Azure-VNET-Peering-Visualization/VNetPeerVisualize.ps1 at master · normalian/Azure-VNET-Peering-Visualization · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
# After running this script, you can visualize vnet peering using below Graphviz site.
#   VNET Peering visualization script http://www.webgraphviz.com/

$sqlColor        = "[color=`"0.230 0.300 1.000`"]"
$storageColor    = "[color=`"0.330 1.000 0.400`"]"
$redisColor      = "[color=`"0.201 0.753 1.000`"]"
$webappsColor    = "[color=`"0.408 0.498 1.000`"]"
$vpnPeeringColor = "[color=`"0.000 1.000 1.000`"]"

Write-Output "digraph finite_state_machine {"
Write-Output "`tnode [style=filled]";


# Web Apps VPN Peering
$webapps = Get-AzureRmWebApp
foreach( $webapp in $webapps ){
    $vnets = Get-AzureRmVirtualNetwork
    foreach( $vnet in $vnets ){
        try{
            $resourceName = $webapp.SiteName + "/" + $vnet.Name
            $webappVpnPeering = Get-AzureRmResource -ResourceGroupName $webapp.ResourceGroup -ResourceType "Microsoft.Web/sites/virtualNetworkConnections" -ResourceName $resourceName -ApiVersion 2016-03-01
            $msg = [String]::Format("`t`"{0}`" {1};", $webapp.SiteName, $webappsColor)
            Write-Output $msg
            $msg = [String]::Format("`t`"{0}`" -> `"{1}`" {2};", $webapp.SiteName, $vnet.Name, $vpnPeeringColor)
            Write-Output $msg
        }catch [Exception]{
            # no output. There is no way to find VNET and WebApps peering except for this way.
        }
    }
}


# VNET Peering visualize
$vnets = Get-AzureRmVirtualNetwork
foreach($vnet in $vnets){
    $peering = Get-AzureRmVirtualNetworkPeering -VirtualNetworkName $vnet.Name -ResourceGroupName $vnet.ResourceGroupName
    if( $peering -ne $null ){
        foreach($remoteVNet in $peering.RemoteVirtualNetwork){
            # extract vnet name from resource id
            $msg = [String]::Format("`t`"{0}`" -> `"{1}`";", $vnet.Name, $remoteVNet.Id.Split("/")[8])
            Write-Output $msg
        }
    }else{
        $msg = "`t`"" + $vnet.Name + "`";"
        Write-Output $msg
    }
}


# VNET VPN Peering visualize
$rgs = Get-AzureRmResourceGroup
foreach( $rg in $rgs ){
    $conns = Get-AzureRmVirtualNetworkGatewayConnection -ResourceGroupName $rg.ResourceGroupName
    foreach( $conn in $conns ){
        $gateway1Text = $conn.VirtualNetworkGateway1Text.Replace('"','')
        $rg1 = $gateway1Text.Split("/")[4]
        $gateway1 = $gateway1Text.Split("/")[8]
        $vnet1 = (Get-AzureRmVirtualNetworkGateway -Name $gateway1 -ResourceGroupName $rg1).IpConfigurations.Subnet.Id.Split("/")[8]

        if([string]::IsNullOrEmpty($conn.LocalNetworkGateway2Text) -eq $false)
        {
            # VPN connections between vnet and on-premise
            $localGatewayText = $conn.LocalNetworkGateway2Text.Replace('"','')
            $rg2 = $localGatewayText.Split("/")[4]
            $localgateway = $localGatewayText.Split("/")[8]
            $msg = [String]::Format("`t`"{0}`" -> `"{1}`" {2};",$vnet1, $localgateway, $vpnPeeringColor)
        }else{
            # VPN connections between vnets
            $gateway2Text = $conn.VirtualNetworkGateway2Text.Replace('"','')
            $rg2 = $gateway2Text.Split("/")[4]
            $gateway2 = $gateway2Text.Split("/")[8]
            $vnet2 = (Get-AzureRmVirtualNetworkGateway -Name $gateway2 -ResourceGroupName $rg2).IpConfigurations.Subnet.Id.Split("/")[8]

            $msg = [String]::Format("`t`"{0}`" -> `"{1}`" {2};",$vnet1, $vnet2, $vpnPeeringColor)
        }
        Write-Output $msg
    }
}


# Azure Redis Cache
$caches = Get-AzureRmRedisCache
foreach( $cache in $caches){
     $msg = [String]::Format("`t`"{0}`" {1};", $cache.Name, $redisColor)
     Write-Output $msg
     # SubnetId           : /subscriptions/<subscription id>/resourceGroups/redis-study-rg/providers/Microsoft.Network/virtualNetworks/redis-study-vnet/subnets/default
     $msg = [String]::Format("`t`"{0}`" -> `"{1}`";",$cache.Name, $cache.SubnetId.Split("/")[8])
     Write-Output $msg
}

# Azure Storage connections
$storageAccounts = Get-AzureRmStorageAccount
foreach( $storageAccount in $storageAccounts ){
    $ruleset = Get-AzureRmStorageAccountNetworkRuleSet -Name $storageAccount.StorageAccountName -ResourceGroupName $storageAccount.ResourceGroupName
    if($ruleset.VirtualNetworkRules){
        $msg = [String]::Format("`t`"{0}`" {1};",$storageAccount.StorageAccountName, $storageColor)
        Write-Output $msg
        foreach( $rule in $ruleset.VirtualNetworkRules ){
            $rg = $rule.VirtualNetworkResourceId.Split("/")[4]
            $vnet = $rule.VirtualNetworkResourceId.Split("/")[8]
            $msg = [String]::Format("`t`"{0}`" -> `"{1}`";",$storageAccount.StorageAccountName, $vnet)
            Write-Output $msg
        }
    }
}

# SQL Database Connections
$sqlServers = Get-AzureRmSqlServer
foreach( $sqlServer in $sqlServers ){
    $rules = Get-AzureRmSqlServerVirtualNetworkRule -ServerName $sqlServer.ServerName -ResourceGroupName $sqlServer.ResourceGroupName
    if($rules){
        $msg = [String]::Format("`t`"{0}`" {1};",$sqlServer.ServerName, $sqlColor)
        Write-Output $msg
        #$rules
        foreach( $rule in $rules ){
            #$rule
            $vnet = $rule.VirtualNetworkSubnetId.Split("/")[8]
            $msg = [String]::Format("`t`"{0}`" -> `"{1}`";",$sqlServer.ServerName, $vnet)
            Write-Output $msg
        }
    }
}

Write-Output "}"