Using Azure CLI for managing Azure resources

From PUBLIC-WIKI
Revision as of 11:12, 18 February 2019 by Eyales (talk | contribs)
Jump to navigation Jump to search

Installing Azure CLI

  • Login to the machine using privileged account.
  • Download the latest build of Azure CLI.
  • Windows download instruction and location:
https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-windows?view=azure-cli-latest
  • Linux download instruction and location:
https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-linux?view=azure-cli-latest

Common Azure CLI commands

  • Login to an Azure account, from command prompt:
az login
  • List available subscriptions:
az account list --output table
  • Change the context to a specific Azure subscription:
az account set --subscription "My Subscription"
Note: Replace “My Subscription” with the relevant subscription name
  • Run the command below to verify the currently selected Azure subscription:
az account show

Resource group related commands

  • Create a new Azure resource group:
az group create --name MyResourceGroup --location MyLocation
Note 1: Replace MyResourceGroup with your own relevant group name
Note 2: Replace MyLocation with the target location, from the list below:
https://azure.microsoft.com/en-us/global-infrastructure/locations/
  • List information about a resource group:
az group show --name MyResourceGroup --output table
Note: Replace MyResourceGroup with your own relevant group name

Networking related commands

  • List available virtual networks:
az network vnet list --output table
  • List available subnets (Run the command as a single line):
az network vnet subnet list --resource-group MyResourceGroup --vnet-name MyVNet --output table
Note 1: Replace MyResourceGroup with your own relevant group name
Note 2: Replace MyVNet with the relevant VNET name
  • Create a new virtual network and a new subnet (Run the command as a single line):
az network vnet create --resource-group MyResourceGroup -n MyVnet --address-prefix <Virtual network address prefix CIDR> --subnet-name MySubnet --subnet-prefix <Subnet address prefix CIDR>
Note 1: Replace MyResourceGroup with your own relevant group name
Note 2: Replace MyVNet with the relevant VNET name
Note 3: Replace MySubnet with the target subnet name
Note 4: Replace <Virtual network address prefix CIDR> with relevant value (see example below)
Note 5: Replace <Subnet address prefix CIDR> with relevant value (see example below)
Example:
az network vnet create --resource-group MyResourceGroup -n MyVnet --address-prefix 10.0.0.0/16 --subnet-name MySubnet --subnet-prefix 10.0.0.0/24
  • List all available network security groups:
az network nsg list --output table
  • Create a new network security group:
az network nsg create --resource-group MyResourceGroup -n MyNsg
Note 1: Replace MyResourceGroup with your own relevant group name
Note 2: Replace MyNsg with the target network security group
  • List all default available rules inside a network security group (Run the command as a single line):
az network nsg show --resource-group MyResourceGroup -n MyNsg --query "defaultSecurityRules[]" --output table
Note 1: Replace MyResourceGroup with your own relevant group name
Note 2: Replace MyNsg with the target network security group
  • List all available rules inside a network security group (Run the command as a single line):
az network nsg rule list --resource-group MyResourceGroup --nsg-name MyNsg --output table
Note 1: Replace MyResourceGroup with your own relevant group name
Note 2: Replace MyNsg with the target network security group
  • Create a new RDP rule inside an existing network security group (Run the command as a single line)
az network nsg rule create --resource-group MyResourceGroup --nsg-name MyNsg -n AllowRDP --priority 500 --source-address-prefixes Internet --destination-port-ranges 3389 --access Allow --protocol Tcp --description "Allow RDP"
Note 1: Replace MyResourceGroup with your own relevant group name
Note 2: Replace MyNsg with the target network security group
Note 3: Replace AllowRDP with the relevant rule name
Note 4: Replace 3389 with the relevant port number
Note 5: Replace "Allow RDP" with the relevant rule description
  • List available public IP addresses assigned to virtual machines:
az network public-ip list --output table