Using PowerShell for managing Azure resources
How to configure PowerShell for managing Azure resources (Windows platform)
- Login to the machine using privileged account.
- From command prompt, run the command below to invoke PowerShell:
- powershell
- Note: You need to run cmd.exe or PowerShell.exe as administrator.
- Run the command below to find out the current PowerShell version:
- $PSVersionTable.PSVersion
- In-case you currently have version older than 5.1, follow the article below to locate the download URL for upgrading to the latest version of PowerShell:
- https://docs.microsoft.com/en-us/powershell/scripting/setup/installing-windows-powershell?view=powershell-6
- Also, review the article below for PowerShell installation pre-requirements:
- https://docs.microsoft.com/en-us/powershell/scripting/setup/windows-powershell-system-requirements?view=powershell-5.1
- Run the below command to check if you have PowerShellGet installed on your system:
- Get-Module PowerShellGet -list | Select-Object Name,Version,Path
- In-case you don’t have PowerShellGet, run the commands below:
- Install-PackageProvider Nuget –Force
- Install-Module -Name PowerShellGet –Force
- For more information about installation or upgrade of PowerShellGet, see:
- https://docs.microsoft.com/en-us/powershell/gallery/installing-psget
- Run the command below to install Azure cmdlet for PowerShell:
- Install-Module AzureRM -Force
- Run the command below to set the execution policy:
- Set-ExecutionPolicy Unrestricted -Force
- Run the command below to import the AzureRM module:
- Import-Module AzureRM
- Run the command below to update to the latest AzureRM module:
- Update-Module -Name AzureRM -Force
- To view the installed versions of AzureRM, run the command below:
- Get-Module -Name AzureRM -List | select Name,Version
- To remove older versions of AzureRM, run the command below (update the command to the relevant version you wish to uninstall):
- Get-InstalledModule -Name AzureRM -RequiredVersion 6.10.0 | Uninstall-Module
How to configure PowerShell for managing Azure resources (CentOS platform)
- Login to the machine using privileged account.
- Run the command below to register the RedHat repository:
- curl https://packages.microsoft.com/config/rhel/7/prod.repo | sudo tee /etc/yum.repos.d/microsoft.repo
- Note: The above command should be written in a single line
- Run the command below to install PowerShell:
- sudo yum install -y powershell
- From command prompt, run the command below to invoke PowerShell:
- sudo pwsh
- Note: You need to run cmd.exe or PowerShell.exe as administrator.
- Run the command below to find out the current PowerShell version:
- $PSVersionTable.PSVersion
- Run the below command to check if you have PowerShellGet installed on your system:
- Get-Module PowerShellGet -list | Select-Object Name,Version,Path
- In-case you don’t have PowerShellGet, run the commands below:
- Install-Module -Name PowerShellGet –Force
- For more information about installation or upgrade of PowerShellGet, see:
- https://docs.microsoft.com/en-us/powershell/gallery/installing-psget
- Run the command below to install Azure cmdlet for PowerShell:
- Install-Module Az -Force
- Run the command below to import the AzureRM module:
- Import-Module Az
- Run the command below to update to the latest AzureRM module:
- Update-Module -Name Az -Force
Common PowerShell commands for Azure
- Login to an Azure account:
- Connect-AzureRmAccount
- List available subscriptions:
- Get-AzureRmSubscription
- Change the context to a specific Azure subscription:
- Set-AzureRmContext -SubscriptionId <subscriptionid>
- Note: Replace <subscriptionid> with the relevant subscription ID
- List available resource groups:
- Get-AzureRmResourceGroup
- Create a new Azure resource group:
- New-AzureRmResourceGroup -Name <ResourceGroupName> -Location <Location>
- Note 1: Replace <ResourceGroupName> with your own relevant group name
- Note 2: Replace <Location> with the target location, from the list below:
- https://azure.microsoft.com/en-us/global-infrastructure/locations/
- Example:
- New-AzureRmResourceGroup -Name RG01 -Location "West Europe"
- List available virtual networks:
- Get-AzureRmVirtualNetwork
- List available subnets
- Get-AzureRmVirtualNetwork -Name <Virtual Network Name> -ResourceGroupName <Resource Group Name> | Get-AzureRmVirtualNetworkSubnetConfig | Format-Table
- Note 1: The above command should be written in a single line
- Note 2: Replace <Virtual Network Name> with the relevant VNET
- Note 3: Replace <Resource Group Name> with the relevant resource group name
- Example:
- Get-AzureRmVirtualNetwork -Name VNET01 -ResourceGroupName RG01 | Get-AzureRmVirtualNetworkSubnetConfig | Format-Table
- Create a new virtual network and a new subnet:
- $subnetConfig = New-AzureRmVirtualNetworkSubnetConfig -Name <SubnetName> -AddressPrefix <Subnet address prefix CIDR>
- New-AzureRmVirtualNetwork -ResourceGroupName <Resource Group Name> -Location <Location> -Name <Virtual network name> -AddressPrefix <Virtual network address prefix CIDR> -Subnet $subnetConfig
- Note 1: The above commands should be written in a single line (for each command)
- Note 2: Replace <SubnetName> with a relevant subnet name
- Note 3: Replace <Subnet address prefix CIDR> with relevant value (see example below)
- Note 4: Replace <Resource Group Name> with relevant value (see example below)
- Note 5: Replace <Location> with the target location, from the list below:
- https://azure.microsoft.com/en-us/global-infrastructure/locations/
- Note 6: Replace <Virtual network name> with relevant value (see example below)
- Note 7: Replace <Virtual network address prefix CIDR> with relevant value (see example below)
- Example:
- $subnetConfig = New-AzureRmVirtualNetworkSubnetConfig -Name mySubnet -AddressPrefix 192.168.1.0/24
- New-AzureRmVirtualNetwork -ResourceGroupName RG01 -Location "UK West" -Name VNET01 -AddressPrefix 192.168.0.0/16 -Subnet $subnetConfig
- List all available network security groups:
- Get-AzureRmNetworkSecurityGroup
- Create a new network security group:
- New-AzureRmNetworkSecurityGroup -ResourceGroupName <Resource Group Name> -Location <Location> -Name <Network security group name>
- Note 1: The above command should be written in a single line
- Note 2: Replace <Resource Group Name> with relevant value (see example below)
- Note 3: Replace <Location> with the target location, from the list below:
- https://azure.microsoft.com/en-us/global-infrastructure/locations/
- Note 4: Replace <Network security group name> with relevant value (see example below)
- Example:
- New-AzureRmNetworkSecurityGroup -ResourceGroupName RG01 -Location "UK West" -Name myNetworkSecurityGroup
- List all available rules inside a network security group:
- Get-AzureRmNetworkSecurityGroup -ResourceGroupName <Resource Group Name> -Name <Network security group name> | Get-AzureRmNetworkSecurityRuleConfig | Format-Table
- Note 1: The above command should be written in a single line
- Note 2: Replace <Resource Group Name> with relevant value (see example below)
- Note 3: Replace <Network security group name> with relevant value (see example below)
- Example:
- Get-AzureRmNetworkSecurityGroup -ResourceGroupName RG01 -Name myNetworkSecurityGroup | Get-AzureRmNetworkSecurityRuleConfig | Format-Table
- Create a new rule inside an existing network security group:
- $nsgRule = New-AzureRmNetworkSecurityRuleConfig -Name <Security rule name> -Protocol Tcp -Direction Inbound -Priority 1000 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 3389 -Access Allow
- New-AzureRmNetworkSecurityGroup -ResourceGroupName <Resource Group Name> -Location <Location> -Name <Network security group name> -SecurityRules $nsgRule -Force
- Note 1: The above commands should be written in a single line (for each command)
- Note 2: Replace <Security rule name> with relevant value (see example below)
- Note 3: Replace <Resource Group Name> with relevant value (see example below)
- Note 4: Replace <Location> with the target location, from the list below:
- https://azure.microsoft.com/en-us/global-infrastructure/locations/
- Note 5: Replace <Network security group name> with relevant value (see example below)
- Example:
- $nsgRule = New-AzureRmNetworkSecurityRuleConfig -Name AllowRDP -Protocol Tcp -Direction Inbound -Priority 1000 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 3389 -Access Allow
- New-AzureRmNetworkSecurityGroup -ResourceGroupName RG01 -Location "West Europe" -Name myNetworkSecurityGroup -SecurityRules $nsgRule –Force
- List available public IP addresses assigned to virtual machines:
- Get-AzureRmPublicIpAddress