<< A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

–A–

AAD, is VM joined to? – see VM joined to AAD?

availability zones, list

This is supposed to work

Get-AzLocation -Location centralus | select displayname,location,zones

but fails

Get-AzLocation: A parameter cannot be found that matches parameter name 'Location'.

because Powershell 7.4.0 has some problem with it.

This works only from the Azure CLI / Cloud Shell

az vm list-skus --location centralus --zone --output table

Az module, uninstall

I wanted to uninstall the Az module after I got errors.

Azure CLI home directory, in which storage account does it reside? – see storage account, in which Azure CLI resides

–B–

bash, switch from bash to PowerShell

pwsh

to go back to bash:

exit

–C–

connect

$User = "Barney.Rubble@yourDomain.com"
$PWord = ConvertTo-SecureString -String "topSecret" -AsPlainText -Force
$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, $PWord
Connect-AzAccount -Credential $cred

–D–

–E–

–F–

–G–

gateways, list all

virtual network gateways

look in each resource group (otherwise must list resource group name as a parameter to the Get-AzVirtualNetworkGateway command) below

$resourceGroups = Get-AzResourceGroup
$gates = @()
foreach ($resourceGroup in $resourceGroups) {
  $gatewaysAzure = Get-AzVirtualNetworkGateway -ResourceGroupName $resourceGroup.ResourceGroupName
  foreach ($AzureGateway in $gatewaysAzure) {
    foreach ($IpConfig in $AzureGateway.IpConfigurations) {
      # Get the Virtual Network Name from the IP configuration ID
      $virtualNetworkName = ($IpConfig.Subnet.Id -split "/")[-3]
      $VirtualNetwork = Get-AzVirtualNetwork -ResourceGroupName $resourceGroup.ResourceGroupName -Name $virtualNetworkName
      $Subnet = Get-AzVirtualNetworkSubnetConfig -VirtualNetwork $VirtualNetwork -Name $IpConfig.Subnet.Name
      # Get the subnet range from the IP configuration ID
      $SubnetRange = $Subnet.AddressPrefix
      # Get the name of the public IP address from the IP configuration ID
      $publicIPAddressName = Split-Path $IpConfig.PublicIpAddress.Id -Leaf
      # Get the public IP address using the name and the resource group name
      $PublicIPAddress = (Get-AzPublicIpAddress -Name $publicIPAddressName -ResourceGroupName $resourceGroup.ResourceGroupName).IpAddress
      # Add the public IP address to the custom object
      $gates += [PSCustomObject] @{
        ResourceGroup = $resourceGroup.ResourceGroupName
        gatewayName = $AzureGateway.Name
        virtualNetworkName = $virtualNetworkName
        BgpPeeringAddress = $AzureGateway.BgpSettings.BgpPeeringAddress
        publicIPAddressName = $publicIPAddressName
        PublicIPAddress = $PublicIPAddress
        SubnetRange = $SubnetRange
        ProvisioningState = $AzureGateway.ProvisioningState
      }
    }
  }
}
$gates | select gatewayName, virtualNetworkName, ResourceGroup, BgpPeeringAddress,publicIPAddressName, PublicIPAddress, SubnetRange, ProvisioningState | ft

local network gateways

Get-AzLocalNetworkGateway to show local network gateways instead.

$resourceGroups = Get-AzResourceGroup
$gates = @()
foreach ($resourceGroup in $resourceGroups) {
  $gatewaysLocal = Get-AzLocalNetworkGateway -ResourceGroupName $resourceGroup.ResourceGroupName
  foreach ($localGateway in $gatewaysLocal) {
    $gates += [PSCustomObject] @{
        ResourceGroup = $resourceGroup.ResourceGroupName
        gatewayName = $localGateway.Name
        gatewayIpAddress = $localGateway.GatewayIpAddress
        location = $localGateway.Location
        IPRanges = ($localGateway.LocalNetworkAddressSpace.AddressPrefixes) -join ", "
    }
  }
}
$gates | select gatewayName, ResourceGroup, location, gatewayIpAddress, IPRanges | ft -a

Get-Get-AzSubscription: Unable to acquire token for tenant

WARNING: Unable to acquire token for tenant '1dea4595-8efe-fc33-a6ce-7b49aa512fdc' with error 'SharedTokenCacheCredential authentication unavailable. Token acquisition failed for user vader@darth.com. Ensure that you have authenticated with a developer tool that supports Azure single sign on.' }

clear cache and reconnect

Clear-AzContext -Force
Connect-AzAccount -Tenant 1dea4595-8efe-fc33-a6ce-7b49aa512fdc

Get-AzureADUser: The term 'Get-AzureADUser' is not recognized as a name of a cmdlet, function, script file, or executable program.

Install-Module AzureAD -Force

and then

Import-Module AzureAD -Force

Instead, use Get-MgUser:

Get-MgUser -ConsistencyLevel eventual -Count userCount -Search "DisplayName:Marley, Bob"

That is, after you:

Install-Module -Name Microsoft.Graph -RequiredVersion 1.27.0
Import-Module -Name Microsoft.Graph

first, if necessary

the Get-AzureADUser command doesn’t work anymore. Now that you’ve installed, imported the Microsoft.Graph module, now instead, use Get-MgUser:

Get-MgUser -ConsistencyLevel eventual -Count userCount -Search "DisplayName:Marley, Bob"

Get-AzureADUser says to Connect-AzureAD but that module does not support PowerShell Core Edition

You run Get-AzureADUser (with or without parameters) it returns

Get-AzureADUser: You must call the Connect-AzureAD cmdlet before calling any other cmdlets.

So, you dutifully

Connect-AzureAD

but it returns

Connect-AzureAD: This module does not support PowerShell Core edition. Retry the operation with PowerShell Desktop edition (Windows PowerShell).

By this, they mean:

Import-Module AzureAD -UseWindowsPowerShell

But this still fails with “The specified module 'AzureAD' was not loaded because no valid module file was found in any module directory.”

use

Connect-MgGraph

instead. That is, after you:

Install-Module -Name Microsoft.Graph -RequiredVersion 1.27.0
Import-Module -Name Microsoft.Graph

first, if necessary

The Get-AzureADUser command doesn’t work anymore. Now that you’ve installed, imported the Microsoft.Graph module, now instead, use Get-MgUser:

Get-MgUser -ConsistencyLevel eventual -Count userCount -Search "DisplayName:Marley, Bob"

–H–

home directory of Azure CLI, in which storage account does it reside? – see storage account, in which Azure CLI resides

–I–

interactive Azure

az interactive

–J–

–K–

keys for storage account, list – see storage account keys, list

–L–

–M–

MgGraph, connect

start with

Connect-MgGraph

should bring up

To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code EE9GLGY6J to authenticate.

(with a unique code, not the one above). Once connected, you should see something like this:

Welcome to Microsoft Graph!

Connected via delegated access using 14d82cec-204b-4c2f-b7e8-297a70deb67a
Readme: https://aka.ms/graph/sdk/powershell
SDK Docs: https://aka.ms/graph/sdk/powershell/docs
API Docs: https://aka.ms/graph/docs

NOTE: You can use the -NoWelcome parameter to suppress this message.

again, with another unique code, not the one above. To verify that you're connected:

Get-MgContext

Should return things like ClientID, TenatID, Scopes, etc. And

Get-MgOrganization

Should also return DisplayName, ID, TenantType, etc.

If Get-MgContext shows you logged into the wrong account,

Disconnect-AzAccount
Disconnect-MgGraph

And then connect again to the right account.

–N–

network gateways, list all – see gateways, list all

–O–

–P–

permission grant, delegated - create new

$params = @{
    ClientId = "ef969797-201d-4f6b-960c-e9ed5f31dab5"
    ConsentType = "AllPrincipals"
    ResourceId = "943603e4-e787-4fe9-93d1-e30f749aae39"
    Scope = "AdministrativeUnit.Read.All AdministrativeUnit.ReadWrite.All"
}
New-MgOauth2PermissionGrant -BodyParameter $params

where

permission required to run a command, list

here‘s what you need to be able to manage administrative units, for example:

Find-MgGraphCommand -command Get-MgDirectoryAdministrativeUnit | Select -First 1 -ExpandProperty Permissions

PowerShell, switch to from bash – see bash, switch from bash to PowerShell

–Q–

–R–

resource groups, exists?

$ResourceGroupName = "BobsBigOlResourceGroup"
Get-AzResourceGroup -Name $ResourceGroupName -ErrorVariable notPresent -ErrorAction SilentlyContinue
if ($notPresent) {"ResourceGroup $ResourceGroupName doesn't exist"}
else {"ResourceGroup $ResourceGroupName exists"}

resource groups, list

Get-AzResourceGroup | ft

This will only list the resources in one of your subscriptions. If you don’t find a resource you think you ought to have, you may want to list your subscriptions and then change your context to a different subscription

To see all resource groups for all subscriptions:

$ResourceGroupsForAllSubscriptions = @()
$i = 0
$subscriptions =Get-AzSubscription
ForEach ($subscription in $subscriptions) {
    $i++
    $subscriptionName = $subscription.Name
    Set-AzContext -SubscriptionId $subscription.SubscriptionId
    $j=0
    $resourceGroups = Get-AzResourceGroup
    foreach ($resourceGroup in $resourceGroups) {  
        $j++
        Write-Host "subscription $i of $($subscriptions.Count): $subscriptionName, ResourceGroup $j of $($resourceGroups.Count): $($resourceGroup.ResourceGroupName)" -ForegroundColor Green
        $ResourceGroupsForAllSubscriptions += [PSCustomObject] @{
            Subscription = $subscriptionName
            ResourceGroup = $resourceGroup.ResourceGroupName
        }
    }
}
$ResourceGroupsForAllSubscriptions | ogv

role assignments, list for a user

Get-AzRoleAssignment -SignInName frodo@theshire.com

roles, list

Get-AzRoleDefinition | ogv

–S–

storage account, in which Azure CLI resides

df

will show the file path to clouddrive, which includes storage account name and fileshare in the URL1. The format of the file path will be something like //filesharename.file.core.windows.net/cs-userid-schoolofhardknocks-edu-filesharename where "cs7233303327393af72" is substituted for "filesharename".

storage account keys, list

az storage account keys list -g <ResourceGroupname> -n <StorageAccountname>

where <ResourceGroupname> is something like "cloud-shell-storage-southcentralus" and <StorageAccountname> is something like "cs7233303327393af72"

storage accounts, list

az storage account list -o table

subscriptions, list

Get-AzSubscription

subscription, change context

you’ll probably first want to list your subscriptions so you can get a subscription ID

Set-AzContext -Subscription "dec98b56-ea77-8195-a1cd-9eda38fcb638" -Name "dev"

I thought the following would set the context to all my available subscriptions. But instead, it only seems to set the context one at a time, leaving you with the context of whichever subscription happens to be last.

Get-AzSubscription | Set-AzContext

–T–

tenant ID

(Get-MgOrganization).ID

switch from bash to PowerShell – see bash, switch from bash to PowerShell

–U–

–V–

VM availability zone

to find which availability zone for just one VM in one Resource Group (only works from Azure CLI / Cloud Shell):

az vm show --resource-group My-TEST-Resource-Group --name testVM1 --query "zones" --output tsv

VM joined to AAD?

from command line on the VM

dsregcmd /status

VMs, list

Get-AzVM | select Name, ResourceGroupName, Location, @{n="VMSize";e={$_.HardwareProfile.VmSize}}, @{n="OSType";e={$_.StorageProfile.OsDisk.OsType}}, @{n="NIC";e={$_.NetworkProfile.NetworkInterfaces[0].Id.Split("/")[-1]}} | ft -a

VM powerState

view

That last PowerState field below lets us know whether a VM is "dealocated", in which case there won’t be any IP addresses. But if it returns blank:

Get-AzVM -VMName testVM1 -ResourceGroupName My-Resource-Group -Status | Select-Object -ExpandProperty Statuses | ? Code -like "PowerState/*"

or from Azure CLI / Cloud Shell:

az vm show -g My-TEST-Resource-Group -n testVM1 -d --query powerState

start

PowerShell

Start-AzVM -ResourceGroupName MyRG -Name MyVM

Azure CLI

az vm start -g MyRG -n MyVM

stop

PowerShell

Stop-AzVM -ResourceGroupName MyRG -Name MyVM

Azure CLI

az vm deallocate -g MyRG -n MyVM

–W–

–X–

–Y–

–Z–