Posts Azure Network Peering diagram with PowerShell
Post
Cancel

Azure Network Peering diagram with PowerShell

Jan 2, 2025 2025-01-02T00:00:00+01:00 on Azure, Automation 6 minutes to read

Azure Network Peering Diagram With PowerShell

In my previous article Diagram as Code with PowerShell, I demonstrated how to generate Azure architecture diagrams using Mermaid and PowerShell. This approach allows you to create dynamic, code-driven network visualizations without relying on external tools like Visio.

In this article, we take this concept one step further, this time focusing on Azure Networks. You will find a PowerShell script that dynamically discovers all Virtual Networks (VNets) and their peering connections across multiple Azure subscriptions, then generates a Mermaid diagram to visualize them.

Why Is This Useful?

Managing Azure networking can be challenging, especially when dealing with multiple subscriptions, VNets, and complex peering configurations. With this script, you can:

  • Automatically discover all VNets across all subscriptions.
  • Map VNet Peering relationships dynamically.
  • Generate clear, visual network diagrams without manual effort.
  • Detect missing or incorrect peering connections at a glance.
  • Share network topology easily with your team.

Rather than manually drawing diagrams or checking peering configurations through the Azure Portal, this approach allows you to quickly generate a live network visualization in a text-based, version-controlled, and automatable manner.

Visualize Azure Network Peering with PowerShell

The scripts need to collect information from Azure, and then generate Mermaid diagram. Here are all the steps:

How the Script Works

  • Logs into Azure and retrieves a list of all subscriptions.
  • Switches through each subscription, finding all Virtual Networks (VNets).
  • Detects VNet Peering connections and avoids duplicates.
  • Generates a Mermaid.js diagram in .mmd format.
  • Saves the diagram and provides a Mermaid Live Editor link to visualize it instantly.

The script

And here is the script:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61


# Ensure Az Module is available
if -not (Get-Module -ListAvailable -Name Az.Network)) {
    Write-Host "Az.Network module is not installed. Installing..."
    Install-Module -Name Az.Network -Force -AllowClobber
}

(# Connect to Azure
Write-Host "Logging into Azure..."
Connect-AzAccount | Out-Null

# Get all subscriptions
$subscriptions = Get-AzSubscription

# Initialize Mermaid script
$mermaid = @"
graph TD;
"@

# Dictionary to track VNet relationships
$vnetPeers = @{}

foreach ($sub in $subscriptions) {
    # Switch to Subscription
    Write-Host "Switching to subscription: $($sub.Name)"
    Set-AzContext -SubscriptionId $sub.Id | Out-Null

    # Get all VNets in the current subscription
    $vnets = Get-AzVirtualNetwork

    foreach ($vnet in $vnets) {
        $vnetName = "$($sub.Name)_$($vnet.Name)"
        $mermaid += "\t$vnetName[\"$vnetName VNet\"]\n"

        # Get Peering Info
        $peerings = Get-AzVirtualNetworkPeering -ResourceGroupName $vnet.ResourceGroupName -VirtualNetworkName $vnet.Name
        foreach ($peer in $peerings) {
            $peerName = $peer.RemoteVirtualNetwork.Id.Split("/")[-1]
            $peerSub = ($peer.RemoteVirtualNetwork.Id -split "/")[2]
            $peerFullName = "$peerSub`_$peerName"

            # Avoid duplicate peering links
            if (-not $vnetPeers["$vnetName-$peerFullName"] -and -not $vnetPeers["$peerFullName-$vnetName"]) {
                $mermaid += "\t$vnetName ---|VNet Peering| $peerFullName\n"
                $vnetPeers["$vnetName-$peerFullName"] = $true
            }
        }
    }
}

# Save Mermaid diagram to a file
$diagramPath = "Azure_Network_Diagram.mmd"
$mermaid | Set-Content -Path $diagramPath

Write-Host "Mermaid diagram saved as $diagramPath"

# Optional: Generate Mermaid Live Editor Link
$encodedDiagram = [System.Web.HttpUtility]::UrlEncode($mermaid)
$mermaidEditorUrl = "https://mermaid.live/edit#${encodedDiagram}"
Write-Host "View your diagram here: $mermaidEditorUrl"

Example Output Diagram

Once you run the script, it generates a Mermaid diagram showing your Azure VNets and Peering relationships.

1
2
3
4
5
6
7
8
9

graph TD;
    Sub1_HubVNet["Sub1 Hub VNet"]
    Sub1_Spoke1VNet["Sub1 Spoke 1 VNet"]
    Sub2_Spoke2VNet["Sub2 Spoke 2 VNet"]
    Sub3_Spoke3VNet["Sub3 Spoke 3 VNet"]

    Sub1_HubVNet ---|VNet Peering| Sub1_Spoke1VNet
    Sub1_HubVNet ---|VNet Peering| Sub2_Spoke2VNet
    Sub2_Spoke2VNet ---|VNet Peering| Sub3_Spoke3VNet

And how it looks:

Azure Network Peering Diagram

This script is a powerful tool for Azure architects, engineers, and DevOps teams who need to quickly understand complex networking configurations across multiple subscriptions.

Want to see where connections are missing? Run the script.

Need to document your architecture? Run the script.

Want a quick way to visualize your VNets without drawing diagrams manually? Run the script!

If you have more ideas what you can visualize with Mermaid, please reach out to let me know.

Keep clouding around.

Vukasin Terzic

Updated Mar 1, 2025 2025-03-01T21:46:29+01:00
Azure PowerShell IaaC Automation
This post is licensed under CC BY 4.0

Diagram as Code with PowerShell

-