Good morning everyone,
I am trying to write a PowerShell script that will add a deny all 0.0.0.0/0 to the HTTPS endpoint on some particular servers. I am just starting out with trying this on one VM.
I am trying to run the following:
$acl = Get-AzureVM -ServiceName "MyServiceName" -Name "MyVMName" | Get-AzureAclConfig -EndpointName "HTTPS"
Set-AzureAclConfig -AddRule -ACL $acl -Order 0 -Action Deny -RemoteSubnet "0.0.0.0/0" -Description "Deny All HTTPS"
Get-AzureVM -ServiceName "MyServiceName" -Name "MyVMName" | Set-AzureEndpoint -ACL $acl -Name "HTTPS" -Protocol TCP -PublicPort 443 -LocalPort 443 | Update-AzureVM
I have researched this process on multiple websites, and it looks the same on all. However, when I run this, I get an error and no ACL is added:
Update-AzureVM : BadRequest: Existing endpoints in LB set 'WFE' do not contain ACL.
Of course the VM does not currently contain an ACL, I am trying to add a new one!
Is this a bug? Please let me know.