Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Azure Powershell (QnD) ====== ====== Common Commands ====== ==== Connect and Select ==== Authenticate with Azure, list subscriptions for tenants and select a subscription to work with. <code powershell> Connect-AzAccount -Tenant <tenant id> Get-AzSubscription Select-AzSubscription -SubscriptionId <id> </code> ====== Command Context ====== Get Azure tenants that there is an authenticated session for. <code> Get-AzTenant | select id,name </code> ==== See and set current context for Azure Powershell commands ==== This shows subscription and tenant info for current connections. <code powershell> Get-AzContext -ListAvailable | fl </code> <code powershell> Set-AzContext -Tenant "xyz" </code> <code powershell> Set-AzContext -Subscription "xyz" </code> ==== Remove item from available context ==== <code powershell> (Get-AzContext -ListAvailable).Name </code> <code powershell> Remove-Context -Name <context name> </code> ====== Get Resources ====== List all resources in the current subscription. <code powershell> Get-AzResource </code> <code powershell> Get-AzResource | select Name,Type,ResourceGroupName,SubscriptionId | Export-Csv resources.csv </code> ====== Loop Over All Subscriptions ====== Loop over all subscriptions in a tenant and run some command against them. <code powershell> foreach ($sub in Get-AzSubscription -TenantId "xyz") { Write-Host $sub.id } </code> === Example === Example of getting creation/last update timestamp for all custom policy definitions. <code powershell> foreach ($sub in Get-AzSubscription -TenantId "xyz") { Get-AzPolicyDefinition -SubscriptionId $sub.id | select -ExpandProperty Properties | where {$_.PolicyType -eq "Custom"} | select DisplayName -ExpandProperty Metadata | select DisplayName, createdOn, updatedOn | fl } </code> Loop over all subscriptions in a tenant and for each subscription run some commands. <code powershell> foreach ($sub in Get-AzSubscription -TenantId "xyz") { Set-AzContext -Subscription $sub.id | Out-Null # # Other commands # } </code> <code powershell> Set-AzContext -Tenant "xyz" foreach ($sub in Get-AzSubscription) { Set-AzContext -Subscription $sub.id | Out-Null # # Other commands # } </code> ====== Loop Over Resource Groups ====== <code powershell> Get-AzResourceGroup | foreach { $_.ResourceGroupName # # Do something with RG info # } </code> ====== List Policy Assignments ====== <code powershell> Set-AzContext -Tenant "xxxx…" foreach ($sub in Get-AzSubscription) { Set-AzContext -Subscription $sub.Id $p += Get-AzPolicyAssignment } $p | select -ExpandProperty Properties | select DisplayName,Scope </code> ====== List All Extension on VMs ====== <code powershell> function AvGet-VMExtensions ($TenantId) { $extList = @() foreach ($sub in Get-AzSubscription -TenantId $TenantId) { Get-AzVM | foreach { $vm = $_.Name $ext = Get-AzVMExtension -VMName $_.Name -ResourceGroupName $_.ResourceGroupName $ext | foreach { $obj = [PSCustomObject]@{ Name = $vm ExtName = $_.Name } $extList += $obj } $extList | Format-Table -AutoSize } $extList | Tee-Object $env:tmp\vm-exts.txt } } </code> ====== List Subnets with no associated NSG ====== <code powershell> foreach ($sub in Get-AzSubscription -TenantId "xxxx") { Set-AzContext -Subscription $sub.id | Out-Null (Get-AzVirtualNetwork | foreach {$_.Subnets} | where {$_.NetworkSecurityGroup -eq $null}).Name } </code> ====== Enumerating Resources ====== === § === <code powershell> $azResources = Get-AzResource $azResources | foreach { $_.ResourceId } </code> === § === <code powershell> Get-AzResourceGroup | foreach {Get-AzStorageAccount -ResourceGroupName $_.ResourceGroupName} </code> ====== Related ====== * [[:powershell|Powershell]] azure/qnd/azure_powershell.txt Last modified: 2022/10/21 21:58by mgupton