<< A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

–A–

AAD, is VM joined to? – see VM joined to AAD?

availability zones, list

This is supposed to work

Get-AzLocation -Location centralus | select displayname,location,zones

but fails

Get-AzLocation: A parameter cannot be found that matches parameter name 'Location'.

because Powershell 7.4.0 has some problem with it.

This works only from the Azure CLI / Cloud Shell

az vm list-skus --location centralus --zone --output table

Az module, modules comparising Az up-to-date?

$installedModules = Get-Module -Name Az.* -ListAvailable | Sort-Object Name -Unique
foreach ($mod in $installedModules) {
    $latest = Find-Module -Name $mod.Name
    $allVersions = Get-Module -Name $mod.Name -ListAvailable | Select-Object -ExpandProperty Version
    $isLatestInstalled = $allVersions -contains $latest.Version
    $hasOlderVersions = ($allVersions | Where-Object { $_ -lt $latest.Version }).Count -gt 0

    if ($mod.Version -lt $latest.Version) {
        $color = "Yellow"
        $status = "Not up-to-date"
    } elseif ($isLatestInstalled -and $hasOlderVersions) {
        $color = "Magenta"
        $status = "Up-to-date (older versions present)"
    } else {
        $color = "Green"
        $status = "Up-to-date"
    }

    Write-Host ("{0,-30} {1,-12} {2,-12} {3}" -f $mod.Name, $mod.Version, $latest.Version, $status) -ForegroundColor $color
}

Az module, uninstall

I wanted to uninstall the Az module after I got errors.

Az module, update

Problems attempting to update in VS Code or PowerShell identity because first sub-module Az.Accounts required to run either of those two, So that is locked up by either of those two, which prevents it from updating. Many subsequent sub-modules require Az.Accounts. This shows how to Get around that, find and update all the sub-modules, and get rid of old sub-module versions.

<#

AzUpdate.ps1

Az module update script that finds any "submodules" of the massive Az collective that are out of date and update them.
My impetus for this was that I was trying to update Az but it got hung up on Az.Accounts, which was out of date,
it wouldn't update that one first before trying to update the rest of the modules -
dozens of which seemed to depend on Az.Accounts - and it just kept erroring out because of that.
So I wanted a script that would find all the out of date modules and update them in the right order.

You can't run this in either Visual Studio code or the regular PowerShell IDE.
Well, at least not the first part where we're trying to update Az.Accounts,
which is a dependency for a lot of the other modules, and thus will cause errors if you try to update the others first
because both Visual Studio code and the regular PowerShell IDE seem to automatically invoke that module and
therefore lock it up.

You also can't run this from a PowerShell command in Admin mode if you want to get to
DFS shares like "\\fs.healthcare.uiowa.edu\hcis\Core Services Team\Infrastructure Services\"
because running such terminals in admin mode automatically disable DFS shares

Instead, run in "regular" terminal session (which doesn't disable DFS mapping), then run:

Set-ExecutionPolicy -Scope CurrentUser
cmdlet Set-ExecutionPolicy at command pipeline position 1
Supply values for the following parameters:
ExecutionPolicy: Bypass

Then finally:
.\AzUpdate.ps1
to invoke this script.

If you're like me, you really like VS Code and stop this once it updates that first Az.Accounts module,
then switch to VS Code to run the rest of the updates, which should work fine at that point because
Az.Accounts is no longer locked up by VS Code and is now updated to the latest version
which means all the other updates shouldn't (and didn't) encounter any problems.

This will find all the older versions.  It won't necessarily update each to the newest version all in just one step.
You might get things such as:
    [55 of 66] Updating Az.SignalR from version 2.3.1 to 2.3.3
    Successfully updated Az.SignalR to version 2.3.3
    [56 of 66] Updating Az.SignalR from version 2.3.0 to 2.3.3
    Successfully updated Az.SignalR to version 2.3.3
indicating that it's doing it in a couple steps or more.

Luckily, Az.Accounts is first in the list, because a lot of subsequent modules seem to depend on that,
so it's good that it's first!

The very last part cleans up any older versions that are still installed but not the latest version,
which can be a problem if you have multiple versions of the same module installed and it causes confusion
about which one is being used in a given session.

A lot of the old junk can't be uninstalled but instead can be "manually" removed
by deleting the folders where those versions are installed,
which is what the script will attempt to do if it encounters errors during uninstall
that indicate the old version is still installed but not in the current user scope (which is where we install the new versions).

2026-03-19  Joe Moschak initial version

#>

$null = Remove-Variable moduleInfo, modules, latestModules -ErrorAction SilentlyContinue
# Get all Az* modules

# Get all Az* modules (all installed versions)
$allModules = Get-Module -Name Az* -ListAvailable

# Build a map of all installed versions for each module
$moduleVersionsMap = @{}
# Build a map of the latest installed version for each module
$latestInstalledVersionMap = @{}
foreach ($mod in $allModules) {
    if (-not $moduleVersionsMap.ContainsKey($mod.Name)) {
        $moduleVersionsMap[$mod.Name] = @()
    }
    $moduleVersionsMap[$mod.Name] += $mod.Version
    if (-not $latestInstalledVersionMap.ContainsKey($mod.Name) -or $mod.Version -gt $latestInstalledVersionMap[$mod.Name]) {
        $latestInstalledVersionMap[$mod.Name] = $mod.Version
    }
}

$moduleNames = $latestInstalledVersionMap.Keys
$moduleCount = $moduleNames.Count
write-host "Found $moduleCount Az* modules (latest installed version per module) on this system." -ForegroundColor Yellow

$moduleInfo = @()

# Get all latest Az* module versions in one call
$latestModules = @{}
foreach ($mod in Find-Module -Name Az* -ErrorAction SilentlyContinue) {
    $latestModules[$mod.Name] = $mod.Version
}

# Only get loaded module names once for efficiency
$loadedModuleNames = (Get-Module).Name

# Build module info using the latest installed version for each module
foreach ($name in $moduleNames) {
    $version = $latestInstalledVersionMap[$name]
    $mod = $allModules | Where-Object { $_.Name -eq $name -and $_.Version -eq $version } | Select-Object -First 1
    Write-Host "Loading $name ($version)"
    $latestVersion = $null
    $isLatest = "No"
    if ($latestModules.ContainsKey($name)) {
        $latestVersion = $latestModules[$name]
        if ($version -eq $latestVersion) {
            $isLatest = "Yes"
        }
    }
    $moduleInfo += [PSCustomObject]@{
        Name         = $name
        Version      = $version
        Path         = $mod.Path
        Loaded       = $name -in $loadedModuleNames
        Dependencies = $mod.RequiredModules.Name
        LatestVersion= $latestVersion
        IsLatest     = $isLatest
    }
}

# Categorize modules
$notUpToDate = @()
$upToDateWithOld = @()
$upToDateOnly = @()
foreach ($info in $moduleInfo) {
    $allVersions = $moduleVersionsMap[$info.Name] | Sort-Object -Descending
    if ($info.IsLatest -eq "No") {
        $notUpToDate += $info
    } elseif ($allVersions.Count -gt 1) {
        $upToDateWithOld += [PSCustomObject]@{
            Name = $info.Name
            LatestVersion = $info.Version
            OldVersions = ($allVersions | Where-Object { $_ -ne $info.Version })
            OldCount = ($allVersions | Where-Object { $_ -ne $info.Version }).Count
        }
    } else {
        $upToDateOnly += $info
    }
}

$totalModules = $moduleInfo.Count
$notUpToDateCount = $notUpToDate.Count
$upToDateWithOldCount = $upToDateWithOld.Count
$upToDateOnlyCount = $upToDateOnly.Count
$neverHadLatestCount = $totalModules - ($notUpToDateCount + $upToDateWithOldCount + $upToDateOnlyCount)

Write-Host "`n$notUpToDateCount out of $totalModules modules are NOT up to date:" -ForegroundColor Red
if ($notUpToDateCount -gt 0) {
    $notUpToDate | Format-Table Name, Version, LatestVersion, Path -AutoSize | Out-String | Write-Host
} else {
    Write-Host "None" -ForegroundColor Green
}

Write-Host "`n$upToDateWithOldCount out of $totalModules modules have the latest version installed but also have older versions:" -ForegroundColor Yellow
if ($upToDateWithOldCount -gt 0) {
    $upToDateWithOld | ForEach-Object {
        $name = $_.Name
        $latest = $_.LatestVersion
        $oldVersions = $_.OldVersions
        $latestInstalls = Get-Module -Name $name -ListAvailable | Where-Object { $_.Version -eq $latest }
        $latestPaths = $latestInstalls | ForEach-Object { $_.Path }
        $latestPathMsg = ""
        if ($latestPaths) {
            $latestPathMsg = "\n    Latest version $latest is installed at:\n        " + ($latestPaths -join "`n        ")
        }
        Write-Host ("{0} (Latest: {1}) - {2} older version(s): {3}{4}" -f $name, $latest, $_.OldCount, ($oldVersions -join ", "), $latestPathMsg)
    }
} else {
    Write-Host "None" -ForegroundColor Green
}

Write-Host "`n$upToDateOnlyCount out of $totalModules modules have only the latest version installed:" -ForegroundColor Green
if ($upToDateOnlyCount -gt 0) {
    $upToDateOnly | Format-Table Name, Version, Path -AutoSize | Out-String | Write-Host
} else {
    Write-Host "None" -ForegroundColor Yellow
}

# Update all the ones that are not the latest version?
# This does not necessarily handle those that have the latest version but also have older versions.
# That comes immediately after this loop.
$modulesToUpdate = $moduleInfo | Where-Object { $_.IsLatest -eq "No" -and $_.Name -ne "Az" }
$totalToUpdate = $modulesToUpdate.Count
if ($totalToUpdate -eq 0) {
    Write-Host "No modules need updating. All Az* modules are already at the latest version." -ForegroundColor Cyan
} else {
    $i = 1
    $loadedModuleNames = (Get-Module).Name
    foreach ($mod in $modulesToUpdate) {
        Write-Host "[$i of $totalToUpdate] Updating $($mod.Name) from version $($mod.Version) to $($mod.LatestVersion)" -ForegroundColor Cyan
        try {
            Install-Module -Name $mod.Name -Force -AllowClobber -Scope CurrentUser
            Write-Host "Successfully updated $($mod.Name) to version $($mod.LatestVersion)" -ForegroundColor Green
            # Remove all older versions of this module using $moduleVersionsMap
            $allVersions = $moduleVersionsMap[$mod.Name] | Sort-Object -Descending
            if ($allVersions.Count -gt 1) {
                $latest = $allVersions[0]
                $oldVersions = $allVersions | Where-Object { $_ -ne $latest }
                foreach ($old in $oldVersions) {
                    try {
                        Write-Host "Uninstalling old version $($mod.Name) $old" -ForegroundColor DarkYellow
                        Uninstall-Module -Name $mod.Name -RequiredVersion $old -Force -ErrorAction Stop
                        Write-Host "Successfully uninstalled $($mod.Name) $old" -ForegroundColor Green
                    } catch {
                        Write-Host ("Failed to uninstall {0} {1}: {2}" -f $mod.Name, $old, $_) -ForegroundColor Red
                    }
                }
            }
        }
        catch {
            Write-Host "Failed to update $($mod.Name): $_" -ForegroundColor Red
        }
        $i++
    }
}

# Cleanup: Remove old versions for modules that are already up to date but have older versions installed
if ($upToDateWithOldCount -gt 0) {
    Write-Host "`nCleaning up old versions for modules already up to date..." -ForegroundColor Cyan
    $i = 1
    $total = $upToDateWithOld.Count
    foreach ($mod in $upToDateWithOld) {
        $name = $mod.Name
        $latest = $mod.LatestVersion
        $oldVersions = $mod.OldVersions
        $oldList = ($oldVersions -join ", ")
        Write-Host ("[{0} of {1}] {2}: Uninstalling old version(s): {3} (latest: {4})" -f $i, $total, $name, $oldList, $latest) -ForegroundColor Yellow
        $i++
        foreach ($old in $oldVersions) {
            # Check if the old version is loaded in any session
            $loadedOld = Get-Module -Name $name | Where-Object { $_.Version -eq $old }
            if ($loadedOld) {
                Write-Host ("Skipping uninstall of {0} {1}: This version is currently loaded in a session. Please close all PowerShell sessions using this module and try again." -f $name, $old) -ForegroundColor Yellow
                continue
            }
            try {
                Uninstall-Module -Name $name -RequiredVersion $old -Force -ErrorAction Stop
                Write-Host "Successfully uninstalled $name $old" -ForegroundColor Green
            } catch {
                $errMsg = $_.Exception.Message
                    if ($errMsg -like '*No match was found*') {
                        # Try to find if the old version is installed elsewhere (system-wide, other user, etc.)
                        $otherInstalls = Get-Module -Name $name -ListAvailable | Where-Object { $_.Version -eq $old }
                        $latestInstalls = Get-Module -Name $name -ListAvailable | Where-Object { $_.Version -eq $latest }
                        if ($otherInstalls) {
                            $paths = $otherInstalls | ForEach-Object { $_.Path }
                            $scopeMsg = "Old version $old is still installed elsewhere (not in CurrentUser scope):`n    " + ($paths -join "`n    ")
                            if ($latestInstalls) {
                                $latestPaths = $latestInstalls | ForEach-Object { $_.Path }
                                $scopeMsg += "`nLatest version $latest is installed at:`n    " + ($latestPaths -join "`n    ")
                            }
                            Write-Host ("Could not uninstall {0} {1}: Not found in current user scope, but still installed elsewhere.`n{2}" -f $name, $old, $scopeMsg) -ForegroundColor Magenta
                            # Attempt manual folder removal if possible
                            foreach ($path in $paths) {
                                $folder = Split-Path $path -Parent
                                if (Test-Path $folder) {
                                    try {
                                        Remove-Item -Path $folder -Recurse -Force -ErrorAction Stop
                                        Write-Host ("Manually deleted folder for {0} {1}: {2}" -f $name, $old, $folder) -ForegroundColor Green
                                    } catch {
                                        Write-Host ("Failed to manually delete folder for {0} {1}: {2}" -f $name, $old, $_) -ForegroundColor Red
                                    }
                                } else {
                                    Write-Host ("Folder for {0} {1} not found: {2}" -f $name, $old, $folder) -ForegroundColor Blue
                                }
                            }
                        } else {
                            Write-Host ("Could not uninstall {0} {1}: Not found in current user scope, already removed, or not installed anywhere." -f $name, $old) -ForegroundColor Magenta
                        }
                    } elseif ($errMsg -like '*module is currently in use*' -or $errMsg -like '*being used by another process*') {
                        Write-Host ("Could not uninstall {0} {1}: Module is loaded in the current session. Please close all PowerShell sessions using this module and try again." -f $name, $old) -ForegroundColor Magenta
                    } else {
                        Write-Host ("Failed to uninstall {0} {1}: {2}" -f $name, $old, $errMsg) -ForegroundColor Red
                    }
            }
        }
    }
}

Azure CLI home directory, in which storage account does it reside? – see storage account, in which Azure CLI resides

–B–

bash, switch from bash to PowerShell

pwsh

to go back to bash:

exit

–C–

connect

$User = "Barney.Rubble@yourDomain.com"
$PWord = ConvertTo-SecureString -String "topSecret" -AsPlainText -Force
$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, $PWord
Connect-AzAccount -Credential $cred

–D–

–E–

–F–

–G–

gateways, list all

virtual network gateways

look in each resource group (otherwise must list resource group name as a parameter to the Get-AzVirtualNetworkGateway command) below

$resourceGroups = Get-AzResourceGroup
$gates = @()
foreach ($resourceGroup in $resourceGroups) {
  $gatewaysAzure = Get-AzVirtualNetworkGateway -ResourceGroupName $resourceGroup.ResourceGroupName
  foreach ($AzureGateway in $gatewaysAzure) {
    foreach ($IpConfig in $AzureGateway.IpConfigurations) {
      # Get the Virtual Network Name from the IP configuration ID
      $virtualNetworkName = ($IpConfig.Subnet.Id -split "/")[-3]
      $VirtualNetwork = Get-AzVirtualNetwork -ResourceGroupName $resourceGroup.ResourceGroupName -Name $virtualNetworkName
      $Subnet = Get-AzVirtualNetworkSubnetConfig -VirtualNetwork $VirtualNetwork -Name $IpConfig.Subnet.Name
      # Get the subnet range from the IP configuration ID
      $SubnetRange = $Subnet.AddressPrefix
      # Get the name of the public IP address from the IP configuration ID
      $publicIPAddressName = Split-Path $IpConfig.PublicIpAddress.Id -Leaf
      # Get the public IP address using the name and the resource group name
      $PublicIPAddress = (Get-AzPublicIpAddress -Name $publicIPAddressName -ResourceGroupName $resourceGroup.ResourceGroupName).IpAddress
      # Add the public IP address to the custom object
      $gates += [PSCustomObject] @{
        ResourceGroup = $resourceGroup.ResourceGroupName
        gatewayName = $AzureGateway.Name
        virtualNetworkName = $virtualNetworkName
        BgpPeeringAddress = $AzureGateway.BgpSettings.BgpPeeringAddress
        publicIPAddressName = $publicIPAddressName
        PublicIPAddress = $PublicIPAddress
        SubnetRange = $SubnetRange
        ProvisioningState = $AzureGateway.ProvisioningState
      }
    }
  }
}
$gates | select gatewayName, virtualNetworkName, ResourceGroup, BgpPeeringAddress,publicIPAddressName, PublicIPAddress, SubnetRange, ProvisioningState | ft

local network gateways

Get-AzLocalNetworkGateway to show local network gateways instead.

$resourceGroups = Get-AzResourceGroup
$gates = @()
foreach ($resourceGroup in $resourceGroups) {
  $gatewaysLocal = Get-AzLocalNetworkGateway -ResourceGroupName $resourceGroup.ResourceGroupName
  foreach ($localGateway in $gatewaysLocal) {
    $gates += [PSCustomObject] @{
        ResourceGroup = $resourceGroup.ResourceGroupName
        gatewayName = $localGateway.Name
        gatewayIpAddress = $localGateway.GatewayIpAddress
        location = $localGateway.Location
        IPRanges = ($localGateway.LocalNetworkAddressSpace.AddressPrefixes) -join ", "
    }
  }
}
$gates | select gatewayName, ResourceGroup, location, gatewayIpAddress, IPRanges | ft -a

Get-Get-AzSubscription: Unable to acquire token for tenant

WARNING: Unable to acquire token for tenant '1dea4595-8efe-fc33-a6ce-7b49aa512fdc' with error 'SharedTokenCacheCredential authentication unavailable. Token acquisition failed for user vader@darth.com. Ensure that you have authenticated with a developer tool that supports Azure single sign on.' }

clear cache and reconnect

Clear-AzContext -Force
Connect-AzAccount -Tenant 1dea4595-8efe-fc33-a6ce-7b49aa512fdc

Get-AzureADUser: The term 'Get-AzureADUser' is not recognized as a name of a cmdlet, function, script file, or executable program.

Install-Module AzureAD -Force

and then

Import-Module AzureAD -Force

Instead, use Get-MgUser:

Get-MgUser -ConsistencyLevel eventual -Count userCount -Search "DisplayName:Marley, Bob"

That is, after you:

Install-Module -Name Microsoft.Graph -RequiredVersion 1.27.0
Import-Module -Name Microsoft.Graph

first, if necessary

the Get-AzureADUser command doesn’t work anymore. Now that you’ve installed, imported the Microsoft.Graph module, now instead, use Get-MgUser:

Get-MgUser -ConsistencyLevel eventual -Count userCount -Search "DisplayName:Marley, Bob"

Get-AzureADUser says to Connect-AzureAD but that module does not support PowerShell Core Edition

You run Get-AzureADUser (with or without parameters) it returns

Get-AzureADUser: You must call the Connect-AzureAD cmdlet before calling any other cmdlets.

So, you dutifully

Connect-AzureAD

but it returns

Connect-AzureAD: This module does not support PowerShell Core edition. Retry the operation with PowerShell Desktop edition (Windows PowerShell).

By this, they mean:

Import-Module AzureAD -UseWindowsPowerShell

But this still fails with “The specified module 'AzureAD' was not loaded because no valid module file was found in any module directory.”

use

Connect-MgGraph

instead. That is, after you:

Install-Module -Name Microsoft.Graph -RequiredVersion 1.27.0
Import-Module -Name Microsoft.Graph

first, if necessary

The Get-AzureADUser command doesn’t work anymore. Now that you’ve installed, imported the Microsoft.Graph module, now instead, use Get-MgUser:

Get-MgUser -ConsistencyLevel eventual -Count userCount -Search "DisplayName:Marley, Bob"

–H–

home directory of Azure CLI, in which storage account does it reside? – see storage account, in which Azure CLI resides

–I–

interactive Azure

az interactive

–J–

–K–

keys for storage account, list – see storage account keys, list

–L–

logged on as, who am I? and how can I switch to another Azure account?

# 1. Identify: Who am I right now?
# see the exact account and tenant PowerShell is currently using
Get-AzContext

# 2. The Clean Break: "Logout"
# If you are logged in with the wrong ID, you should clear your local token cache to prevent it from auto-logging you back in.
# This logs out the current user and clears the context
Disconnect-AzAccount

# To be absolutely sure everything is wiped (useful if you have multiple identities)
Clear-AzContext -Force

# 3. Switch: "Login with the Right ID"
# Now, sign in again. If you have a specific ID you want to use that has Azure subscriptions, you can trigger a fresh login.

# Option A: The Standard Login
# This will pop up a window (or use WAM/Windows Account Manager) to let you pick an account.

Connect-AzAccount

# Option B: Force a Specific Tenant
# If your  account has access to multiple directories (e.g., a personal dev tenant and the University tenant), you can force it to land in the right one:

Connect-AzAccount -TenantId "your-tenant-id-or-domain.com"
# Option C: Device Code (The "Admin" trick)
# If the pop-up window is giving you trouble (sometimes it auto-fills the wrong O365 ID without asking), use this. It gives you a code to enter at microsoft.com/devicelogin.

Connect-AzAccount -UseDeviceAuthentication

–M–

MgGraph, connect

start with

Connect-MgGraph

should bring up

To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code EE9GLGY6J to authenticate.

(with a unique code, not the one above). Once connected, you should see something like this:

Welcome to Microsoft Graph!

Connected via delegated access using 14d82cec-204b-4c2f-b7e8-297a70deb67a
Readme: https://aka.ms/graph/sdk/powershell
SDK Docs: https://aka.ms/graph/sdk/powershell/docs
API Docs: https://aka.ms/graph/docs

NOTE: You can use the -NoWelcome parameter to suppress this message.

again, with another unique code, not the one above. To verify that you're connected:

Get-MgContext

Should return things like ClientID, TenatID, Scopes, etc. And

Get-MgOrganization

Should also return DisplayName, ID, TenantType, etc.

If Get-MgContext shows you logged into the wrong account,

Disconnect-AzAccount
Disconnect-MgGraph

And then connect again to the right account.

–N–

network gateways, list all – see gateways, list all

–O–

–P–

permission grant, delegated - create new

$params = @{
    ClientId = "ef969797-201d-4f6b-960c-e9ed5f31dab5"
    ConsentType = "AllPrincipals"
    ResourceId = "943603e4-e787-4fe9-93d1-e30f749aae39"
    Scope = "AdministrativeUnit.Read.All AdministrativeUnit.ReadWrite.All"
}
New-MgOauth2PermissionGrant -BodyParameter $params

where

permission required to run a command, list

here‘s what you need to be able to manage administrative units, for example:

Find-MgGraphCommand -command Get-MgDirectoryAdministrativeUnit | Select -First 1 -ExpandProperty Permissions

PowerShell, switch to from bash – see bash, switch from bash to PowerShell

–Q–

–R–

resource groups, exists?

$ResourceGroupName = "BobsBigOlResourceGroup"
Get-AzResourceGroup -Name $ResourceGroupName -ErrorVariable notPresent -ErrorAction SilentlyContinue
if ($notPresent) {"ResourceGroup $ResourceGroupName doesn't exist"}
else {"ResourceGroup $ResourceGroupName exists"}

resource groups, list

Get-AzResourceGroup | ft

This will only list the resources in one of your subscriptions. If you don’t find a resource you think you ought to have, you may want to list your subscriptions and then change your context to a different subscription

To see all resource groups for all subscriptions:

$ResourceGroupsForAllSubscriptions = @()
$i = 0
$subscriptions =Get-AzSubscription
ForEach ($subscription in $subscriptions) {
    $i++
    $subscriptionName = $subscription.Name
    Set-AzContext -SubscriptionId $subscription.SubscriptionId
    $j=0
    $resourceGroups = Get-AzResourceGroup
    foreach ($resourceGroup in $resourceGroups) {  
        $j++
        Write-Host "subscription $i of $($subscriptions.Count): $subscriptionName, ResourceGroup $j of $($resourceGroups.Count): $($resourceGroup.ResourceGroupName)" -ForegroundColor Green
        $ResourceGroupsForAllSubscriptions += [PSCustomObject] @{
            Subscription = $subscriptionName
            ResourceGroup = $resourceGroup.ResourceGroupName
        }
    }
}
$ResourceGroupsForAllSubscriptions | ogv

role assignments, list for a user

Get-AzRoleAssignment -SignInName frodo@theshire.com

roles, list

Get-AzRoleDefinition | ogv

–S–

storage account, in which Azure CLI resides

df

will show the file path to clouddrive, which includes storage account name and fileshare in the URL1. The format of the file path will be something like //filesharename.file.core.windows.net/cs-userid-schoolofhardknocks-edu-filesharename where "cs7233303327393af72" is substituted for "filesharename".

storage account keys, list

az storage account keys list -g <ResourceGroupname> -n <StorageAccountname>

where <ResourceGroupname> is something like "cloud-shell-storage-southcentralus" and <StorageAccountname> is something like "cs7233303327393af72"

storage accounts, list

az storage account list -o table

subscriptions, list

Get-AzSubscription

subscription, change context

you’ll probably first want to list your subscriptions so you can get a subscription ID

Set-AzContext -Subscription "dec98b56-ea77-8195-a1cd-9eda38fcb638" -Name "dev"

I thought the following would set the context to all my available subscriptions. But instead, it only seems to set the context one at a time, leaving you with the context of whichever subscription happens to be last.

Get-AzSubscription | Set-AzContext

–T–

tenant ID

(Get-MgOrganization).ID

switch from bash to PowerShell – see bash, switch from bash to PowerShell

–U–

–V–

VM availability zone

to find which availability zone for just one VM in one Resource Group (only works from Azure CLI / Cloud Shell):

az vm show --resource-group My-TEST-Resource-Group --name testVM1 --query "zones" --output tsv

VM joined to AAD?

from command line on the VM

dsregcmd /status

VMs, list

Get-AzVM | select Name, ResourceGroupName, Location, @{n="VMSize";e={$_.HardwareProfile.VmSize}}, @{n="OSType";e={$_.StorageProfile.OsDisk.OsType}}, @{n="NIC";e={$_.NetworkProfile.NetworkInterfaces[0].Id.Split("/")[-1]}} | ft -a

VM powerState

view

That last PowerState field below lets us know whether a VM is "dealocated", in which case there won’t be any IP addresses. But if it returns blank:

Get-AzVM -VMName testVM1 -ResourceGroupName My-Resource-Group -Status | Select-Object -ExpandProperty Statuses | ? Code -like "PowerState/*"

or from Azure CLI / Cloud Shell:

az vm show -g My-TEST-Resource-Group -n testVM1 -d --query powerState

start

PowerShell

Start-AzVM -ResourceGroupName MyRG -Name MyVM

Azure CLI

az vm start -g MyRG -n MyVM

stop

PowerShell

Stop-AzVM -ResourceGroupName MyRG -Name MyVM

Azure CLI

az vm deallocate -g MyRG -n MyVM

–W–

–X–

–Y–

–Z–