By: Levi Masonde | Updated: 2024-07-03 | Comments | Related: > Azure
Problem
Managing Azure resources can become quite tedious using the Azure portal, so Microsoft create Azure CLI which is a command line tool to help you manage your Azure infrastructure using code versus the portal.
Solution
Azure CLI is a cross-platform command-line tool you can use to manage Azure resources. This allows you to perform interactive functions using minimal commands on a PowerShell or bash terminal and enables you to run automated tasks by grouping the commands into a shell/python script you can deploy.
Microsoft turned to Python because it enabled them to produce one implementation which is consistent across multiple platforms (Windows, Linux, IOS). Every command on the Azure CLI is an equivalent of one or more Python Functions on the Azure SDK for Python. This way, although the SDK is open source, developers can create scripts for typical use case scenarios and repetitive tasks. Since the Azure CLI is written in Python, the Azure SDK for Python and Azure CLI are closely related, this means that you are guaranteed a 100% equivalence in features if you plan to use both the Azure CLI and / or Azure SDK for Python.
Prerequisites
- Azure account: sign up for a free Azure account
- Visual Studio Code
Why use Azure CLI
- Access to features: Compared to the Azure GUI, the Azure CLI gives you early access to new features. This is because the GUI requires additional complex and time-consuming programs to be developed and maintained.
- Service Utilization: GUI developments are usually geared to cover the essential functionalities and services. Using the CLI would enable you to have direct access to niche features and resources which might not be available on the GUI.
- Speed and efficiency: GUIs make it visually easy to interact with Azure Resources but at a cost of speed, you must navigate the web app to carry out tasks, for a technical user, this is a repetitive and slow approach. The CLI on the other hand enables you to be direct by requesting specific functions.
- Automation: Azure CLI enables you to automate repetitive tasks and popular use cases.
From Azure CLI 1.0 to 2.0
Azure CLI 1.0 was based on node.js and used the Azure Service Management (ASM) API. Since then, Microsoft has switched to using the Azure Resource Management (ARM) API and Azure CLI 1.0 was migrated to support the ARM API.
Azure CLI 2.0 was created on top of ARM from the get-go. The language used to
build the Azure CLI 2.0 was changed from Node.js to Python, and the commands essentially
changed a bit in the process like how commands on Azure CLI 1.0 started with
azure
while they start with az
on Azure CLI 2.0.
Azure CLI Installation
If you do not want to install a program locally to run Azure CLI commands locally, you can use the Azure cloud shell via your browser to run your Azure CLI commands. This article focuses on installing and using Azure CLI on a Windows OS, you can view this page if you want to install on other Operating Systems like IOS or Linux. The best way to install the Azure CLI on Windows is via the MSI package installer.
Using Azure CLI on VS Code
After installing the CLI, the best way to interact with the Azure CLI is via Visual Studio Code. Assuming you have VS Code installed, if not, download VS Code and install the Azure CLI tools on the IDE:
Azure CLI tools on VS Code will install all the necessary tools you will need to manage your Azure using Azure CLI on VS Code. Once you are done loading your tools, you must get your tenant ID using the Azure portal. First, login to the Azure portal and click on the settings icons on the top right corner:
You will see your directory number under your Directory ID column.
Now, to login Azure using Azure CLI on VS Code, simply open a new terminal in VS Code using the Ctrl + Shift + ‘ shortcut and add the following Azure CLI command, also make sure that your terminal is set to PowerShell:
az login –tenant <Your_tenant_ID>
Running this command will automatically open your browser and ask you to authenticate to your account:
With a successful login, your VS Code terminal will show you all the available tenant options you have and ask you to choose:
Press Enter to login to the default account.
That's it. That's the easiest way to login to your Azure account using Azure CLI.
After you login, the first things you want to check is your subscription details, resources you have running and having a way to get updated commands or being able to find commands:
Definition | Command |
---|---|
List all commands | az |
List subscription | az account list --output table |
Show subscription details | Az account show |
List resources | az group list |
Setting | az configure --defaults group=<resourceGroupName> vm=<vmName> |
Find a command | az find [<CLI_TERM>] |
Activate interactive mode that automatically displays help information and makes it easier to select subcommands | az interactive |
Get recommendations for the next Azure CLI command based on customer execution patterns | az next |
Azure Access Management
It is critical to control who has access to your Azure cloud resources and Azure uses the Azure role-based access control (Azure RBAC) is designed to help you with managing user access to your cloud resource and assigning roles to users or group of users.
Azure has general built-in permissions. If you own the Azure account, you are deemed the owner of all the resources under the account and you are granted full access to the resources and have the permission to assign roles to the Azure RBAC. If you are not the owner, you should ask to be a contributor and you will also have full access to all the resources but will not be allowed to assign roles in Azure RBAC. You either need to be the owner or Azure RBAC manager to assign user roles.
You can add or remove user roles using Azure CLI as well:
Definition | Azure CLI command |
---|---|
Create role to grant assignee read permissions on a virtual machine | az role assignment create --assignee sp_name --role Reader --scope /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MyResourceGroup/providers/Microsoft.Compute/virtualMachines/MyVm
|
Delete user role | az role assignment delete --assignee 00000000-0000-0000-0000-000000000000 --role "Storage Account Key Operator Service Role" |
List all assigned roles | az role assignment list --all |
Azure CLI Common Server Commands
Most people and companies use the cloud to store data and host services, basically as their servers. So, the most common commands are server related commands like:
Description | Azure CLI command |
---|---|
Login Azure account | az login |
Create resource group | az group create --name <resource group name> --location "<region>" |
Create SQL server | az sql server create -l westus -g mygroup -n myserver -u myadminuser -p myadminpassword |
Delete SQL server | az sql server delete --ids <SQL id> --name <SQL name> --resource-group <resource group> --subscription <subscription>
[--yes] |
List all SQL servers in the current subscription | az sql server list |
Create Cosmos DB account | az cosmosdb create --resource-group <resource group name> --name <cosmos account name> --kind GlobalDocumentDB |
Create a Cosmos SQL database | az cosmosdb sql database create --account-name <account name>
--name <database name> --resource-group <resource group name>
|
Get Cosmos database endpoint | az cosmosdb show --name <account-name> --resource-group <resource-group-name>
|
Get Cosmos database keys | az cosmosdb keys list --name <account-name> --resource-group <resource-group-name>
|
Create a keyvault | az keyvault create --name <YourKeyVaultName> --resource-group <YourResourceGroupName> --location <YourLocation> |
Deploy bicep or ARM template | az deployment group create --resource-group <resource-group-name> --template-file <path-to-template> |
az Common Reference Commands
Here is a list of command groups you might find common and interesting:
Description | command |
---|---|
Manage Azure subscription information |
az account |
Manage Azure Kubernetes Services |
az aks |
Manage Azure Backups |
az backup |
Manage Azure Billing |
az billing |
Manage consumption of Azure resources |
az consumption |
Manage Azure Machine Learning resources with the Azure CLI ML extension v2 |
az ml |
Manage Azure Network resources |
az network |
Manage Azure Cloud Storage resources |
az storage |
Manage Power BI resources |
az powerbi |
Final thoughts
Computing is moving to cloud infrastructure and Azure is one of the leading global cloud infrastructure providers. As an IT or software professional, you will be required to understand and use these systems. Azure CLI is the equivalent to the Azure web portal and more for developers or technical users. You can essentially access all the Azure cloud services using the CLI like access management and resource management.
This tutorial covered the basics you need to know and understand when starting with Azure CLI. This is a broad topic and has many layers to it, the natural progression is to create .azcli files which enable you to write blocks of cli code you can run and store.
Next Steps
- Learn how to manage Azure DataBricks using the Azure CLI
- Learn how to create Azure Container Instances for SQL Server
- Learn how to Start, Stop, Delete and Monitor Azure Container Instances for SQL Server
About the author
This author pledges the content of this article is based on professional experience and not AI generated.
View all my tips
Article Last Updated: 2024-07-03