinfo.Neighbor) { |
NewerOlder