# Azure PowerShell - Getting Started

### <span class="icon"><i class="fa fa-user" style="color: #1DA1F2;"></i></span>&nbsp;Kiran Patnayakuni
### <span class="icon"><i class="fa fa-briefcase" style="color: #1DA1F2;"></i></span>&nbsp;Cloud Ops Engineering Specialist
### <span class="icon"><i class="fa fa-edge" style="color: #1DA1F2;"></i></span>&nbsp;https://kpatnayakuni.com <i class="fa fa-external-link" style="color:royalblue;"></i>
### <span class="icon"><i class="fa fa-twitter" style="color: #1DA1F2;"></i></span>&nbsp;<a href="https://twitter.com/kPatnayakuni" target="_blank">@kpatnayakuni <i class="fa fa-external-link" style="color:royalblue;"></i></a>

---

# Azure PowerShell
`Azure PowerShell` is used to automate, manage and administrate the `Microsoft Azure Services`. It is a `PowerShell module` used with the command line interface with vast support of Azure services and huge collection of cmdlets.

## This session includes...
- #### Azure Cloud Shell
- #### Azure PowerShell Module Installation
- #### Connecting to Azure Subscription
- #### Exploring the various cmdlets
- #### Listing and querying the Azure resources
- #### Creating and configuring the Azure resources
- #### Create a Virtual Machine

## Target Audience
- #### Microsoft Azure & PowerShell Users

## Environment Setup
* #### Chocolatey Package Manager
* #### PowerShell 7
* #### Windows Terminal
* #### Az Module
* #### Visual Studio Code
* #### PowerShell Extension for VSCode
* #### Azure Tools Extension for VSCode
* #### NodeJS

---
---

# Azure Cloud Shell
`Azure Cloud Shell` is an interactive, authenticated and browser based shell hosted in cloud to manage the `Azure` resources, and it supports both `Bash` & `PowerShell`.

## Access to Cloud Shell
- <a href="https://portal.azure.com" target="_blank">Azure Portal <i class="fa fa-external-link" style="color:royalblue;"></i></a>
- <a href="https://shell.azure.com" target="_blank">shell.azure.com <i class="fa fa-external-link" style="color:royalblue;"></i></a>
- Windows Terminal
- Visual Studio Code
<br><br>
- <a href="https://docs.microsoft.com/en-us/powershell/azure/get-started-azureps" target="_blank">Azure PowerShell/CLI Docs <i class="fa fa-external-link" style="color:royalblue;"></i></a>
- Azure Mobile App
![az-mob-app.png](attachment:az-mob-app.png)

### Key Features
- It is most useful for all common tasks like operation, development, deployment and automation (https://docs.microsoft.com/en-us/azure/cloud-shell/features#tools)
- It is fully configured and authenticated
- It’s a linux container
- It uses Microsoft Azure File Share for persistent storage
- Ships with Azure PS Drive
- In-built code editor (Monaco)
- Cloud Shell is updated and maintained by Microsoft

### Pricing
- There is no upfront cost
- Pay only for storage

---

---

# Azure PowerShell Module
## AzureRM -> Az
- ### AzureRM Module (Before December’ 2018)
    - Support through December’ 2020
    - No new features, only bug fixes
    - Latest Version: 6.13.1
    
- ### Az Module
    - Latest and greatest features
    - Enable-AzureRmAlias
    - Latest Version: 4.5.0

## Installation 
### Online Installation

#### From the <a href="https://www.powershellgallery.com/packages/Az/" target="_blank">PowerShellGallery <i class="fa fa-external-link" style="color:royalblue;"></i></a> using the PowerShellGet module.
    
- #### To check the latest version of Azure PowerShell

In [None]:
Find-Module -Name Az

- #### To install the Azure PowerShell

In [None]:
Install-Module -Name Az
# or
# Find-Module -Name Az | Install-Module

- #### To update the Azure PowerShell

In [None]:
# Install-Module -Name Az -Force
# or 
Update-Module -Name Az

### Offline Installation
- #### Using MSI Package <br>
    - Download Link: https://github.com/Azure/azure-powershell/releases/latest <i class="fa fa-external-link" style="color:royalblue;"></i>
<br>
- #### Save-Module
```powershell
Save-Module -Name Az -Path '\\server\share\PowerShell\modules' -Force
```

> **`Note`: To update Azure PowerShell module, you should use the same method used to install the module.**

---
---

## Azure PowerShell CmdLets
- ### Exploring various cmdlets
- #### List all the Azure PowerShell Module

In [None]:
Get-Module -Name Az.* -ListAvailable

- #### List the cmdlets in a specific module

In [None]:
Get-Command -Module Az.Resources

- #### Filter the cmdlets by verb or/and noun

In [None]:
Get-Command -Verb Get -Module Az.Resources

In [None]:
Get-Command -Verb Set -Noun *VM -Module Az.Compute

In [None]:
Get-Command -Name *LoadBalancer* -Module Az.Network

#### Available Verbs in Az Module
Add, Clear, Disable, Edit, Enable, Export, Get, Import, Invoke, Join, List, Login, Logout, Move, New, Reactivate, Remove, Repair, Reset, Resolve, Restart, Restore, Resume, Save, Select, Set, Start, Stop, Submit, Suspend, Swap, Sync, Test, Update, Use, Validate, Wait, Disconnect, Register, Send, Unregister, Approve, Backup, Close, Complete, Confirm, Connect, Convert, ConvertTo, Deny, Enter, Grant, Initialize, Install, Lock, Publish, Rename, Resize, Revoke, Switch, Undo, Uninstall, Unpublish

### Get help

In [None]:
Get-Help -Name New-AzVirtualNetwork

### Get object members

In [None]:
$RG = Get-AzResourceGroup -Name compute-rg
$RG | Get-Member

**Reference from my blog:** https://kpatnayakuni.com/2019/12/26/powershell-get-whatyouwant-dont-mess-up-on-your-screen/

---

---

## Connecting to Azure Subscription
### Sign in interactively
- #### Import module

In [None]:
Import-Module -Name Az

- #### Interactive sign in

`Run the command below, and follow the screen and authenticate in the web browser...`

In [None]:
Connect-AzAccount

- #### To authenticate only for the current session

In [None]:
# Connect-AzAccount -Scope Process

### Sign in with a service principal
An Azure service principal is an identity created for use with applications, hosted services, and automated tools to access Azure resources. <br><br>
https://docs.microsoft.com/en-us/powershell/azure/create-azure-service-principal-azureps <i class="fa fa-external-link" style="color:royalblue;"></i>
<br>

---

### Current context & switching between the subscriptions

- #### Get the current context/subscription

In [None]:
Get-AzContext

- #### Get all the subscriptions in the current context

In [None]:
Get-AzContext -ListAvailable

- #### List all the subscriptions

In [None]:
Get-AzSubscription | Select-Object -Property Name, State

- #### Switch between the subscriptions 

In [None]:
Get-AzSubscription -SubscriptionName 'Kiran Test Subscription' | Set-AzContext

---

## Listing and querying the Azure resources

- #### Get the resources in the current context

In [None]:
Get-AzResource

In [None]:
Get-AzResource -ResourceType 'Microsoft.Storage/storageAccounts' 

- #### Get all the resource groups in the current context

In [None]:
Get-AzResourceGroup

In [None]:
Get-AzResourceGroup -Location westus

- #### Get virtual machines

In [None]:
Get-AzVM

In [None]:
Get-AzVM -ResourceGroupName compute-rg

---
### Getting the required info
- #### Get azure locations

In [None]:
Get-AzLocation | Select-Object -Property Location # DisplayName

- #### Get virtual machine sizes

In [None]:
Get-AzVMSize -Location southindia

### Finding the right OS image 
<br>
- #### Get image publishers

In [None]:
Get-AzVMImagePublisher -Location westus     # MicrosoftWindowsServer, Canonical

- #### Get image offerings from the specified publisher

In [None]:
Get-AzVMImageOffer -Location southindia -PublisherName MicrosoftWindowsServer    # UbuntuServer, Ubuntu_Core # WindowsServer

- #### Get the image sku

In [None]:
Get-AzVMImageSku -Location southindia -PublisherName MicrosoftWindowsServer -Offer WindowsServer  # 18.04-LTS, 18.10, 2019-Datacenter

---
### Get info from the specific resources

- #### List security rules of a network security group

In [None]:
Get-AzNetworkSecurityGroup -ResourceGroupName security-rg -Name srv-nsg | Get-AzNetworkSecurityRuleConfig

- #### List subnets of a virtual network

In [None]:
Get-AzVirtualNetwork -ResourceGroupName network-rg -Name srv-vnet-01 | Get-AzVirtualNetworkSubnetConfig

---

## Creating new the Azure resources

- #### Declare local variables

In [None]:
# To supress the warning messages
$WarningPreference = [System.Management.Automation.ActionPreference]::SilentlyContinue
$ResourceGroupName = 'demo-rg'
$Location = 'westus'

- #### Create a new resource group

In [None]:
$DemoRG = New-AzResourceGroup -Name $ResourceGroupName -Location $Location 

- #### Create a new storage account

In [None]:
# Generate a random sa account name
$SAName = "sainukayantap1"
$DemoSA = New-AzStorageAccount -ResourceGroupName $ResourceGroupName -Location $Location -Name $SAName -SkuName Standard_LRS

- #### Create a new network security group with RDP and Web allow security rules

In [None]:
$NSGName = 'demo-nsg'

$RDPRule = New-AzNetworkSecurityRuleConfig -Name allow-3389 -Priority 1000 -Protocol Tcp -Direction Inbound `
            -Access Allow -SourcePortRange * -DestinationPortRange 3389 -SourceAddressPrefix * -DestinationAddressPrefix * 
            
$WebRule = New-AzNetworkSecurityRuleConfig -Name allow-80 -Priority 1010 -Protocol Tcp -Direction Inbound `
            -Access Allow -SourcePortRange * -DestinationPortRange 80 -SourceAddressPrefix * -DestinationAddressPrefix * 
            
$DemoNSG = New-AzNetworkSecurityGroup -ResourceGroupName $ResourceGroupName -Location $Location `
            -Name $NSGName -SecurityRules $RDPRule, $WebRule

- #### Create a new virtual network

In [None]:
$VNetName = 'demo-vnet'
$VNetAddressPrefix = '192.168.0.0/16'
$SubnetName = 'subnet'
$SubnetAddressPrefix = '192.168.1.0/24'

$Subnet = New-AzVirtualNetworkSubnetConfig -Name $SubnetName -AddressPrefix $SubnetAddressPrefix `
            -NetworkSecurityGroupId $DemoNSG.Id
            
$DemoVNet = New-AzVirtualNetwork -ResourceGroupName $ResourceGroupName -Location $Location -Name $VNetName `
            -AddressPrefix $VNetAddressPrefix -Subnet $Subnet

- #### Create a pubblic ip address

In [None]:
$PIPName = 'demo-pip'
$DemoPIP = New-AzPublicIpAddress -ResourceGroupName $ResourceGroupName -Location $Location `
            -Name $PIPName -AllocationMethod Dynamic

- #### Create a new network interface card

In [None]:
$NICName = 'demo-nic'
$DemoNIC = New-AzNetworkInterface -ResourceGroupName $ResourceGroupName -Location $Location -Name $NICName `
            -SubnetId $DemoVNet.Subnets[0].Id -PublicIpAddressId $DemoPIP.Id 

---

## Configuring the Azure resources

- #### Remove a security rule from the existing NSG

In [None]:
# $DemoNSG = Get-AzNetworkSecurityGroup -ResourceGroupName $ResourceGroupName -Name $NSGName
Remove-AzNetworkSecurityRuleConfig -Name allow-80 -NetworkSecurityGroup $DemoNSG
$DemoNSG | Set-AzNetworkSecurityGroup

- #### Add a new a security rule from the existing NSG

In [None]:
Add-AzNetworkSecurityRuleConfig -Name allow-8080 -Priority 1010 -Protocol Tcp -Direction Inbound `
    -Access Allow -SourcePortRange * -DestinationPortRange 8080 -SourceAddressPrefix * -DestinationAddressPrefix * `
    -NetworkSecurityGroup $DemoNSG
    
$DemoNSG | Set-AzNetworkSecurityGroup

- #### Add a new subnet to an existing vnet

In [None]:
$SubnetName2 = 'subnet2'
$SubnetAddressPrefix2 = '192.168.2.0/24'
Add-AzVirtualNetworkSubnetConfig -Name $SubnetName2 -AddressPrefix $SubnetAddressPrefix2 `
                                    -NetworkSecurityGroupId $DemoNSG.Id -VirtualNetwork $DemoVNet
$DemoVNet | Set-AzVirtualNetwork

---
## Create a new virtual machine

- #### Declare local variables

In [None]:
$RGName = 'demo-rg'
$Location = 'westus'
$VMName = 'demo-vm'
$ComputerName = 'demo-vm'
$VMSize = 'Standard_D2_v2'
$PublisherName = 'MicrosoftWindowsServer' 
$Offer = 'WindowsServer' 
$Sku = '2019-Datacenter' 
$AdminCredential = Get-Credential -UserName sysadmin

- #### Create VM configuration

In [None]:
$VMConfig = New-AzVMConfig -VMName $VMName -VMSize $VMSize

- #### Operating System configuration

In [None]:
$VMConfig | Set-AzVMOperatingSystem -Windows -ComputerName $ComputerName -Credential $AdminCredential

- #### VM Source Image Referance

In [None]:
$VMConfig | Set-AzVMOSDisk -CreateOption FromImage
$VMConfig | Set-AzVMSourceImage -PublisherName $PublisherName -Offer $Offer -Skus $Sku -Version latest

- #### Add Network Interface Card

In [None]:
$VMConfig | Add-AzVMNetworkInterface -Id $DemoNIC.Id -Primary

- #### Add Data Disk

In [None]:
$VMConfig | Add-AzVMDataDisk -DiskSizeInGB 1023 -Lun 0 -CreateOption Empty

- #### Enable Boot Diagnostics

In [None]:
$VMConfig | Set-AzVMBootDiagnostic -ResourceGroupName $RGName -Enable -StorageAccountName $DemoSA.StorageAccountName

- #### Create Virtual Machine

In [None]:
New-AzVM -ResourceGroupName $RGName -Location $Location -VM $VMConfig

**Azure PowerShell quickstart sample scripts:** https://github.com/kpatnayakuni/azure-quickstart-psscripts

---
---

![qaa.jpg](attachment:qaa.jpg)

---

# My big thanks to
| | | |
| --- | --- | --- |
| ![1500x500.jpg](attachment:1500x500.jpg) | **AND** | ![Tech.jpg](attachment:Tech.jpg) |

---

<div align="center"><h1>Thank you</h1></div>

---

### Useful Links
||||
| --- | --- | --- |
| What is PowerShell | | https://docs.microsoft.com/en-us/powershell/scripting/overview |
| About Cloud Shell | | https://azure.microsoft.com/en-in/features/cloud-shell/ |
| Overview of Azure Cloud Shell || https://docs.microsoft.com/en-in/azure/cloud-shell/overview |
| Azure Cloud Shell || https://github.com/Azure/CloudShell |
| Features & tools for Azure Cloud Shell || https://docs.microsoft.com/en-in/azure/cloud-shell/features |
| Tools inside Cloud Shell || https://docs.microsoft.com/en-us/azure/cloud-shell/features#tools |
| Monaco Editor || https://microsoft.github.io/monaco-editor/ |
| Simple Hierarchy in PowerShell (SHiPS) || https://github.com/PowerShell/SHiPS |
| AzurePSDrive || https://github.com/PowerShell/AzurePSDrive |
| PowerShell || https://github.com/PowerShell/PowerShell |
| Windows Terminal || https://github.com/microsoft/terminal |
| Azure PowerShell || https://github.com/Azure/azure-powershell |
||| https://www.powershellgallery.com/packages/Az/ |
| Azure PowerShell MSI || https://github.com/Azure/azure-powershell/releases/latest |
| Azure PowerShell documentation || https://docs.microsoft.com/en-in/powershell/azure |
| Migrate Azure PowerShell from AzureRM to Az || https://docs.microsoft.com/en-in/powershell/azure/migrate-from-azurerm-to-az |
| Install Azure PowerShell || https://docs.microsoft.com/en-in/powershell/azure/install-az-ps |
| PowerShell Module Browser || https://docs.microsoft.com/en-in/powershell/module/?view=azps-4.5.0 |
| Sign in with Azure PowerShell || https://docs.microsoft.com/en-us/powershell/azure/authenticate-azureps |
| Create an Azure service principal with Azure PowerShell || https://docs.microsoft.com/en-us/powershell/azure/create-azure-service-principal-azureps |
| Azure PowerShell context objects || https://docs.microsoft.com/en-in/powershell/azure/context-persistence |


---

# Environment Setup

In [None]:
break # To avoid accidental execution

## Open Windows PowerShell as administrator, and run the commands below...
# Install Chocolatey package manager
Set-ExecutionPolicy Bypass -Scope Process -Force
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))

# Install PowerShell 7
choco install powershell-core -y

# Install Windows Terminal
choco install microsoft-windows-terminal -y

# Install Visual Studio Code
choco install vscode -y


## Open PowerShell 7 or Windows Terminal (PowerShell 7 Tab) as administrator
# Install Azure PowerShell using choco
choco install az.powershell -y
# or install using the Install-Module
Install-Module -Name Az -Force
#########
# NOTE: When you are updating the module use the same mode of the installation. 
#       If it is choco then use upgrade switch or if it is Install-Module then use Update-Module itself.
#########

# Install PowerShell extension for Visual Studio Code using choco
choco install vscode-powershell -y
# or using code itself 
code --install-extension ms-vscode.powershell

# Install Azure Account extension for Visual Studio Code
code --install-extension ms-vscode.azure-account

# Install NodeJS to launch Azure Cloud Shell in VSCode
choco install nodejs -y


### Additional software
## Install Google Chrome or Microsoft EDGE
# Google Chrome
choco install googlechrome -y
# Microsoft EDGE
choco install microsoft-edge -y

# Install git scm
choco install git -y
