Create, change, or delete public IP addresses

Learn about public IP addresses and how to create, change, and delete them. A public IP address is a resource with its own configurable settings. Assigning a public IP address to other Azure resources enables:

  • Inbound Internet connectivity to resources such as Azure Virtual Machines (VM), Azure Virtual Machine Scale Sets, Azure VPN Gateway, and Internet-facing Azure Load Balancers.
  • Outbound connectivity to the Internet that is not network address translated (NAT). For example, a VM can communicate outbound to the Internet without a public IP address assigned to it, but its address is network address translated by Azure. To learn more about outbound connections from Azure resources, read the Understand outbound connections article.

This article explains how to work with public IP addresses deployed through the Azure Resource Manager deployment model.

Before you begin

Complete the following tasks before completing any steps in any section of this article:

  • Review the Azure limits article to learn about limits for public IP addresses.
  • Log in to the Azure portal, Azure command-line interface (CLI), or Azure PowerShell with an Azure account. If you don't already have an Azure account, sign up for a free trial account.
  • If using PowerShell commands to complete tasks in this article, install and configure Azure PowerShell by completing the steps in the How to install and configure Azure PowerShell article. Ensure you have the most recent version of the Azure PowerShell commandlets installed. To get help for PowerShell commands, with examples, type get-help <command> -full.
  • If using Azure Command-line interface (CLI) commands to complete tasks in this article, install and configure the Azure CLI by completing the steps in the How to install and configure the Azure CLI article. Ensure you have the most recent version of the Azure CLI installed. To get help for CLI commands, type az <command> --help.

Public IP addresses have a nominal charge. To view the pricing, read the IP address pricing page.

Create a public IP address

  1. Log in to the Azure portal with an account that is assigned (at a minimum) permissions for the Network Contributor role for your subscription. Read the Built-in roles for Azure role-based access control article to learn more about assigning roles and permissions to accounts.
  2. In the box that contains the text Search resources at the top of the Azure portal, type public ip address. When Public IP addresses appears in the search results, click it.
  3. Click + Add in the Public IP address blade that appears.
  4. Enter or select values for the following settings in the Create public IP address blade that appears, then click Create:

    Setting Required? Details
    Name Yes The name must be unique within the resource group you select.
    IP address assignment Yes Dynamic: Dynamic addresses are assigned only after the public IP address is associated to a NIC attached to a VM and the VM is started for the first time. Dynamic addresses can change if the VM the NIC is attached to is stopped (deallocated). The address remains the same if the VM is rebooted or stopped (but not deallocated). Static: Static addresses are assigned when the public IP address is created. Static addresses do not change even if the VM is put in the stopped (deallocated) state. The address is only released when the NIC is deleted. You can change the assignment method after the NIC is created.
    Idle timeout (minutes) No How many minutes to keep a TCP or HTTP connection open without relying on clients to send keep-alive messages.
    DNS name label No Must be unique within the Azure location you create the name in (across all subscriptions and all customers). The Azure public DNS service automatically registers the name and IP address so you can connect to a resource with the name. Azure appends location.cloudapp.azure.com (where location is the location you select) to the name you provide to create the fully qualified DNS name.
    Subscription Yes Must exist in the same subscription as the resource you want to associate the public IP address to.
    Resource group Yes Can exist in the same, or different, resource group as the resource you want to associate the public IP address to.
    Location Yes Must exist in the same location, also referred to as region, as the resource you want to associate the public IP address to.

Commands

Tool Command
CLI az network public-ip-create
PowerShell New-AzureRmPublicIpAddress

Change settings for, or delete a public IP address

  1. Log in to the Azure portal with an account that is assigned (at a minimum) permissions for the Network Contributor role for your subscription. Read the Built-in roles for Azure role-based access control article to learn more about assigning roles and permissions to accounts.
  2. In the box that contains the text Search resources at the top of the Azure portal, type public ip address. When Public IP addresses appears in the search results, click it.
  3. In the Public IP addresses blade that appears, click the name of the public IP address you want to change settings for or delete.
  4. In the blade that appears for the public IP address, complete one of the following options depending on whether you want to delete or change the public IP address.
    • Delete: To delete the public IP address, click Delete in the Overview section of the blade. If the address is currently associated to an IP configuration, it cannot be deleted. If the address is currently associated with a configuration, click Dissociate to dissociate the address from the IP configuration.
    • Change: Click Configuration. Change settings using the information in step 4 of the Create a public IP address section of this article. To change the assignment from static to dynamic, you must first dissociate the public IP address from the IP configuration it's associated to. You can then change the assignment method to dynamic and click Associate to associate the IP address to the same IP configuration, a different configuration, or you can leave it dissociated. To dissociate a public IP address, in the Overview section, click Dissociate.
Warning

When you change the assignment method from static to dynamic, you lose the IP address that was assigned to the public IP address. While the Azure public DNS servers maintain a mapping between static or dynamic addresses and any DNS name label (if you defined one), a dynamic IP address can change when the VM is started after being in the stopped (deallocated) state. To prevent the address from changing, assign a static IP address.

Commands

Tool Command
CLI az network public-ip update to update; az network public-ip delete to delete
PowerShell Set-AzureRmPublicIpAddress to update; Remove-AzureRmPublicIpAddress to delete

Next steps

Assign public IP addresses when creating the following Azure resources: