MS Learn
Introduction – PowerShell | Microsoft Learn
Powershell quick reference
quickguides/powershell_langref_v7.pdf at main · spawnmarvel/quickguides · GitHub
Connect to Azure using Powershell (Module -Name Az must be installed)
Install Az module
$PSVersionTable.PSVersion
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser
Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force
# Take a coffee, this takes time, answer Yx2 and wait, when done, close/open Powershell and verify module
Minimum Powershell v is 5.1, 7.3
Get-InstalledModule -Name Az
Connect-AzAccount
Connect-AzAccount -TenantId The-tenant-id-we-copied-from-azure-ad
# Login and verify
Get-AzResourceGroup | Get-Member
# other useful
Get-AzTenant
Get-AzContext
Get-AzADUser
New-AzResourceGroup
New-AzResourceGroup -Name az104-09b-rg1 -Location "East US"
Get-AzResourceGroup
Get-AzResourceGroup -Name 'az104*'
$rv = Get-AzResourceGroup -Name 'az104*'
Write-Host $rv.ResourceGroupName
Remove-AzResourceGroup
# Remove all and the resource group
Get-AzResourceGroup -Name $rv.ResourceGroupName | Remove-AzResourceGroup -Force -AsJob
Move-AzResource
$rg = Get-AzResource -Name "testit3straccount"
Write-Host $rg.ResourceId
Move-AzResource -ResourceId $Resource.ResourceId -DestinationResourceGroupName "test-it5"
# test-it3, WE, testit3straccount WE. test-it5, EU, testit3straccount WE.
New-AzResourceGroupDeployment -TempFile thefile -TemplateParameterFile theparamfile -whatif || -verbose || – debug
$rgname = "az104-06-rg1-682093"
New-AzResourceGroup -Name $rgname -Location "west europe" -Force
New-AzResourceGroupDeployment -ResourceGroupName $rgname -TemplateFile .\az104-06-vms-loop-template.json -TemplateParameterFile .\az104-06-vms-loop-parameters.json -WhatIf
$location = (Get-AzResourceGroup -ResourceGroupName $rgName).location
$vmNames = (Get-AzVm = -ResourceGroupName $rgName).Name
foreach ($vmName in $vmNames) {Set AzVmExtension .... }
rm in bulk
$rgs = Get-AzResourceGroup -Name "az104*"
Write-Host $rgs.ResourceGroupName
# az104-03a-rg2 az104-03a-rg3 az104-03a-rg1 az104-03b-rg1 az104-03c-rg1 az104-03d-rg1
foreach ($rg in $rgs) { Write-Host $rg.ResourceGroupName }
az104-03a-rg2
az104-03a-rg3
az104-03a-rg1
az104-03b-rg1
az104-03c-rg1
az104-03d-rg1
foreach ($rg in $rgs) {Get-AzResourceGroup -Name $rg.ResourceGroupName | Remove-AzResourceGroup -Force -AsJob }
Id Name PSJobTypeName State HasMoreData Location Command
-- ---- ------------- ----- ----------- -------- -------
2 Long Running O… AzureLongRunni… Running True localhost Remove-AzResourceGroup
3 Long Running O… AzureLongRunni… Running True localhost Remove-AzResourceGroup
4 Long Running O… AzureLongRunni… Running True localhost Remove-AzResourceGroup
5 Long Running O… AzureLongRunni… Running True localhost Remove-AzResourceGroup
6 Long Running O… AzureLongRunni… Running True localhost Remove-AzResourceGroup
7 Long Running O… AzureLongRunni… Running True localhost Remove-AzResourceGroup
AZ Powershell Reference
https://docs.microsoft.com/en-us/powershell/azure/?view=azps-6.3.0&viewFallbackFrom=azps-5.2.0
Connect to Azure from Az CLI (must be installed) using Git Bash (must be installed) :
Install the Azure CLI for Windows | Microsoft Learn
az login
az login
# or
az login --tenant The-tenant-id-we-copied-from-azure-ad
az resource list
rg="test-it3"
az resource list --resource-group $rg
az storage account show
az storage account show --resource-group $rg --name testit3straccount
az storage account show –query
az storage account show --resource-group $rg --name testit3straccount --query "[location]"
az storage account show --resource-group $rg --name testit3straccount --query "[location,accessTier]"
az cm create
Exercise – Create an Azure Virtual Machine – Training | Microsoft Learn
az vm create \
--resource-group test-it4 \
--name vm-test-it4 \
--image UbuntuLTS \
--admin-username azureuser \
--generate-ssh-keys
ssh -l user ip
ssh -l azureuser xxx.xx.xxx.255
# using ssh keys added to our file
az vm extension set
az vm extension set \
--resource-group test-it4 \
--vm-name vm-test-it4 \
--name customScript \
--publisher Microsoft.Azure.Extensions \
--version 2.1 \
--settings '{"fileUris":["https://raw.githubusercontent.com/MicrosoftDocs/mslearn-welcome-to-azure/master/configure-nginx.sh"]}' \
--protected-settings '{"commandToExecute": "./configure-nginx.sh"}'
service nginx status
service nginx status
Add NSG 80 inbound
Welcome
az network vnet create (3 vnets)
az network vnet create \
--resource-group [sandbox resource group name] \
--name SalesVNet \
--address-prefixes 10.1.0.0/16 \
--subnet-name Apps \
--subnet-prefixes 10.1.1.0/24 \
--location northeurope
az network vnet create \
--resource-group [sandbox resource group name] \
--name MarketingVNet \
--address-prefixes 10.2.0.0/16 \
--subnet-name Apps \
--subnet-prefixes 10.2.1.0/24 \
--location northeurope
az network vnet create \
--resource-group [sandbox resource group name] \
--name ResearchVNet \
--address-prefixes 10.3.0.0/16 \
--subnet-name Data \
--subnet-prefixes 10.3.1.0/24 \
--location westeuropeaz network vnet list
az network vnet list --query "[?contains(provisioningState, 'Succeeded')]" --output tableaz network vnet peering create
az network vnet peering create \
--name SalesVNet-To-MarketingVNet \
--remote-vnet MarketingVNet \
--resource-group [sandbox resource group name] \
--vnet-name SalesVNet \
--allow-vnet-access
# Run the following command to create a reciprocal connection from MarketingVNet to SalesVNet. This step completes the connection between these virtual networks.
az network vnet peering create \
--name MarketingVNet-To-SalesVNet \
--remote-vnet SalesVNet \
--resource-group [sandbox resource group name] \
--vnet-name MarketingVNet \
--allow-vnet-accessExercise – Create custom routes – Training | Microsoft Learn
# run the following command to create a route table.
az network route-table create \
--name publictable \
--resource-group test-it7customroutes \
--disable-bgp-route-propagation false
# create a custom route.
az network route-table route create \
--route-table-name publictable \
--resource-group test-it7customroutes \
--name productionsubnet \
--address-prefix 10.0.1.0/24 \
--next-hop-type VirtualAppliance \
--next-hop-ip-address 10.0.2.4
# Create a virtual network and subnets
az network vnet create \
--name vnet \
--resource-group test-it7customroutes \
--address-prefixes 10.0.0.0/16 \
--subnet-name publicsubnet \
--subnet-prefixes 10.0.0.0/24
az network vnet subnet create \
--name privatesubnet \
--vnet-name vnet \
--resource-group test-it7customroutes \
--address-prefixes 10.0.1.0/24
az network vnet subnet create \
--name dmzsubnet \
--vnet-name vnet \
--resource-group test-it7customroutes \
--address-prefixes 10.0.2.0/24
# You should now have three subnets. Run the following command to show all of the subnets in the vnet virtual network.
az network vnet subnet list \
--resource-group test-it7customroutes \
--vnet-name vnet \
--output table
# Run the following command to associate the route table with the public subnet.
az network vnet subnet update \
--name publicsubnet \
--vnet-name vnet \
--resource-group test-it7customroutes \
--route-table publictable
The custom route should be used with an NVA (Network Virtual Appliances ). NVA is typically used to control the flow of traffic between network segments classified with different security levels, for example between a De-Militarized Zone (DMZ) Virtual Network and the public Internet.
AZ commands
AZ CLI Reference