Microsoft Azure For Dummies
Book image
Explore Book Buy On Amazon
If I were to summarize the best approach to Microsoft Azure in three words, those words would be “always be learning.” The Azure product development teams release new features every workday, so if you aren’t actively working to stay current, you’ll fall behind, and your career will suffer.

This Cheat Sheet provides you some reminders of some essential ingredients in Azure automation. Remember that the Azure portal is all well and good until you’re tasked with deploying 50 virtual machines!

Essential Azure PowerShell Commands

Not every one of the following PowerShell commands is an Azure command. PowerShell is a universal task automation language, however, so once you get the hang of its basic syntax and use, you’ll be productive in Azure, Amazon Web Services (AWS), and beyond.

On Windows 10, you can install the Azure PowerShell modules by running the following command from an administrative command prompt or PowerShell session:

Install-Module -Name Az

Following are some general commands you may commonly use when working with Azure. Of course, you can use the following three commands in any context, Azure- or non-Azure-related:

  • Get-Command: Discover useful PowerShell commands.

Get-Command -Module Az.Compute -Verb Get -Noun *disk*

  • Get-Help: Read syntax help and view example use.

Get-Help -Name New-AzVM -Examples

  • Connect-AzAccount: Authenticate to Azure.

$credential = Get-Credential

Connect-AzAccount -Credential $credential

  • Set-AzContext: Set your active subscription context.

Set-AzContext -SubscriptionName 'Corporate Subscription'

  • New-AzResourceGroupDeployment: Deploy an ARM template and, optionally, a parameter file.

New-AzResourceGroupDeployment -ResourceGroupName 'Engineering'

-TemplateFile 'D:\templates\env-deploy.json'

-TemplateParameterFile 'D:\templates\


Essential Azure CLI Commands

Most beginners prefer the Azure Command-Line Interface (CLI) interface to Azure PowerShell because the CLI is so newcomer-friendly, especially when run in interactive mode.

The Azure CLI runs on Windows, macOS, and Linux; get installation details from the Azure documentation.

  • az interactive: Starts the Azure CLI interactive command shell.
  • az login: Authenticate to your Azure AD tenant and subscriptions.

az login --tenant

  • az account: Set your active subscription context.

az account set --subscription 'Corporate Subscription'

  • az configure: Specify your default output type (among other options).

az configure --defaults group=myRG web=myweb vm=myvm

  • az group deployment create: Deploy an Azure Resource Manager (ARM) template.

az group deployment create --resource-group 'Engineering'

--template-file 'D:\templates\env-deploy.json'

--parameters '{"location": {"value": "eastus2"}}'

ARM Template Elements

Every ARM template contains at least some of the following JavaScript Object Notation (JSON) elements. Here’s a good roll-up of them, along with brief descriptions:

  • $schema: Required; the JSON schema file against which your template is validated
  • contentVersion: Required; for your team’s use (Azure simply requires some value.)
  • apiProfile: Optional; API version collection for particular resource types
  • parameters: Optional; values passed in to the deployment at run time
  • variables: Optional; JSON fragments that simplify template language expressions (generating unique resource names, for example)
  • functions: Optional; user-defined functions that are made available within the template
  • resources: Required; the resources that Azure will deploy in to a resource group or subscription
  • outputs: Optional; values returned postdeployment

Well-Known Azure Domains

Until you stand up a site-to-site virtual private network or an ExpressRoute circuit between your local network and Azure, you’ll probably have to create some firewall rules to allow traffic from well-known Azure services.

Following is a nonexhaustive list of Azure service URLs and a brief description of the service(s) each hosts:

  • com: The public Azure website
  • net: Azure Content Delivery Network
  • net: Azure App Service
  • net: Azure Virtual Machines (among other services)
  • Azure storage
  • Azure SQL Database product family
  • Azure Cosmos DB
  • Microsoft Graph API used in Azure AD
  • Azure Logic Apps
  • Azure authentication endpoint
  • com: Azure AD
  • net: Azure Traffic Manager
  • Azure Key Vault
  • com: The legacy (original) Azure domain, still seen from time to time (Azure MFA, Azure Account Center)

About This Article

This article is from the book:

About the book author:

Glen E. Clarke, A+, Network+, Security+, is an independent trainer and consultant. Ed Tetz, A+, MCSE, MCT, has written several guides to MCSE and other certifications. Timothy Warner, MCSE, MCT, A+, is an IT professional, technical trainer, and author.

This article can be found in the category: