Azure’s IP addresses are dynamic, and it can take a little bit of detective work to figure out who the current Azure IP ranges belong to. While there are many ways to find an Azure address, this is the most straightforward method for finding your range on Microsoft’s cloud service.
The “azure list all public ip addresses” is a command-line tool that allows you to find Azure IP ranges. This tool can be used to keep your Azure IP ranges up to date.
The public and gov clouds’ Azure IP ranges and service tags are updated regularly. Knowing these ranges and tags is essential for locating and dealing with Azure services. Fortunately, Microsoft makes this information accessible for both clouds as a single, huge JSON file. When this occurs, you may utilize tools to programmatically find this information.
This article will teach you how to:
- Where can I get the Azure IP range JSON files?
- Using JSON and PowerShell, retrieve the Azure IP range and service tag information.
- To discover current service tags, use the Get-AzNetworkServiceTag PowerShell cmdlet.
Are you ready to learn about Azure IP ranges and service tags? If that’s the case, keep reading!
In this tutorial, you’ll use PowerShell to discover the most recent Azure IP ranges, so make sure you meet the following requirements:
- Run Install-Module -Name Az to install the most recent Az PowerShell module (5.1.0 as of this writing).
- Because of changes to JSON cmdlets in PowerShell 7.1+, you might also utilize the Azure Cloud Shell.
Connect-AzAccount: Your Azure Gateway with PowerShell is related to Upgrading to PowerShell 7.
Using JSON to find Azure IP Ranges
Microsoft provides two JSON files with a list of all Azure IP ranges and service tags: one for the public cloud and one for the US government cloud (if you’re in the US).
You may just download the JSON files and check them manually if you only want to quickly locate the Azure IP ranges and service tags. However, since IP ranges vary often, it’s much preferable to set up a script to download and interpret this information on a regular basis.
A PowerShell script is provided below to save you time. This PowerShell script will download the JSON files for Azure Government and the public cloud, process them, and provide a handful of objects for you to deal with.
Copy and paste the following code into a file named Get-AzureIPRange.ps1 or something similar, then execute the script in a PowerShell terminal.
## Each JSON file’s URI must be defined. These URIs vary on a weekly basis, so make sure you update them or you’ll have possibly obsolete information! @(‘https://download.microsoft.com/download/6/4/D/64DB03BF-895B-4173-A8B1-BA4AD5D4DF22/ServiceTags AzureGovernment 20201214.json’ $jsonFileName = “$($uri.split(‘/’)[-1]).json” foreach ($uri in $jsonFileUris) $jsonFileName = “$($uri.split(‘/’)[-1]).json ## Open the JSON file. Invoke-WebRequest -Uri $null -OutFile $uri ## $jsonFileName Create an object by parsing the JSON. Get-Content -LiteralPath $json ConvertFrom-Json $jsonFileName -Raw ## Get the [pscustomobject] PowerShell object @ ## Remove the temporary JSON file ‘Cloud’ = $json.cloud ‘Values’ = $json.values.properties $jsonFileName -Path Remove-Item
When you run the script (.Get-AzureIPRange.ps1), you should get the following results. The addressPrefixes parameter is used to specify IP ranges for each area and systemService.
JSON-based Azure IP Ranges
Related: Using JSON and PowerShell to Manage REST APIs
Check out the Microsoft Regions and Availability Zones in Azure and the Products Available by Region pages for further information on what each of the returned properties represents.
Now that you’ve learned how to get Azure IP ranges using JSON files, let’s look at how to do the same thing using the Az PowerShell module cmdlets!
Using the Get-AzNetworkServiceTag cmdlet to find Azure IP Ranges
You learnt how to use the publicly accessible JSON file from Microsoft to find all the ranges you need to know in the previous part. If you don’t want to, you don’t have to download and assimilate a JSON file. The Get-AzNetworkServiceTag cmdlet in the Az module returns the same information!
Run the following command from your Azure Cloud Shell or PowerShell interface.
-Location eastus2 Get-AzNetworkServiceTag
An example of assigning the output to a variable and then examining the Values property, as shown in the previous section, is shown below.
Get-AzNetworkServiceTag cmdlet returns Azure Service Tags.
In addition, the Azure Virtual Network API, notably the Service Tags list function, may be used to locate ranges. Check out the Service Tags documentation if you want to learn more about this strategy.
Steps to Follow
You learnt how to use PowerShell to discover all of the Azure IP ranges you need to know in this post.
Now see if you can enhance the code in this post and create a more effective solution!
In order to find and keep up to date Azure IP Ranges, you will need to use the “azure wvd ip ranges” command. The command will allow you to search for all of your current IP addresses on Azure.
- microsoft public ip ranges
- azure active directory ip ranges
- azure ip ranges west europe
- azure ip ranges json
- azure whitelist ip