Restricting Access to Azure Virtual Network Resources

45 minutes
  • 3 Learning Objectives

About this Hands-on Lab

In this lab, we configure both an Ubuntu web server and internet access over TCP port 80 (HTTP) with an Azure network security group.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Connect to Ubuntu Virtual Machine

Log on to the Azure portal using the credentials on the lab landing page.

Connect to the virtual machine using an SSH client. A few SSH clients for Windows can be found on the instructions portion of this page.

The credentials for the virtual machine are provided on the lab page.

Configure the Web Server

Using the SSH client, install the Nginx web server package using the Ubuntu Advanced Package Tool.

Once Nginx has been installed, delete the default start page in the web root directory.

Download the web application from the GitHub repository. Download the contents directly to the Nginx root web directory.

Allow Inbound Internet Traffic

In the Networking pane of the virtual machine, click Add inbound port rule. Add a new inbound rule that allows all HTTP traffic into the virtual machine.

Verify that Nginx has been configured correctly and that traffic is now allowed by navigating in a web browser to the public IP address of the web server. This is in the Azure portal under the blade for the virtual machine.

Additional Resources

Our company, Midnight Movers, Inc., is a moving and storage company that services the town of Solingen, Germany.

Midnight Movers is growing at a very rapid pace. The owners, Wolf and Uda, wish to create an online web presence to inform prospective customers about the company and communicate with customers regarding service appointments, quotes, and more.

Midnight Movers has adopted a "cloud first" IT initiative, and the web presence will be hosted in Azure. We have already pre-provisioned an Ubuntu 18.04 virtual machine to use as a web server, and our web developer has created the mockup of the website.

In this lab, we will:

  • Install and configure the NGINX web server.
  • Download the website source files to the web server.
  • Allow inbound HTTP traffic from the internet to the web server.

If you get stuck, feel free to check out the lab objectives or the solution video. Good luck!

Lab Suffix

Predeployed lab resources will all end with a unique five-character suffix. Make note of this suffix, as it may be needed when naming resources during the lab.

Access to Virtual Machines

We will be using SSH to access our Linux virtual machines in this lab. For Windows workstations, it may be necessary to download an SSH client in order to connect to these virtual machines:

The credentials for the virtual machine are provided on the lab page.

Sample Web Application

We will be using the sample web application in this lab. This app can be downloaded from GitHub.

WARNING: Be Prepared for UI Changes

Given the fluid nature of Microsoft cloud tools, you may experience user interface (UI) changes that were made following the development of this hands-on lab that do not match up with lab instructions. When any such changes are brought to our attention, we will attempt to update the content accordingly. However, if changes occur, students will have to adapt to the changes and work through them in the hands-on labs as needed.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?