Azure: CLI Cheat Sheet

Azure: CLI Cheat Sheet

Search for Commands

1
2
az find \
--search-query user

or the short syntax

1
az find -q rbac

Users

List Users

1
2
az ad user list \
-o table

Create Users

1
2
3
4
az ad user create \
--display-name Ned \
--password MyStrongPass987$$ \
--user-principal-name xxxxxx.xxxxxx##EXT##@XXXXXX.onmicrosoft.com

Roles

Creating Role Assignment

Create Role Assignment on a Subscription

1
2
3
az role assignment create \
--role "Owner" \
--assignee <Service_Principal>

Create Role Assignment on a Resource Group

1
2
3
4
az role assignment create \
--assignee user_domain.com##EXT##@xxxx.onmicrosoft.com \
--role Reader \
--resource-group HadzosResourceGroup

Create Role assignment on a Subscription

–assignee Represent a user, group, or service principal. supported format: object id, user sign-in name, or service principal name.

–assignee-object-id: Assignee’s graph object id, such as the ‘principal id’ from a managed service identity. Use this instead of ‘–assignee’ to bypass graph permission issues.

1
2
3
az role assignment create \
--assignee-object-id 1d500143-702b-4ed8-a0cc-c46a1f29de1b \
--role Contributor

Delete a Role for an Assignee

1
2
3
az role assignment delete \
--assignee 1d500143-702b-4ed8-a0cc-c46a1f29de1b \
--role Reader

Listing Roles

1
az role definition list
1
2
az role definition list \
-o table
1
2
az role definition list \
--output json | jq '.[] | {"roleName":.properties.roleName, "description":.properties.description}'
1
2
az role definition list \
--name "Contributor"
List Roles for an Assignee
1
2
3
az role assignment list \
--assignee 1d500143-702b-4ed8-a0cc-c46a1f29de1b \
-o table
List role assignment
1
2
az role assignment list \
-o table
List role assignment and filter for name or principalName
1
az role assignment list | grep 'name\|principalName'
List role assignment and filter for name or principalName or principalId
1
az role assignment list | grep 'name\|principalName\|principalId'

Listing

Get info about VM from a Resource Group

1
2
az vm list \
--resource-group $ResourceGroup
1
2
 az vm list \
 --resource-group $ResourceGroup | grep 'id'

List images

1
2
az vm image list \
--output table

List resources

1
2
az resource list \
-o table

List access

1
2
az role assignment list \
--assignee "ASSIGNEE-PRINCIPAL-NAME"

Generate an ARM template from an existing resource group

1
2
az group export \
-n kakoje_acs_rg1

List VM usage in a region

1
2
az vm list-usage \
--location westeurope -o table

Locks

1
2
3
4
az lock create \
--name ReadOnlyLock \
--resource-group HadzosResourceGroup \
--lock-type CanNotDelete

Network

List VNets

1
2
az network vnet list \
-o table

List Public IPs

1
2
az network public-ip list \
-o table

List Network Security Group

1
2
az network nsg list \
-o table

List NIC

1
2
az network nic list \
-o table

List resources in a group

1
2
az resource list \
-g MyHadzoGroupName

List resources in a group and filter for name or type

1
2
 az resource list \
 -g HadzoGroup | grep "name\|type"

List VMs

1
az vm list

List groups

  • as json
1
az group list
  • as table
1
2
az group list \
--output=table
  • List locations
1
2
az account list-locations \
-o table
  • Create group in westeurope region
1
2
3
az group create \
-n HadzoGroup \
-l "westeurope"

######## Show information for a specific group

1
2
az group show \
-n HadzoGroup
  • show only id of the group
1
2
3
4
az group show \
-n HadzoGroup \
--query id \
-o tsv

Creating

Creating VM’s

1
2
3
4
5
az vm create \
-n MyVM \
-g HadzoGroup \
--image "UbuntuLTS" \
--size Standard_DS2_v2

or

1
2
3
4
5
6
7
az vm create \
--name MyVM \
--resource-group HadzoGroup \
--image "UbuntuLTS" \
--size Standard_DS2_v2 \
--admin-username "hadzo" \
--ssh-key-value ~/.ssh/id_rsa.pub

Deletig

Deleting Resource Groups

1
2
3
az vm delete \
-n MyVM \
-g MyResourceGroup
1
2
az group delete \
-n MyGroup
1
2
3
4
az group delete \
--name MyGroup \
--yes \
--no-wait