PowerShell is the most excellent way to manage Microsoft Azure cloud, because many taks are automated by scripting jobs. For example, you can provision virtual machines (VM) to the cloud and turn them off, turn them on, or even schedule them to be turned off (and back on during busy business hours) to save money.
With the Microsoft Azure cmdlets for PowerShell, you can manage all those things by usine the Microsoft Azure Service Manager platform. However, Microsoft Azure is moving toward the ARM (Azure Resource Management platform), and a new set of standard tools and generalized methods is available for working with the fabric technology. For more generalized info, comparing the new and old tools, kindly visit this page. In this blog post, we mainly focus on the new Azure Resource Management platform, and I assume that you have the AzureRM cmdlets installed on your workstation.
Log in to Azure with Login Azure RmAccount
You need to login, if you want to use any of the cmdlets in the AzureRM module. This requires that you already have an Azure subscription. Of course, the main reason behind login is that Microsoft wants to know who uses its cloud platform, infrastructure and are also to pay for the resources you are utilizing.
To check whether you are logged in or not to platform, you can run Get-AzureRmResourceGroup cmdlet, which allows you to see the total number of resource groups with their names in your taken subscription. If you did not sign in, you will get the error message Run Login-AzureRmAccount to login again.
Error message that indicates that you are not logged into.
When I run Login-Azure RmAccount command, I see a dialog box like the one below, asking for your credentials to login:
Signing in to Azure
This will log me in to the specified Microsoft Azure account and display information about my subscription as shown below:
Successful sign in to Azure
Now that if I am logged in, I can use Get-Azure Rmresource Group command to view my Microsoft Azure resources with PowerShell:
1 Get-Azure Rmresource Group | Select Resource Group Name
Select Resource Group names after profile based login
Saving the credentials with Save-Azure Rm Profile command:
You have to enter your login credentials before you start working with Microsoft Azure, which is a downside of the method described above. A more suitable way is to persist your login credentials in a file:
Save-AzureRmProfile -Path “c:\folder\azureprofile.json”
This will create the file microsoft-azure-profile.json, which will contain all the necessary login information for your Microsoft Azure account.
Very Important Note: This file is a plain-text JSON (JavaScript Object Notation is a very lightweight data interchange format) file. If an unauthorized people gain access to this JSON file, it would use your Microsoft Azure account, and this person could use Microsoft Azure cloud resources on your costs. Thus, you should treat this JSON file like cash.
The main advantage of persisting your login credentials in a file (JSON) is not just that you can quickly sign in to your Azure account, but also allows you to authenticate very easily from your PowerShell scripts.
Logging in using Select-AzureRmProfile
Signing in with the profile is as simple as is calling the Select-AzureRmProfile cmdlet, by passing the JSON file, which contains the credential information, you have saved previously:
Select-AzureRmProfile -Path “c:\folder\azureprofile.json”
After you sign in, Microsoft Azure will display some important information about your subscription:
Successful log in with Select-AzureRmProfile
Important note: You can work with only one profile at a time, because it is tightly associated to the subscription. You will need to build and select another profile, if you want to work with multiple associated subscriptions simultaneously.
For each associated subscription you work with, follow these standard steps:
- Sign in to the Microsoft Azure subscription with the Login-AzureRmAccount.
- Save a profile for that subscription as a file (JSON) with Save-AzureRmProfile -path “c:\folder\tplex -profile.json”.
- Import the saved profile for the subscription you are trying to access with Select-AzureRmProfile -path “c:\folder\tplex-profile.json”.
Once you successfully create and persist the profiles, signing in is as easier as importing the persisted JSON file for the subscription you want to access.
For a single session, only one subscription may be active. This is for to keep the customer data segregated from other customers. You can sign in to multiple associated subscriptions by using multiple PowerShell sessions.
Now you can use all the PowerShell cmdlets in the Microsoft AzureRM module to work with your associated subscriptions.
