Adding AzureRM examples for module testing (#2)

* Initial set of AzureRM Examples

common/code-upgrade-samples/compute-create-dockerhost.ps1

@@ -0,0 +1,62 @@
+# Original source code: https://github.com/Azure/azure-docs-powershell-samples/blob/a513b6fceae51aaea1daaa8edd4d6fc66590d172/virtual-machine/create-docker-host/create-docker-host.ps1
+# Variables for common values
+$resourceGroup = "myResourceGroup"
+$location = "westeurope"
+$vmName = "myVM"
+
+# Definer user name and blank password
+$securePassword = ConvertTo-SecureString ' ' -AsPlainText -Force
+$cred = New-Object System.Management.Automation.PSCredential ("azureuser", $securePassword)
+
+# Create a resource group
+New-AzureRmResourceGroup -Name $resourceGroup -Location $location
+
+# Create a subnet configuration
+$subnetConfig = New-AzureRmVirtualNetworkSubnetConfig -Name mySubnet -AddressPrefix 192.168.1.0/24
+
+# Create a virtual network
+$vnet = New-AzureRmVirtualNetwork -ResourceGroupName $resourceGroup -Location $location `
+  -Name MYvNET -AddressPrefix 192.168.0.0/16 -Subnet $subnetConfig
+
+# Create a public IP address and specify a DNS name
+$pip = New-AzureRmPublicIpAddress -ResourceGroupName $resourceGroup -Location $location `
+  -Name "mypublicdns$(Get-Random)" -AllocationMethod Static -IdleTimeoutInMinutes 4
+
+# Create an inbound network security group rule for port 22
+$nsgRuleSSH = New-AzureRmNetworkSecurityRuleConfig -Name myNetworkSecurityGroupRuleSSH  -Protocol Tcp `
+  -Direction Inbound -Priority 1000 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * `
+  -DestinationPortRange 22 -Access Allow
+
+# Create an inbound network security group rule for port 80
+$nsgRuleHTTP = New-AzureRmNetworkSecurityRuleConfig -Name myNetworkSecurityGroupRuleHTTP  -Protocol Tcp `
+  -Direction Inbound -Priority 2000 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * `
+  -DestinationPortRange 80 -Access Allow
+
+# Create a network security group
+$nsg = New-AzureRmNetworkSecurityGroup -ResourceGroupName $resourceGroup -Location $location `
+  -Name myNetworkSecurityGroup -SecurityRules $nsgRuleSSH,$nsgRuleHTTP
+
+# Create a virtual network card and associate with public IP address and NSG
+$nic = New-AzureRmNetworkInterface -Name myNic -ResourceGroupName $resourceGroup -Location $location `
+  -SubnetId $vnet.Subnets[0].Id -PublicIpAddressId $pip.Id -NetworkSecurityGroupId $nsg.Id
+
+# Create a virtual machine configuration
+$vmConfig = New-AzureRmVMConfig -VMName $vmName -VMSize Standard_D1 | `
+Set-AzureRmVMOperatingSystem -Linux -ComputerName $vmName -Credential $cred -DisablePasswordAuthentication | `
+Set-AzureRmVMSourceImage -PublisherName Canonical -Offer UbuntuServer -Skus 14.04.2-LTS -Version latest | `
+Add-AzureRmVMNetworkInterface -Id $nic.Id
+
+# Configure SSH Keys
+$sshPublicKey = Get-Content "$env:USERPROFILE\.ssh\id_rsa.pub"
+Add-AzureRmVMSshPublicKey -VM $vmConfig -KeyData $sshPublicKey -Path "/home/azureuser/.ssh/authorized_keys"
+
+# Create a virtual machine
+New-AzureRmVM -ResourceGroupName $resourceGroup -Location $location -VM $vmConfig
+
+# Install Docker and run container
+$PublicSettings = '{"docker": {"port": "2375"},"compose": {"web": {"image": "nginx","ports": ["80:80"]}}}'
+
+Set-AzureRmVMExtension -ExtensionName "Docker" -ResourceGroupName $resourceGroup -VMName $vmName `
+  -Publisher "Microsoft.Azure.Extensions" -ExtensionType "DockerExtension" -TypeHandlerVersion 1.0 `
+  -SettingString $PublicSettings -Location $location
+  

common/code-upgrade-samples/compute-create-windowsvm-quick.ps1

@@ -0,0 +1,24 @@
+# Original source code: https://github.com/Azure/azure-docs-powershell-samples/blob/a513b6fceae51aaea1daaa8edd4d6fc66590d172/virtual-machine/create-vm-detailed/create-windows-vm-quick.ps1
+# Variables for common values
+$resourceGroup = "myResourceGroup"
+$location = "westeurope"
+$vmName = "myVM"
+
+# Create user object
+$cred = Get-Credential -Message "Enter a username and password for the virtual machine."
+
+# Create a resource group
+New-AzureRmResourceGroup -Name $resourceGroup -Location $location
+
+# Create a virtual machine
+New-AzureRmVM `
+  -ResourceGroupName $resourceGroup `
+  -Name $vmName `
+  -Location $location `
+  -ImageName "Win2016Datacenter" `
+  -VirtualNetworkName "myVnet" `
+  -SubnetName "mySubnet" `
+  -SecurityGroupName "myNetworkSecurityGroup" `
+  -PublicIpAddressName "myPublicIp" `
+  -Credential $cred `
+  -OpenPorts 3389

common/code-upgrade-samples/compute-create-wordpress-mysql.ps1

@@ -0,0 +1,62 @@
+# Original source code: https://github.com/Azure/azure-docs-powershell-samples/blob/a513b6fceae51aaea1daaa8edd4d6fc66590d172/virtual-machine/create-wordpress-mysql/create-wordpress-mysql.ps1
+# Variables for common values
+$resourceGroup = "myResourceGroup"
+$location = "westeurope"
+$vmName = "myVM"
+
+# Definer user name and blank password
+$securePassword = ConvertTo-SecureString ' ' -AsPlainText -Force
+$cred = New-Object System.Management.Automation.PSCredential ("azureuser", $securePassword)
+
+# Create a resource group
+New-AzureRmResourceGroup -Name $resourceGroup -Location $location
+
+# Create a subnet configuration
+$subnetConfig = New-AzureRmVirtualNetworkSubnetConfig -Name mySubnet -AddressPrefix 192.168.1.0/24
+
+# Create a virtual network
+$vnet = New-AzureRmVirtualNetwork -ResourceGroupName $resourceGroup -Location $location `
+  -Name MYvNET -AddressPrefix 192.168.0.0/16 -Subnet $subnetConfig
+
+# Create a public IP address and specify a DNS name
+$pip = New-AzureRmPublicIpAddress -ResourceGroupName $resourceGroup -Location $location `
+  -Name "mypublicdns$(Get-Random)" -AllocationMethod Static -IdleTimeoutInMinutes 4
+
+# Create an inbound network security group rule for port 22
+$nsgRuleSSH = New-AzureRmNetworkSecurityRuleConfig -Name myNetworkSecurityGroupRuleSSH  -Protocol Tcp `
+  -Direction Inbound -Priority 1000 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * `
+  -DestinationPortRange 22 -Access Allow
+
+# Create an inbound network security group rule for port 80
+$nsgRuleHTTP = New-AzureRmNetworkSecurityRuleConfig -Name myNetworkSecurityGroupRuleHTTP  -Protocol Tcp `
+  -Direction Inbound -Priority 2000 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * `
+  -DestinationPortRange 80 -Access Allow
+
+# Create a network security group
+$nsg = New-AzureRmNetworkSecurityGroup -ResourceGroupName $resourceGroup -Location $location `
+  -Name myNetworkSecurityGroup -SecurityRules $nsgRuleSSH,$nsgRuleHTTP
+
+# Create a virtual network card and associate with public IP address and NSG
+$nic = New-AzureRmNetworkInterface -Name myNic -ResourceGroupName $resourceGroup -Location $location `
+  -SubnetId $vnet.Subnets[0].Id -PublicIpAddressId $pip.Id -NetworkSecurityGroupId $nsg.Id
+
+# Create a virtual machine configuration
+$vmConfig = New-AzureRmVMConfig -VMName $vmname -VMSize Standard_D1 | `
+Set-AzureRmVMOperatingSystem -Linux -ComputerName $vmName -Credential $cred -DisablePasswordAuthentication | `
+Set-AzureRmVMSourceImage -PublisherName Canonical -Offer UbuntuServer -Skus 14.04.2-LTS -Version latest | `
+Add-AzureRmVMNetworkInterface -Id $nic.Id
+
+# Configure SSH Keys
+$sshPublicKey = Get-Content "$env:USERPROFILE\.ssh\id_rsa.pub"
+Add-AzureRmVMSshPublicKey -VM $vmconfig -KeyData $sshPublicKey -Path "/home/azureuser/.ssh/authorized_keys"
+
+# Create a virtual machine
+New-AzureRmVM -ResourceGroupName $resourceGroup -Location $location -VM $vmConfig
+
+# Start a CustomScript extension to use a simple bash script to update, download and install WordPress and MySQL 
+$PublicSettings = '{"fileUris":["https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/wordpress-single-vm-ubuntu/install_wordpress.sh"],"commandToExecute":"sh install_wordpress.sh"}'
+
+Set-AzureRmVMExtension -ExtensionName "WordPress" -ResourceGroupName $resourceGroup -VMName $vmName `
+  -Publisher "Microsoft.Azure.Extensions" -ExtensionType "CustomScript" -TypeHandlerVersion 2.0 `
+  -SettingString $PublicSettings `
+  -Location $location

common/code-upgrade-samples/devtestlab-add-marketplace-image-to-lab.ps1

@@ -0,0 +1,134 @@
+# Original source code: https://github.com/Azure/azure-docs-powershell-samples/blob/71fcfc532af8b49361c7b64ade40b36d175c3d20/devtest-lab/add-marketplace-images-to-lab/add-marketplace-images-to-lab.ps1 
+
+param
+(
+    [Parameter(Mandatory=$true, HelpMessage="The name of the DevTest Lab to update")]
+    [string] $DevTestLabName,
+
+    [Parameter(Mandatory=$true, HelpMessage="The array of Marketplace Image names to enable")]
+    [Array] $ImagesToAdd
+)
+
+function Get-Lab
+{
+    $lab = Find-AzureRmResource -ResourceType 'Microsoft.DevTestLab/labs' -ResourceNameEquals $DevTestLabName
+
+    if(!$lab)
+    {
+        throw "Lab named $DevTestLabName was not found"
+    }
+    
+    return $lab
+}
+
+function Get-PolicyChanges ($lab)
+{
+    #start by finding the existing policy
+    $script:labResourceName = $lab.Name + '/default'
+    $existingPolicy = (Get-AzureRmResource -ResourceType 'Microsoft.DevTestLab/labs/policySets/policies' -ResourceName $labResourceName -ResourceGroupName $lab.ResourceGroupName -ApiVersion 2016-05-15) | Where-Object {$_.Name -eq 'GalleryImage'}
+    if($existingPolicy)
+    {
+        $existingImages = [Array] (ConvertFrom-Json $existingPolicy.Properties.threshold)
+        $savePolicyChanges = $false
+    }
+    else
+    {
+        $existingImages =  @()
+        $savePolicyChanges = $true
+    }
+
+    if($existingPolicy.Properties.threshold -eq '[]')
+    {
+        Write-Output "Skipping $($lab.Name) because it currently allows all marketplace images"
+        return
+    }
+
+    $allAvailableImages = Get-AzureRmResource -ResourceType Microsoft.DevTestLab/labs/galleryImages -ResourceName $lab.Name -ResourceGroupName $lab.ResourceGroupName -ApiVersion 2017-04-26-preview
+    $finalImages = $existingImages
+
+    # loop through the requested images and add them to the finalImages list if they arent already there
+    foreach($image in $ImagesToAdd)
+    {
+        $imageObject = $allAvailableImages | Where-Object {$_.Name -eq $image}
+        
+        if(!$imageObject)
+        {
+            throw "Image $image is not available in the lab"
+        }
+
+        $addImage = $true
+        $parsedAvailableImage = $imageObject.Properties.imageReference
+
+        foreach($finalImage in $finalImages)
+        {
+            # determine whether or not the requested image is already allowed in this lab
+            $parsedFinalImg = ConvertFrom-Json $finalImage
+
+            if($parsedFinalImg.offer -eq $parsedAvailableImage.offer -and $parsedFinalImg.publisher -eq $parsedAvailableImage.publisher -and $parsedFinalImg.sku -eq $parsedAvailableImage.sku -and $parsedFinalImg.osType -eq $parsedAvailableImage.osType -and $parsedFinalImg.version -eq $parsedAvailableImage.version)
+            {
+                $addImage = $false
+                break
+            }
+        }
+
+        if($addImage)
+        {
+            Write-Output "  Adding image $image to the lab"
+            $finalImages += ConvertTo-Json $parsedAvailableImage -Compress
+            $savePolicyChanges = $true
+        }
+    }
+
+    if(!$savePolicyChanges)
+    {
+        Write-Output "No policy changes required for allowed Marketplace Images in lab $($lab.Name)"
+    }
+
+    return @{
+        existingPolicy = $existingPolicy
+        savePolicyChanges = $savePolicyChanges
+        finalImages = $finalImages
+    }
+}
+
+function Set-PolicyChanges ($lab, $policyChanges)
+{
+    if($policyChanges.savePolicyChanges)
+    {
+        $thresholdValue = '["'
+        for($i = 0; $i -lt $policyChanges.finalImages.Length; $i++)
+        {
+            $value = $policyChanges.finalImages[$i]
+            if($i -ne 0)
+            {
+                $thresholdValue = $thresholdValue + '","'
+            }
+
+            $thresholdValue = $thresholdValue + $value.Replace('"', '\"')
+        }
+        $thresholdValue = $thresholdValue + '"]'
+
+        $policyObj = @{
+            status = 'Enabled'
+            factName = 'GalleryImage'
+            threshold = $thresholdValue
+            evaluatorType = 'AllowedValuesPolicy'
+        }
+
+        $resourceType = "Microsoft.DevTestLab/labs/policySets/policies/galleryimage"
+        if($policyChanges.existingPolicy)
+        {
+            Write-Output "Updating $($lab.Name) Marketplace Images policy"
+            Set-AzureRmResource -ResourceType $resourceType -ResourceName $labResourceName -ResourceGroupName $lab.ResourceGroupName -ApiVersion 2017-04-26-preview -Properties $policyObj -Force
+        }
+        else
+        {
+            Write-Output "Creating $($lab.Name) Marketplace Images policy"
+            New-AzureRmResource -ResourceType $resourceType -ResourceName $labResourceName -ResourceGroupName $lab.ResourceGroupName -ApiVersion 2017-04-26-preview -Properties $policyObj -Force
+        }
+    }
+}
+
+$lab = Get-Lab
+$policyChanges = Get-PolicyChanges $lab
+Set-PolicyChanges $lab $policyChanges

common/code-upgrade-samples/network-create-vm-two-nics.ps1

@@ -0,0 +1,81 @@
+#Original source code: https://github.com/Azure/azure-docs-powershell-samples/blob/26f8f493b3c83d23365c2d4a1c4be90ecece1dd4/virtual-network/vm-with-two-nics/vm-with-two-nics.ps1
+# Variables for common values
+$rgName='MyResourceGroup'
+$location='eastus'
+
+# Create user object
+$cred = Get-Credential -Message 'Enter a username and password for the virtual machine.'
+
+# Create a resource group.
+New-AzureRmResourceGroup -Name $rgName -Location $location
+
+# Create a virtual network with a front-end subnet and back-end subnet.
+$fesubnet = New-AzureRmVirtualNetworkSubnetConfig -Name 'MySubnet-FrontEnd' -AddressPrefix '10.0.1.0/24'
+$besubnet = New-AzureRmVirtualNetworkSubnetConfig -Name 'MySubnet-BackEnd' -AddressPrefix '10.0.2.0/24'
+$vnet = New-AzureRmVirtualNetwork -ResourceGroupName $rgName -Name 'MyVnet' -AddressPrefix '10.0.0.0/16' `
+  -Location $location -Subnet $fesubnet, $besubnet
+
+# Create NSG rules to allow HTTP & HTTPS traffic inbound.
+$rule1 = New-AzureRmNetworkSecurityRuleConfig -Name 'Allow-HTTP-ALL' -Description 'Allow HTTP' `
+  -Access Allow -Protocol Tcp -Direction Inbound -Priority 100 `
+  -SourceAddressPrefix Internet -SourcePortRange * `
+  -DestinationAddressPrefix * -DestinationPortRange 80
+
+$rule2 = New-AzureRmNetworkSecurityRuleConfig -Name 'Allow-HTTPS-All' -Description 'Allow HTTPS' `
+  -Access Allow -Protocol Tcp -Direction Inbound -Priority 200 `
+  -SourceAddressPrefix Internet -SourcePortRange * `
+  -DestinationAddressPrefix * -DestinationPortRange 80
+
+# Create an NSG rule to allow RDP traffic from the Internet to the front-end subnet.
+$rule2 = New-AzureRmNetworkSecurityRuleConfig -Name 'Allow-RDP-All' -Description "Allow RDP" `
+  -Access Allow -Protocol Tcp -Direction Inbound -Priority 300 `
+  -SourceAddressPrefix Internet -SourcePortRange * `
+  -DestinationAddressPrefix * -DestinationPortRange 3389
+
+# Create a network security group (NSG) for the front-end subnet.
+$nsg = New-AzureRmNetworkSecurityGroup -ResourceGroupName $RgName -Location $location `
+  -Name "MyNsg-FrontEnd" -SecurityRules $rule1,$rule2,$rule3
+
+# Associate the front-end NSG to the front-end subnet.
+Set-AzureRmVirtualNetworkSubnetConfig -VirtualNetwork $vnet -Name 'MySubnet-FrontEnd' `
+  -AddressPrefix 10.0.1.0/24 -NetworkSecurityGroup $nsgfe
+
+# Create an NSG rule to block all outbound traffic from the back-end subnet to the Internet (inbound blocked by default).
+$rule1 = New-AzureRmNetworkSecurityRuleConfig -Name 'Deny-Internet-All' -Description 'Deny Internet All' `
+  -Access Deny -Protocol Tcp -Direction Outbound -Priority 300 `
+  -SourceAddressPrefix * -SourcePortRange * `
+  -DestinationAddressPrefix * -DestinationPortRange *
+
+# Create a network security group for back-end subnet.
+$nsgbe = New-AzureRmNetworkSecurityGroup -ResourceGroupName $RgName -Location $location `
+  -Name 'MyNsg-BackEnd' -SecurityRules $rule1
+
+# Associate the back-end NSG to the back-end subnet.
+Set-AzureRmVirtualNetworkSubnetConfig -VirtualNetwork $vnet -Name 'MySubnet-BackEnd' `
+  -AddressPrefix 10.0.2.0/24 -NetworkSecurityGroup $nsgbe
+
+# Create a public IP addresses for the VM front-end network interface.
+$publicipvm = New-AzureRmPublicIpAddress -ResourceGroupName $rgName -Name 'MyPublicIp-FrontEnd' `
+  -location $location -AllocationMethod Dynamic
+
+
+# Create a network interface for the VM attached to the front-end subnet.
+$nicVMfe = New-AzureRmNetworkInterface -ResourceGroupName $rgName -Location $location `
+  -Name 'MyNic-FrontEnd' -PublicIpAddress $publicipvm -Subnet $vnet.Subnets[0]
+
+# Create a network interface for the VM attached to the back-end subnet.
+$nicVMbe = New-AzureRmNetworkInterface -ResourceGroupName $rgName -Location $location `
+  -Name 'MyNic-BackEnd' -Subnet $vnet.Subnets[1]
+
+# Create the VM with both the FrontEnd and BackEnd NICs.
+$vmConfig = New-AzureRmVMConfig -VMName 'MyVm' -VMSize 'Standard_DS2' | `
+  Set-AzureRmVMOperatingSystem -Windows -ComputerName 'MyVm' -Credential $cred | `
+  Set-AzureRmVMSourceImage -PublisherName 'MicrosoftWindowsServer' -Offer 'WindowsServer' `
+  -Skus '2016-Datacenter' -Version 'latest'
+    
+$vmconfig = Add-AzureRmVMNetworkInterface -VM $vmConfig -id $nicVMfe.Id -Primary
+$vmconfig = Add-AzureRmVMNetworkInterface -VM $vmConfig -id $nicVMbe.Id
+
+# Create a virtual machine
+$vm = New-AzureRmVM -ResourceGroupName $rgName -Location $location -VM $vmConfig
+

common/code-upgrade-samples/network-peer-two-virtual-networks.ps1

@@ -0,0 +1,19 @@
+# Original source code: https://github.com/Azure/azure-docs-powershell-samples/tree/26f8f493b3c83d23365c2d4a1c4be90ecece1dd4/virtual-network/peer-two-virtual-networks
+# Variables for common values
+$rgName='MyResourceGroup'
+$location='eastus'
+
+# Create a resource group.
+New-AzureRmResourceGroup -Name $rgName -Location $location
+
+# Create virtual network 1.
+$vnet1 = New-AzureRmVirtualNetwork -ResourceGroupName $rgName -Name 'Vnet1' -AddressPrefix '10.0.0.0/16' -Location $location
+
+# Create virtual network 2.
+$vnet2 = New-AzureRmVirtualNetwork -ResourceGroupName $rgName -Name 'Vnet2' -AddressPrefix '10.1.0.0/16' -Location $location
+
+# Peer VNet1 to VNet2.
+Add-AzureRmVirtualNetworkPeering -Name 'LinkVnet1ToVnet2' -VirtualNetwork $vnet1 -RemoteVirtualNetworkId $vnet2.Id
+
+# Peer VNet2 to VNet1.
+Add-AzureRmVirtualNetworkPeering -Name 'LinkVnet2ToVnet1' -VirtualNetwork $vnet2 -RemoteVirtualNetworkId $vnet1.Id

common/code-upgrade-samples/network-route-traffic-through-nva.ps1

@@ -0,0 +1,86 @@
+# Original source code: https://github.com/Azure/azure-docs-powershell-samples/blob/26f8f493b3c83d23365c2d4a1c4be90ecece1dd4/virtual-network/route-traffic-through-nva/route-traffic-through-nva.ps1
+# Variables for common values
+$rgName='MyResourceGroup'
+$location='eastus'
+
+# Create user object
+$cred = Get-Credential -Message 'Enter a username and password for the virtual machine.'
+
+# Create a resource group.
+New-AzureRmResourceGroup -Name $rgName -Location $location
+
+# Create a virtual network, a front-end subnet, a back-end subnet, and a DMZ subnet.
+$fesubnet = New-AzureRmVirtualNetworkSubnetConfig -Name 'MySubnet-FrontEnd' -AddressPrefix 10.0.1.0/24
+$besubnet = New-AzureRmVirtualNetworkSubnetConfig -Name 'MySubnet-BackEnd' -AddressPrefix 10.0.2.0/24
+$dmzsubnet = New-AzureRmVirtualNetworkSubnetConfig -Name 'MySubnet-Dmz' -AddressPrefix 10.0.0.0/24
+
+$vnet = New-AzureRmVirtualNetwork -ResourceGroupName $rgName -Name 'MyVnet' -AddressPrefix 10.0.0.0/16 `
+  -Location $location -Subnet $fesubnet, $besubnet, $dmzsubnet
+
+# Create NSG rules to allow HTTP & HTTPS traffic inbound.
+$rule1 = New-AzureRmNetworkSecurityRuleConfig -Name 'Allow-HTTP-ALL' -Description 'Allow HTTP' `
+  -Access Allow -Protocol Tcp -Direction Inbound -Priority 100 `
+  -SourceAddressPrefix Internet -SourcePortRange * `
+  -DestinationAddressPrefix * -DestinationPortRange 80
+
+$rule2 = New-AzureRmNetworkSecurityRuleConfig -Name 'Allow-HTTPS-All' -Description 'Allow HTTPS' `
+  -Access Allow -Protocol Tcp -Direction Inbound -Priority 200 `
+  -SourceAddressPrefix Internet -SourcePortRange * `
+  -DestinationAddressPrefix * -DestinationPortRange 443
+
+# Create a network security group (NSG) for the front-end subnet.
+$nsg = New-AzureRmNetworkSecurityGroup -ResourceGroupName $RgName -Location $location `
+-Name 'MyNsg-FrontEnd' -SecurityRules $rule1,$rule2
+
+# Associate the front-end NSG to the front-end subnet.
+Set-AzureRmVirtualNetworkSubnetConfig -VirtualNetwork $vnet -Name 'MySubnet-FrontEnd' `
+  -AddressPrefix '10.0.1.0/24' -NetworkSecurityGroup $nsg
+
+# Create a public IP address for the firewall VM.
+$publicip = New-AzureRmPublicIpAddress -ResourceGroupName $rgName -Name 'MyPublicIP-Firewall' `
+  -location $location -AllocationMethod Dynamic
+
+# Create a NIC for the firewall VM and enable IP forwarding.
+$nicVMFW = New-AzureRmNetworkInterface -ResourceGroupName $rgName -Location $location -Name 'MyNic-Firewall' `
+  -PublicIpAddress $publicip -Subnet $vnet.Subnets[2] -EnableIPForwarding
+
+#Create a firewall VM to accept all traffic between the front and back-end subnets.
+$vmConfig = New-AzureRmVMConfig -VMName 'MyVm-Firewall' -VMSize Standard_DS2 | `
+    Set-AzureRmVMOperatingSystem -Windows -ComputerName 'MyVm-Firewall' -Credential $cred | `
+    Set-AzureRmVMSourceImage -PublisherName MicrosoftWindowsServer -Offer WindowsServer `
+    -Skus 2016-Datacenter -Version latest | Add-AzureRmVMNetworkInterface -Id $nicVMFW.Id
+    
+$vm = New-AzureRmVM -ResourceGroupName $rgName -Location $location -VM $vmConfig
+
+# Create a route for traffic from the front-end to the back-end subnet through the firewall VM.
+$route = New-AzureRmRouteConfig -Name 'RouteToBackEnd' -AddressPrefix 10.0.2.0/24 `
+  -NextHopType VirtualAppliance -NextHopIpAddress $nicVMFW.IpConfigurations[0].PrivateIpAddress
+
+# Create a route for traffic from the front-end subnet to the Internet through the firewall VM.
+$route2 = New-AzureRmRouteConfig -Name 'RouteToInternet' -AddressPrefix 0.0.0.0/0 `
+  -NextHopType VirtualAppliance -NextHopIpAddress $nicVMFW.IpConfigurations[0].PrivateIpAddress
+
+# Create route table for the FrontEnd subnet.
+$routeTableFEtoBE = New-AzureRmRouteTable -Name 'MyRouteTable-FrontEnd' -ResourceGroupName $rgName `
+  -location $location -Route $route, $route2
+
+# Associate the route table to the FrontEnd subnet.
+Set-AzureRmVirtualNetworkSubnetConfig -VirtualNetwork $vnet -Name 'MySubnet-FrontEnd' -AddressPrefix 10.0.1.0/24 `
+  -NetworkSecurityGroup $nsg -RouteTable $routeTableFEtoBE
+  
+# Create a route for traffic from the back-end subnet to the front-end subnet through the firewall VM.
+$route = New-AzureRmRouteConfig -Name 'RouteToFrontEnd' -AddressPrefix '10.0.1.0/24' -NextHopType VirtualAppliance `
+  -NextHopIpAddress $nicVMFW.IpConfigurations[0].PrivateIPAddress
+
+# Create a route for traffic from the back-end subnet to the Internet through the firewall VM.
+$route2 = New-AzureRmRouteConfig -Name 'RouteToInternet' -AddressPrefix '0.0.0.0/0' -NextHopType VirtualAppliance `
+  -NextHopIpAddress $nicVMFW.IpConfigurations[0].PrivateIPAddress
+
+# Create route table for the BackEnd subnet.
+$routeTableBE = New-AzureRmRouteTable -Name 'MyRouteTable-BackEnd' -ResourceGroupName $rgName `
+  -location $location -Route $route, $route2
+
+# Associate the route table to the BackEnd subnet.
+Set-AzureRmVirtualNetworkSubnetConfig -VirtualNetwork $vnet -Name 'MySubnet-BackEnd' `
+  -AddressPrefix '10.0.2.0/24' -RouteTable $routeTableBE
+  

common/code-upgrade-samples/sqldb-create-and-configure-database.ps1

@@ -0,0 +1,39 @@
+# Original source codet: https://github.com/Azure/azure-docs-powershell-samples/blob/5513f8ea73e2b9630311d7ea27372cddc4e65cae/sql-database/create-and-configure-database/create-and-configure-database.ps1
+# Login-AzureRmAccount
+# Set the resource group name and location for your server
+$resourcegroupname = "myResourceGroup-$(Get-Random)"
+$location = "southcentralus"
+# Set an admin login and password for your server
+$adminlogin = "ServerAdmin"
+$password = "ChangeYourAdminPassword1"
+# Set server name - the logical server name has to be unique in the system
+$servername = "server-$(Get-Random)"
+# The sample database name
+$databasename = "mySampleDatabase"
+# The ip address range that you want to allow to access your server
+$startip = "0.0.0.0"
+$endip = "0.0.0.0"
+
+# Create a resource group
+$resourcegroup = New-AzureRmResourceGroup -Name $resourcegroupname -Location $location
+
+# Create a server with a system wide unique server name
+$server = New-AzureRmSqlServer -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -Location $location `
+    -SqlAdministratorCredentials $(New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $adminlogin, $(ConvertTo-SecureString -String $password -AsPlainText -Force))
+
+# Create a server firewall rule that allows access from the specified IP range
+$serverfirewallrule = New-AzureRmSqlServerFirewallRule -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -FirewallRuleName "AllowedIPs" -StartIpAddress $startip -EndIpAddress $endip
+
+# Create a blank database with an S0 performance level
+$database = New-AzureRmSqlDatabase  -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -DatabaseName $databasename `
+    -RequestedServiceObjectiveName "S0" `
+    -SampleName "AdventureWorksLT"
+
+# Clean up deployment 
+# Remove-AzureRmResourceGroup -ResourceGroupName $resourcegroupname

common/code-upgrade-samples/sqldb-import-from-bacpac.ps1

@@ -0,0 +1,90 @@
+# Original source code: https://github.com/Azure/azure-docs-powershell-samples/blob/5513f8ea73e2b9630311d7ea27372cddc4e65cae/sql-database/import-from-bacpac/import-from-bacpac.ps1
+# Login-AzureRmAccount
+# Set the resource group name and location for your server
+$resourcegroupname = "myResourceGroup-$(Get-Random)"
+$location = "westeurope"
+# Set an admin login and password for your server
+$adminlogin = "ServerAdmin"
+$password = "ChangeYourAdminPassword1"
+# Set server name - the logical server name has to be unique in the system
+$servername = "server-$(Get-Random)"
+# The sample database name
+$databasename = "myImportedDatabase"
+# The storage account name and storage container name
+$storageaccountname = "sqlimport$(Get-Random)"
+$storagecontainername = "importcontainer$(Get-Random)"
+# BACPAC file name
+$bacpacfilename = "sample.bacpac"
+# The ip address range that you want to allow to access your server
+$startip = "0.0.0.0"
+$endip = "0.0.0.0"
+
+# Create a resource group
+$resourcegroup = New-AzureRmResourceGroup -Name $resourcegroupname -Location $location
+
+# Create a storage account 
+$storageaccount = New-AzureRmStorageAccount -ResourceGroupName $resourcegroupname `
+    -AccountName $storageaccountname `
+    -Location $location `
+    -Type "Standard_LRS"
+
+# Create a storage container 
+$storagecontainer = New-AzureStorageContainer -Name $storagecontainername `
+    -Context $(New-AzureStorageContext -StorageAccountName $storageaccountname `
+        -StorageAccountKey $(Get-AzureRmStorageAccountKey -ResourceGroupName $resourcegroupname -StorageAccountName $storageaccountname).Value[0])
+
+# Download sample database from Github
+[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 #required by Github
+Invoke-WebRequest -Uri "https://github.com/Microsoft/sql-server-samples/releases/download/wide-world-importers-v1.0/WideWorldImporters-Standard.bacpac" -OutFile $bacpacfilename
+
+# Upload sample database into storage container
+Set-AzureStorageBlobContent -Container $storagecontainername `
+    -File $bacpacfilename `
+    -Context $(New-AzureStorageContext -StorageAccountName $storageaccountname `
+        -StorageAccountKey $(Get-AzureRmStorageAccountKey -ResourceGroupName $resourcegroupname -StorageAccountName $storageaccountname).Value[0])
+
+# Create a new server with a system wide unique server name
+$server = New-AzureRmSqlServer -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -Location $location `
+    -SqlAdministratorCredentials $(New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $adminlogin, $(ConvertTo-SecureString -String $password -AsPlainText -Force))
+
+# Create a server firewall rule that allows access from the specified IP range
+$serverfirewallrule = New-AzureRmSqlServerFirewallRule -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -FirewallRuleName "AllowedIPs" -StartIpAddress $startip -EndIpAddress $endip
+
+# Import bacpac to database with an S3 performance level
+$importRequest = New-AzureRmSqlDatabaseImport -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -DatabaseName $databasename `
+    -DatabaseMaxSizeBytes "262144000" `
+    -StorageKeyType "StorageAccessKey" `
+    -StorageKey $(Get-AzureRmStorageAccountKey -ResourceGroupName $resourcegroupname -StorageAccountName $storageaccountname).Value[0] `
+    -StorageUri "http://$storageaccountname.blob.core.windows.net/$storagecontainername/$bacpacfilename" `
+    -Edition "Standard" `
+    -ServiceObjectiveName "S3" `
+    -AdministratorLogin "$adminlogin" `
+    -AdministratorLoginPassword $(ConvertTo-SecureString -String $password -AsPlainText -Force)
+
+# Check import status and wait for the import to complete
+$importStatus = Get-AzureRmSqlDatabaseImportExportStatus -OperationStatusLink $importRequest.OperationStatusLink
+[Console]::Write("Importing")
+while ($importStatus.Status -eq "InProgress")
+{
+    $importStatus = Get-AzureRmSqlDatabaseImportExportStatus -OperationStatusLink $importRequest.OperationStatusLink
+    [Console]::Write(".")
+    Start-Sleep -s 10
+}
+[Console]::WriteLine("")
+$importStatus
+
+# Scale down to S0 after import is complete
+Set-AzureRmSqlDatabase -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -DatabaseName $databasename  `
+    -Edition "Standard" `
+    -RequestedServiceObjectiveName "S0"
+
+# Clean up deployment 
+# Remove-AzureRmResourceGroup -ResourceGroupName $resourcegroupname

common/code-upgrade-samples/sqldb-move-database-between-pools-and-standalone.ps1

@@ -0,0 +1,74 @@
+# Original source code: https://github.com/Azure/azure-docs-powershell-samples/blob/5513f8ea73e2b9630311d7ea27372cddc4e65cae/sql-database/move-database-between-pools-and-standalone/move-database-between-pools-and-standalone.ps1
+# Login-AzureRmAccount
+# Set the resource group name and location for your server
+$resourcegroupname = "myResourceGroup-$(Get-Random)"
+$location = "southcentralus"
+# Set elastic poool names
+$firstpoolname = "MyFirstPool"
+$secondpoolname = "MySecondPool"
+# Set an admin login and password for your server
+$adminlogin = "ServerAdmin"
+$password = "ChangeYourAdminPassword1"
+# The logical server name has to be unique in the system
+$servername = "server-$(Get-Random)"
+# The sample database names
+$firstdatabasename = "myFirstSampleDatabase"
+$seconddatabasename = "mySecondSampleDatabase"
+# The ip address range that you want to allow to access your server
+$startip = "0.0.0.0"
+$endip = "0.0.0.0"
+
+# Create a new resource group
+$resourcegroup = New-AzureRmResourceGroup -Name $resourcegroupname -Location $location
+
+# Create a new server with a system wide unique server name
+$server = New-AzureRmSqlServer -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -Location $location `
+    -SqlAdministratorCredentials $(New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $adminlogin, $(ConvertTo-SecureString -String $password -AsPlainText -Force))
+
+# Create a server firewall rule that allows access from the specified IP range
+$serverfirewallrule = New-AzureRmSqlServerFirewallRule -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -FirewallRuleName "AllowedIPs" -StartIpAddress $startip -EndIpAddress $endip
+
+# Create two elastic database pools
+$firstpool = New-AzureRmSqlElasticPool -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -ElasticPoolName $firstpoolname `
+    -Edition "Standard" `
+    -Dtu 50 `
+    -DatabaseDtuMin 10 `
+    -DatabaseDtuMax 20
+$secondpool = New-AzureRmSqlElasticPool -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -ElasticPoolName $secondpoolname `
+    -Edition "Standard" `
+    -Dtu 50 `
+    -DatabaseDtuMin 10 `
+    -DatabaseDtuMax 50
+
+# Create two blank databases in the first pool
+$firstdatabase = New-AzureRmSqlDatabase  -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -DatabaseName $firstdatabasename `
+    -ElasticPoolName $firstpoolname
+$seconddatabase = New-AzureRmSqlDatabase  -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -DatabaseName "MySecondSampleDatabase" `
+    -ElasticPoolName "MySecondPool"
+
+# Move the database to the second pool
+$firstdatabase = Set-AzureRmSqlDatabase -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -DatabaseName $firstdatabasename `
+    -ElasticPoolName $secondpoolname
+
+# Move the database into a standalone performance level
+$firstdatabase = Set-AzureRmSqlDatabase -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -DatabaseName $firstdatabasename `
+    -RequestedServiceObjectiveName "S0"
+
+# Clean up deployment 
+# Remove-AzureRmResourceGroup -ResourceGroupName $resourcegroupname

common/code-upgrade-samples/sqldb-restore-database.ps1

@@ -0,0 +1,88 @@
+# Original source code: https://github.com/Azure/azure-docs-powershell-samples/blob/5513f8ea73e2b9630311d7ea27372cddc4e65cae/sql-database/restore-database/restore-database.ps1
+# Login-AzureRmAccount
+# Set the resource group name and location for your server
+$resourcegroupname = "myResourceGroup-$(Get-Random)"
+$location = "westeurope"
+# Set an admin login and password for your server
+$adminlogin = "ServerAdmin"
+$password = "ChangeYourAdminPassword1"
+# Set server name - the logical server name has to be unique in the system
+$servername = "server-$(Get-Random)"
+# The sample database name
+$databasename = "mySampleDatabase"
+# The restored database names
+$georestoredatabasename = "MySampleDatabase_GeoRestore"
+$pointintimerestoredatabasename = "MySampleDatabase_10MinutesAgo"
+$deleteddatabaserestorename = "MySampleDatabase_DeletedRestore"
+# The ip address range that you want to allow to access your server
+$startip = "0.0.0.0"
+$endip = "0.0.0.0"
+
+
+# Create a resource group
+$resourcegroup = New-AzureRmResourceGroup -Name $resourcegroupname -Location $location
+
+# Create a server with a system wide unique server name
+$server = New-AzureRmSqlServer -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -Location $location `
+    -SqlAdministratorCredentials $(New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $adminlogin, $(ConvertTo-SecureString -String $password -AsPlainText -Force))
+
+# Create a server firewall rule that allows access from the specified IP range
+$firewallrule = New-AzureRmSqlServerFirewallRule -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -FirewallRuleName "AllowedIPs" -StartIpAddress $startip -EndIpAddress $endip
+
+# Create a blank database with an S0 performance level
+$database = New-AzureRmSqlDatabase  -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -DatabaseName $databasename `
+    -RequestedServiceObjectiveName "S0" 
+
+# Restore database from latest geo-redundant backup into existing server 
+# Note: Check to see that backups are created and ready to restore from geo-redundant backup
+# Important: If no backup exists, you will get an error indicating that no backups exist for the server specified
+Get-AzureRmSqlDatabaseGeoBackup -ResourceGroupName $resourcegroupname -ServerName $servername 
+Get-AzureRmSqlDatabaseGeoBackup -ResourceGroupName $resourcegroupname -ServerName $servername -DatabaseName $databasename
+# Do not continue until a backup exists
+Restore-AzureRmSqlDatabase `
+    -FromGeoBackup `
+    -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -TargetDatabaseName $georestoredatabasename `
+    -ResourceId $database.ResourceID `
+    -Edition "Standard" `
+    -ServiceObjectiveName "S0"
+
+# Restore database to its state 10 minutes ago
+# Note: Point-in-time restore requires database to be at least 5 minutes old
+Restore-AzureRmSqlDatabase `
+      -FromPointInTimeBackup `
+      -PointInTime (Get-Date).AddMinutes(-10) `
+      -ResourceGroupName $resourcegroupname `
+      -ServerName $servername `
+      -TargetDatabaseName $pointintimerestoredatabasename `
+      -ResourceId $database.ResourceID `
+      -Edition "Standard" `
+      -ServiceObjectiveName "S0"
+
+# Delete original database
+Remove-AzureRmSqlDatabase -ResourceGroupName $resourcegroupname -ServerName $servername -DatabaseName $databasename
+
+# Restore deleted database 
+# Note: Check to see that the Get-AzureRmSqlDeletedDatabaseBackup cmdlet returns a deletion date (may take a few minutes). 
+# Important: If no backup exists, no value will be returned.
+$deleteddatabase = Get-AzureRmSqlDeletedDatabaseBackup -ResourceGroupName $resourcegroupname -ServerName $servername -DatabaseName $databasename
+$deleteddatabase
+# Do not continue until the cmdlet returns information about the deleted database.
+Restore-AzureRmSqlDatabase -FromDeletedDatabaseBackup `
+    -ResourceGroupName $resourcegroupname `
+    -ServerName $servername `
+    -TargetDatabaseName $deleteddatabaserestorename `
+    -ResourceId $deleteddatabase.ResourceID `
+    -DeletionDate $deleteddatabase.DeletionDate `
+    -Edition "Standard" `
+    -ServiceObjectiveName "S0"
+
+# Clean up deployment 
+# Remove-AzureRmResourceGroup -ResourceGroupName $resourcegroupname

common/code-upgrade-samples/webapp-back-restore.ps1

@@ -0,0 +1,15 @@
+# Original source code: https://github.com/Azure/azure-docs-powershell-samples/blob/77c8876ed0d79ba5538e3e583fe03aa514ae7661/app-service/backup-restore/backup-restore.ps1
+$resourceGroupName = "myResourceGroup"
+$webappname = "<replace-with-your-app-name>"
+
+
+# List statuses of all backups that are complete or currently executing.
+Get-AzureRmWebAppBackupList -ResourceGroupName $resourceGroupName -Name $webappname
+
+# Note the BackupID property of the backup you want to restore
+
+# Get the backup object that you want to restore by specifying the BackupID
+$backup = (Get-AzureRmWebAppBackupList -ResourceGroupName $resourceGroupName -Name $webappname | where {$_.BackupId -eq <replace-with-BackupID>}) 
+
+# Restore the app by overwriting it with the backup data
+$backup | Restore-AzureRmWebAppBackup -Overwrite

common/code-upgrade-samples/webapp-creat-from-github.ps1

@@ -0,0 +1,22 @@
+# Original source code: https://github.com/Azure/azure-docs-powershell-samples/blob/77c8876ed0d79ba5538e3e583fe03aa514ae7661/app-service/deploy-github/deploy-github.ps1
+# Replace the following URL with a public GitHub repo URL
+$gitrepo="https://github.com/Azure-Samples/app-service-web-dotnet-get-started.git"
+$webappname="mywebapp$(Get-Random)"
+$location="West Europe"
+
+# Create a resource group.
+New-AzureRmResourceGroup -Name myResourceGroup -Location $location
+
+# Create an App Service plan in Free tier.
+New-AzureRmAppServicePlan -Name $webappname -Location $location -ResourceGroupName myResourceGroup -Tier Free
+
+# Create a web app.
+New-AzureRmWebApp -Name $webappname -Location $location -AppServicePlan $webappname -ResourceGroupName myResourceGroup
+
+# Configure GitHub deployment from your GitHub repo and deploy once.
+$PropertiesObject = @{
+    repoUrl = "$gitrepo";
+    branch = "master";
+    isManualIntegration = "true";
+}
+Set-AzureRmResource -PropertyObject $PropertiesObject -ResourceGroupName myResourceGroup -ResourceType Microsoft.Web/sites/sourcecontrols -ResourceName $webappname/web -ApiVersion 2015-08-01 -Force

common/code-upgrade-samples/webapp-monitor-with-logs.ps1

@@ -0,0 +1,27 @@
+# Original source code: https://github.com/Azure/azure-docs-powershell-samples/blob/77c8876ed0d79ba5538e3e583fe03aa514ae7661/app-service/monitor-with-logs/monitor-with-logs.ps1
+
+# Generates a Random Value
+$Random=(New-Guid).ToString().Substring(0,8)
+
+# Variables
+$ResourceGroupName="myResourceGroup$Random"
+$AppName="AppServiceMonitor$Random"
+$Location="WestUS"
+
+# Create a Resource Group
+New-AzureRMResourceGroup -Name $ResourceGroupName -Location $Location
+
+# Create an App Service Plan
+New-AzureRMAppservicePlan -Name AppServiceMonitorPlan -ResourceGroupName $ResourceGroupName -Location $Location -Tier Basic
+
+# Create a Web App in the App Service Plan
+New-AzureRMWebApp -Name $AppName -ResourceGroupName $ResourceGroupName -Location $Location -AppServicePlan AppServiceMonitorPlan
+
+# Enable Logs
+Set-AzureRMWebApp -RequestTracingEnabled $True -HttpLoggingEnabled $True -DetailedErrorLoggingEnabled $True -ResourceGroupName $ResourceGroupName -Name $AppName
+
+# Make a Request
+Invoke-WebRequest -Method "Get" -Uri https://$AppName.azurewebsites.net/404 -ErrorAction SilentlyContinue
+
+# Download the Web App Logs
+#Get-AzureRMWebAppMetrics -ResourceGroupName $ResourceGroupName -Name $AppName -Metrics