I am trying to create a Runbook to delete any addition to a specific NSG group through a Azure Automation runbook.
In order to do so, I have the following script:
$nsg_item = Get-AzureRmNetworkSecurityGroup -Name $NSG -ResourceGroupName $ResourceGroupName
Write-Output ("NSG content before removal: " + $nsg_item)
Remove-AzureRmNetworkSecurityRuleConfig -Name $rule -NetworkSecurityGroup $nsg_item
When I do so, the runbook is executed with no issues and the output from the script shows that the rule has been removed from the NSG.
Before:
SecurityRules : {Port_443, default-allow-ssh, Port_8080
After:
SecurityRules : {Port_443, default-allow-ssh}
However, if I then go on the relevant NSG, the rule is still present and enabled. I tried to run the same script through the Powershell CLI in Azure and the same thing occurs.
Any idea what could be the problem?
You need to pipe the result to the Set-AzureRmNetworkSecurityGroup cmdlet:
Remove-AzureRmNetworkSecurityRuleConfig -Name $rule -NetworkSecurityGroup $nsg_item | Set-AzureRmNetworkSecurityGroup