Introduction
The Azure Command-Line Interface, or Azure CLI, is a powerful tool for managing Azure resources. It's simpler than PowerShell, making it a user-friendly option for command-line operations. It's also cross-platform, meaning you can use it regardless of your operating system. In this blog post, we'll explore what you can do with Azure CLI, provide some practical examples, and discuss how to manage resources with this tool.
What is Azure CLI?
Azure CLI is a command-line tool designed to manage Azure resources. It's easier to use than Azure PowerShell but still offers a significant degree of flexibility. Azure CLI is perfect for those who prefer a command-line interface but want something simpler than PowerShell. It's also cross-platform, so you can use it on any operating system that supports Node.js. Azure CLI is written in Python, making it a great choice for those familiar with Python scripting.
Installing Azure CLI on Windows, Linux, and Mac
Azure CLI is a powerful tool that enables users to manage and deploy resources from the command line, whether you're working with Windows, Linux, or Mac. This blog post will guide you through the process of installing Azure CLI on these three platforms.
Installing Azure CLI on Windows
Visit the Azure downloads page and download the MSI installer for Windows.
Once downloaded, run the installer and follow the on-screen instructions to install Azure CLI.
After installation, you can verify the installation by opening a new command prompt or PowerShell window and typing the command
az --version
. This should display the Azure CLI version installed on your machine.
Installing Azure CLI on Linux
The installation process on Linux depends on the specific distribution you are using. Here, we provide an example with a Debian-based distribution like Ubuntu.
Open a terminal window.
Update your sources list with the following command:
sudo apt-get update.
Install the curl command with:
sudo apt-get install curl.
Import the Microsoft repository key using the following command:
curl -sL <https://packages.microsoft.com/keys/microsoft.asc> | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/microsoft.asc.gpg > /dev/null.
Add the Azure CLI software repository:
echo "deb [arch=amd64] <https://packages.microsoft.com/repos/azure-cli/> $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/azure-cli.list.
Update the repository information with:
sudo apt-get update.
Install Azure CLI using:
sudo apt-get install azure-cli.
Verify the installation by typing
az --version
in the terminal. This should display the version of Azure CLI that you have installed.
Installing Azure CLI on Mac
Open Terminal.
We'll use Homebrew to install Azure CLI. If you don't have it installed, you can install it by running
/bin/bash -c "$(curl -fsSL <https://raw.githubusercontent.com/Homebrew/install/master/install.sh>)".
Once Homebrew is installed, you can install Azure CLI by running
brew update && brew install azure-cli.
Verify the installation by typing
az --version
in the terminal. This should display the version of Azure CLI that you have installed.
Installing Azure CLI on your machine, whether it's Windows, Linux, or Mac, is a straightforward process. With Azure CLI installed, you're ready to start managing your Azure resources from the command line. Happy scripting!
As we delve deeper into the world of Azure Command-Line Interface (Azure CLI), we come across an integral aspect of working with Azure resources - Authentication. Authentication is the process of verifying the identity of a user or process. In Azure CLI, it's the mechanism that allows you to prove your identity to Azure Active Directory (Azure AD) so you can access resources. In this blog post, we will discuss three primary methods of authenticating with Azure CLI: Interactive login, Service Principal with a client secret, and Service Principal with a certificate.
Azure CLI Authentication Methods & How They Work
Interactive Login
Interactive login is the simplest and most straightforward method of authentication. It is primarily used when you're manually running commands in your local environment. Here are the steps:
Run the command in your shell. This opens a web page where you can enter your Azure credentials.
az login
After entering your credentials, you'll be redirected to a page confirming that you've signed in to the Microsoft Azure Cross-platform Command Line Interface.
You can now close the webpage. Your shell should display a JSON output with details about your subscriptions.
Note that if you have multiple subscriptions, Azure CLI sets your active subscription to the default one. You can view your subscriptions with
az account list
az account set --subscription "subscription-id" // set your active subscription
Service Principal with a Client Secret
For automation tasks or when running Azure CLI in a non-interactive environment (like a CI/CD pipeline), using a service principal with a client secret is a common method. Here's how you can do it:
First, create a service principal with a client secret using the
az ad sp create-for-rbac
command. This command returns a JSON output with yourappId
,displayName
,name
,password
, andtenant
.Then, log in using the service principal. Use the
az login --service-principal --username APP_ID --password CLIENT_SECRET --tenant TENANT_ID
command, replacingAPP_ID
,CLIENT_SECRET
, andTENANT_ID
with your respective values.If successful, the shell returns a JSON output with details about the service principal's associated subscription.
Service Principal with a Certificate
A service principal with a certificate provides a more secure method of authentication than a client secret. Here's how to set it up:
First, create a self-signed certificate with the following command. This command creates a new service principal and a PEM file containing the certificate and private key.
az ad sp create-for-rbac --create-cert
Then, log in using the certificate. Use the command, replacing
APP_ID
,TENANT_ID
, andCERT_PATH
with your respective values.az login --service-principal --username APP_ID --tenant TENANT_ID --password CERT_PATH
If successful, the shell returns a JSON output with details about the service principal's associated subscription.
Authentication is a crucial part of managing Azure resources using Azure CLI. Whether you're using an interactive login for manual operations or service principals for automated tasks, understanding these authentication methods will enable you to securely and effectively manage your Azure resources.
Azure CLI in Action: Practical Examples
Let's dive into some practical examples of how to use Azure CLI. Firstly, to create a resource group, you would use the following command:
az group create --name myResourceGroup --location eastus
This command creates a resource group named "myResourceGroup" in the "eastus" region.
Suppose you want to create a new virtual machine. In that case, you might use a command like:
az vm create --resource-group myResourceGroup --name myVm --image UbuntuLTS --generate-ssh-keys
which would create a new Ubuntu virtual machine with SSH keys in the previously created resource group.
Managing Resources with Azure CLI
Managing resources with Azure CLI is straightforward. To list all resources in a specific resource group, use
az resource list --resource-group myResourceGroup
If you need to delete a resource group and all its resources, the command is
az group delete --name myResourceGroup --yes
The --yes
flag is used to confirm the deletion without further prompts.
Azure CLI also allows you to move resources between groups with
az resource move --destination-group newGroup --resource-group oldGroup --name resourceName
Where "newGroup" is the destination resource group, "oldGroup" is the source group, and "resourceName" is the name of the resource you're moving.
Conclusion
Azure CLI offers a powerful yet user-friendly way to manage Azure resources. Its cross-platform compatibility, combined with its simplicity relative to Azure PowerShell, makes it an appealing choice for a variety of use cases. By learning the basic commands and understanding how to manage resources, you can start leveraging the power of Azure CLI in your Azure operations.
Ref.: MicrosoftAzureCLI