Azure CLI Common Command Reference
Microsoft provides an advanced command-line interface (CLI) that allows customers to manage their resources in Microsoft Azure. Although Red Hat does not provide the Azure CLI, it is an open source utility that is published directly to the Content from github.com is not included.Azure GitHub site.
The command examples provided in this article specifically address common commands used for managing your account and Microsoft Azure resources. The command examples do not show all options, optional debugging, or any additional information flags. Full commands and options are provided in the detailed Content from docs.microsoft.com is not included.Azure CLI command reference.
Using the Azure CLI
The following information describes how to use the Azure CLI.
Installing and Using the Azure CLI
There are two ways to use the Azure CLI.
-
Install the Azure CLI and run it in a terminal session on your Red Hat Enterprise Linux (RHEL) server or workstation.
-
Launch an Content from docs.microsoft.com is not included.Azure Cloud Shell in the Microsoft Azure portal.
Switching to Human-Readable CLI Output
JSON is the default output format when using the Azure CLI. There are other formats to choose from. Enter the following command to switch to the human-readable table format.
$ az configure --output table
.... omitted
What default output format would you like?
[1] json - JSON formatted output that most closely matches API responses
[2] jsonc - Colored JSON formatted output that most closely matches API responses
[3] table - Human-readable output format
[4] tsv - Tab and Newline delimited, great for GREP, AWK, etc.
Please enter a choice [1]: 3
.... omitted
Account Information
The following commands are commonly used to log in, inspect your Azure account status, and log out.
Log In to Azure
$ az login
To sign in, use a web browser to open the page https://aka.ms/devicelogin and enter the code FLA2VHBDW to authenticate.
[
{
"cloudName": "AzureCloud",
"id": "....",
"isDefault": true,
"name": "Microsoft Azure Sponsorship",
"state": "Enabled",
"tenantId": "....",
"user": {
"name": "clouduser@company.com",
"type": "user"
}
}
]
Show Account Information
$ az account show
{
"environmentName": "AzureCloud",
"id": "....",
"isDefault": true,
"name": "Microsoft Azure Sponsorship",
"state": "Enabled",
"tenantId": "....",
"user": {
"name": "clouduser@company.com",
"type": "user"
}
}
List Available Subscriptions
$ az account list
[
{
"cloudName": "AzureCloud",
"id": "....",
"isDefault": true,
"name": "Microsoft Azure Sponsorship",
"state": "Enabled",
"tenantId": "....",
"user": {
"name": "clouduser@company.com",
"type": "user"
}
}
]
Set Active Subscription
The following command ensures that CLI operations occur only in the subscription set by the command.
$ az account set --subscription=<Subscription ID>
Log Out of Azure
$ az account clear
Billing Information
The following commands are commonly used to view subscription billing, invoices, and consumption costs.
List All Billing Periods
$ az billing period list
[
{
"billingPeriodEndDate": "2017-11-05",
"billingPeriodStartDate": "2017-10-06",
"id": "/subscriptions/..../providers/Microsoft.Billing/billingPeriods/201709-1",
"invoiceIds": null,
"name": "201709-1",
"type": "Microsoft.Billing/billingPeriods"
},
{
"billingPeriodEndDate": "2017-10-05",
"billingPeriodStartDate": "2017-09-06",
"id": "/subscriptions/..../providers/Microsoft.Billing/billingPeriods/201708-1",
"invoiceIds": [
"/subscriptions/..../providers/Microsoft.Billing/invoices/201708-317394150396840"
],
"name": "201708-1",
"type": "Microsoft.Billing/billingPeriods"
}
]
Show a Specific Billing Period
Show a specific billing period. Billing period names are listed in the output from the az billing period list command.
$ az billing period show --name=201709-1
{
"billingPeriodEndDate": "2017-11-05",
"billingPeriodStartDate": "2017-11-06",
"id": "/subscriptions/..../providers/Microsoft.Billing/billingPeriods/201709-1",
"invoiceIds": null,
"name": "201709-1",
"type": "Microsoft.Billing/billingPeriods"
}
List All Invoices
List invoices for the subscription.
$ az billing invoice list
[
{
"billingPeriodIds": [
"/subscriptions/..../providers/Microsoft.Billing/billingPeriods/201708-1"
],
"downloadUrl": null,
"id": "/subscriptions/..../providers/Microsoft.Billing/invoices/201708-317394150396840",
"invoicePeriodEndDate": "2017-11-05",
"invoicePeriodStartDate": "2017-10-06",
"name": "201708-317394150396840",
"type": "Microsoft.Billing/invoices"
}
]
Show a Specific Invoice
Show a specific invoice. Invoice names are listed in the output from the az billing invoice list command.
$ az billing invoice show --name=201708-317394150396840
{
"billingPeriodIds": [
"/subscriptions/..../providers/Microsoft.Billing/billingPeriods/201708-1"
],
"downloadUrl": {
"expiryTime": "2017-07-29T14:51:07+00:00",
"url": "https://billinginsightsstore01.blob.core.windows.net/....
},
"id": "/subscriptions/..../providers/Microsoft.Billing/invoices/201708-317394150396840",
"invoicePeriodEndDate": "2017-11-05",
"invoicePeriodStartDate": "2017-11-06",
"name": "201708-317394150396840",
"type": "Microsoft.Billing/invoices"
}
List Resource Consumption
List accrued consumption costs for resources in the subscription.
$ az consumption usage list
[
{
"additionalProperties": null,
"billableQuantity": "0",
"billingPeriodId": "/..../providers/Microsoft.Billing/billingPeriods/201709-1",
"currency": "USD",
"id": "/subscriptions/..../providers/Microsoft.Consumption/usageDetails/8aab58a1da8c0f24e0b18f0ce943c87e",
"instanceId": "/subscriptions/..../resourceGroups/..../providers/Microsoft.Compute/disks/osdisk_60EOT66PQa",
"instanceLocation": "....",
"instanceName": "....",
"invoiceId": null,
"isEstimated": true,
"meterDetails": null,
"meterId": "....",
"name": "....",
"pretaxCost": "0",
"tags": null,
"type": "Microsoft.Consumption/usageDetails",
"usageEnd": "2017-11-29T23:59:59Z",
"usageQuantity": "0.005375999999999999702515740551689304993487894535064697265625",
.... omitted
List Billing Period Resource Consumption
List accrued consumption costs for a specific billing period. Billing period names are listed in the output from the az billing period list command.
$ az consumption usage list --billing-period-name 201709-1
[
{
"additionalProperties": null,
"billableQuantity": "0",
"billingPeriodId": "/subscriptions/..../providers/Microsoft.Billing/billingPeriods/201709-1",
"currency": "USD",
"id": "/subscriptions/..../providers/Microsoft.Consumption/usageDetails/8aab58a1da8c0f24e0b18f0ce943c87e",
"instanceId": "/subscriptions/..../resourceGroups/RESOURCEGROUP01/providers/Microsoft.Compute/disks/osdisk_60EOT66PQa",
"instanceLocation": "....",
"instanceName": "....",
"invoiceId": null,
"isEstimated": true,
"meterDetails": null,
"meterId": "....",
"name": "....",
"pretaxCost": "0",
"tags": null,
"type": "Microsoft.Consumption/usageDetails",
"usageEnd": "2017-11-29T23:59:59Z",
"usageQuantity": "0.005375999999999999702515740551689304993487894535064697265625",
"usageStart": "2017-11-29T00:00:00Z"
},
.... omitted
Resource Groups
The following commands are commonly used to manage resource groups.
Create a Resource Group
The following command creates a new resource group named TestRSGroup01 in the eastus2 region with the tag testrsg. For more information about tags, see Content from docs.microsoft.com is not included.Using tags to organize your Azure resources.
$ az group create --name TestRSGroup01 --location eastus2 --tags testrsg
{
"id": "/subscriptions/..../resourceGroups/TestRSGroup01",
"location": "eastus2",
"managedBy": null,
"name": "TestRSGroup01",
"properties": {
"provisioningState": "Succeeded"
},
"tags": {
"testrsg": ""
}
}
List Resource Groups
List resource groups using the subscription.
$ az group list
[
{
"id": "/subscriptions/..../resourceGroups/atest1",
"location": "eastus",
"managedBy": null,
"name": "atest1",
"properties": {
"provisioningState": "Succeeded"
},
"tags": null
},
{
"id": "/subscriptions/..../resourceGroups/atest2",
"location": "westus",
"managedBy": null,
"name": "atest2",
"properties": {
"provisioningState": "Succeeded"
},
"tags": {}
},
.... omitted
Search for and List Specific Resource Groups
The following command lists resource groups (in table format) with Test in the resource group name.
$ az group list --output table --query "[?contains(name, 'Test')]"
Name Location
------------------ --------------
Test_001 southcentralus
TestRG02 eastus
TestRSGroup01 eastus2
Show a Resource Group
$ az group show --name TestRSGroup01
{
"id": "/subscriptions/..../resourceGroups/TestRSGroup01",
"location": "eastus2",
"managedBy": null,
"name": "TestRSGroup01",
"properties": {
"provisioningState": "Succeeded"
},
"tags": {
"testrsg": ""
}
}
Show Resources in a Specific Resource Group
The following command lists all resources (in table format) in resource group TestRSGroup01.
$ az resource list --resource-group TestRSGroup01 --output table
Name ResourceGroup Location Type Status
--------------- --------------- ---------- --------------------------------------- --------
ExistingDisk01 TESTRSGROUP01 eastus2 Microsoft.Compute/disks
rhel7vm_OsDisk_1 TESTRSGROUP01 eastus2 Microsoft.Compute/disks
rhel7vm TestRSGroup01 eastus2 Microsoft.Compute/virtualMachines
rhel7vmVMNic TestRSGroup01 eastus2 Microsoft.Network/networkInterfaces
rhel7vmNSG TestRSGroup01 eastus2 Microsoft.Network/networkSecurityGroups
rhel7vmPublicIP TestRSGroup01 eastus2 Microsoft.Network/publicIPAddresses
PrivateNetwork01 TestRSGroup01 eastus2 Microsoft.Network/virtualNetworks
rhel7vmVNET TestRSGroup01 eastus2 Microsoft.Network/virtualNetworks
bootdiags01 TestRSGroup01 eastus2 Microsoft.Storage/storageAccounts
bdstorageacct01 TestRSGroup01 eastus2 Microsoft.Storage/storageAccounts
Delete a Resource Group
$ az group delete --name TestRSGroup01
Change or Update a Resource Group
The following command adds a property value to the resource group tag. This is useful to further organize your resources in Azure.
$ az group update --name TestRSGroup01 --set tags.testrsg=value1
{
"id": "/subscriptions/..../resourceGroups/TestRSGroup01",
"location": "eastus2",
"managedBy": null,
"name": "TestRSGroup01",
"properties": {
"provisioningState": "Succeeded"
},
"tags": {
"testrsg": "value1"
}
}
Export a Resource Group as a Resource Manager Template
The following command exports the resource group TestRSGroup01 and all resources as a Resource Manager template. You can use an exported template to quickly deploy resources. For information about deploying a Resource Manager template, see Content from docs.microsoft.com is not included.Deploy resources with Resource Manager templates and Azure CLI.
$ az group export --name TestRSGroup01
{
"$schema": "https://schema.management.azure.com/schemas/..../deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"variables": {},
"parameters": {},
"resources": []
}
Virtual Machines
The following commands are commonly used to manage virtual machines.
Create a Virtual Machine
The following command creates a Content from docs.microsoft.com is not included.Standard_A2 size Red Hat Enterprise Linux (RHEL) 7.3 virtual machine (VM) named rhel7vm in resource group TestRSGroup01. By default, the command copies current user account SSH keys to the VM. This allows the terminal session user to launch an SSH session to the VM and enable sudo access without using a password.
$ az vm create --name rhel7vm --size Standard_A2 --image RHEL --resource-group TestRSGroup01
{
"fqdns": "",
"id": "/subscriptions/..../resourceGroups/TestRSGroup01/providers/Microsoft.Compute/virtualMachines/rhel7vm",
"location": "eastus2",
"macAddress": "....",
"powerState": "VM running",
"privateIpAddress": "10.0.0.4",
"publicIpAddress": "192.0.2.4",
"resourceGroup": "TestRSGroup01",
"zones": ""
}
List Virtual Machines in a Resource Group
Show details in table format for VMs in a specific Resource Group.
$ az vm list --resource-group TestRSGroup01 --output table --show-details
Name ResourceGroup PowerState PublicIps Location
------- --------------- ------------ ------------ ----------
rhel7vm TestRSGroup01 VM running 192.0.2.10 eastus2
List Virtual Machines
List the details for VMs using the subscription.
$ az vm list
[
{
"availabilitySet": null,
"diagnosticsProfile": null,
"hardwareProfile": {
"vmSize": "Standard_A1"
},
"id": "/subscriptions/..../resourceGroups/..../providers/Microsoft.Compute/virtualMachines/azvm0001",
"identity": null,
"instanceView": null,
"licenseType": null,
"location": "eastus",
"name": "avm0001",
"networkProfile": {
"networkInterfaces": [
{
"id": "/subscriptions/..../resourceGroups/..../providers/Microsoft.Network/networkInterfaces/aznic0001",
"primary": null,
"resourceGroup": "azrsgrp0001"
}
.... omitted
Show the Details for a Virtual Machine
$ az vm show --name rhel7vm --resource-group TestRSGroup01
{
"availabilitySet": null,
"diagnosticsProfile": null,
"hardwareProfile": {
"vmSize": "Standard_A2"
},
"id": "/subscriptions/..../resourceGroups/..../providers/Microsoft.Compute/virtualMachines/rhel7vm",
"identity": null,
"instanceView": null,
"licenseType": null,
"location": "eastus2",
"name": "rhel7vm",
"networkProfile": {
"networkInterfaces": [
{
"id": "/subscriptions/..../resourceGroups/..../providers/Microsoft.Network/networkInterfaces/rhel7vmVMNic",
"primary": null,
"resourceGroup": "TestRSGroup01"
}
]
},
.... omitted
Show the Public and Private IP Addresses for a Virtual Machine
$ az vm list-ip-addresses --name rhel7vm --resource-group TestRSGroup01
[
{
"virtualMachine": {
"name": "rhel7vm",
"network": {
"privateIpAddresses": [
"10.0.0.4"
],
"publicIpAddresses": [
{
"id": "/subscriptions/..../resourceGroups/TestRSGroup01/providers/Microsoft.Network/publicIPAddresses/rhel7vmPublicIP",
"ipAddress": "192.02.0.4",
"ipAllocationMethod": "Dynamic",
"name": "rhel7vmPublicIP",
"resourceGroup": "TestRSGroup01"
}
]
},
"resourceGroup": "TestRSGroup01"
}
}
]
Start a Virtual Machine
$ az vm start --name rhel7vm --resource-group TestRSGroup01
{
"endTime": "2017-11-08T15:03:28.315991+00:00",
"error": null,
"name": "....",
"startTime": "2017-11-08T15:03:28.097230+00:00",
"status": "Succeeded"
}
Stop a Virtual Machine
The following command stops the VM. The VM continues to accrue resource consumption costs.
$ az vm stop --name rhel7vm --resource-group TestRSGroup01
{
"endTime": "2017-11-08T15:05:30.897252+00:00",
"error": null,
"name": "....",
"startTime": "2017-11-08T15:05:02.630920+00:00",
"status": "Succeeded"
}
Deallocate a Virtual Machine
The following command stops the VM and frees up Azure resources. The VM no longer accrues resource consumption costs.
az vm deallocate --name rhel7vm --resource-group TestRSGroup01
{
"endTime": "2017-11-08T15:16:31.586047+00:00",
"error": null,
"name": "....",
"startTime": "2017-11-08T15:14:00.238411+00:00",
"status": "Succeeded"
}
Enable Boot Diagnostics
The following command enables boot diagnostics for rhel7vm in resource group TestRSGroup1. Logs are stored in storage account bdstorageacct01.
Note: See Create a Storage Account for the command to create a storage account.
$ az vm boot-diagnostics enable --name rhel7vm --resource-group TestRSGroup01 --storage bdstorageacct01
$
Display Boot Diagnostics
$ az vm boot-diagnostics get-boot-log --name rhel7vm --resource-group TestRSGroup01
Probing EDD (edd=off to disable)... ok
[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu
[ 0.000000] Initializing cgroup subsys cpuacct
[ 0.000000] Linux version 3.10.0-514.28.1.el7.x86_64 (gcc version 4.8.5 20150623 (Red Hat 4.8.5-11)
[ 0.000000] Command line: BOOT_IMAGE=/vmlinuz-.... root=UUID=.... ro console=tty1 console=ttyS0 earlyprintk=ttyS0 rootdelay=300
[ 0.000000] e820: BIOS-provided physical RAM map:
[ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
[ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000000e0000-0x00000000000fffff] reserved
[ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000001ffeffff] usable
[ 0.000000] BIOS-e820: [mem 0x000000001fff0000-0x000000001fffefff] ACPI data
[ 0.000000] BIOS-e820: [mem 0x000000001ffff000-0x000000001fffffff] ACPI NVS
[ 0.000000] BIOS-e820: [mem 0x0000000100000000-0x00000001bfffffff] usable
[ 0.000000] bootconsole [earlyser0] enabled
[ 0.000000] NX (Execute Disable) protection: active
[ 0.000000] SMBIOS 2.3 present.
[ 0.000000] Hypervisor detected: Microsoft HyperV
[ 0.000000] HyperV: features 0x2e7f, hints 0xc2c
....omitted
Disable Boot Diagnostics
$ az vm boot-diagnostics disable --name rhel7vm --resource-group TestRSGroup01
$
Attach an Existing Disk to a Virtual Machine
The following command attaches an existing disk named ExistingDisk01 to rhel7vm in resource group TestRSGroup01. The disk must exist in the same resource group as the VM and cannot be used by any other VM in the resource group.
$ az vm disk attach --vm-name rhel7vm --resource-group TestRSGroup01 --disk ExistingDisk01
$
Attach a New Disk to a Virtual Machine
The following command creates a new 1023 GiB disk attached to rhel7vm named NewDisk02.
$ az vm disk attach -g TestRSGroup01 --vm-name rhel7vm --disk NewDisk02 --size-gb 1023 --new
$
Storage
The following commands are commonly used to manage Azure storage. Note that Microsoft recommends using Content from docs.microsoft.com is not included.Managed Disks. This eliminates many of the tasks associated with managing disks in Microsoft Azure.
Create a Storage Account
The following command creates the storage account bdstorageacct01 in TestRSGroup01 using Standard_LRS (Locally Redundant Storage). A storage account is required if you enable Boot Diagnostics, whether or not you use Managed Disks.
See Content from docs.microsoft.com is not included.Azure Storage Scalability and Performance Targets for information about Azure storage types and SKUs.
$ az storage account create --resource-group TestRSGroup01 --name bdstorageacct01 --sku Standard_LRS
{
"accessTier": null,
"creationTime": "2017-11-08T15:59:18.663801+00:00",
"customDomain": null,
"enableHttpsTrafficOnly": false,
"encryption": {
"keySource": "Microsoft.Storage",
"keyVaultProperties": null,
"services": {
"blob": {
"enabled": true,
"lastEnabledTime": "2017-11-08T15:59:18.667801+00:00"
},
"file": {
"enabled": true,
"lastEnabledTime": "2017-11-08T15:59:18.667801+00:00"
},
"queue": null,
"table": null
}
},
.... omitted
List Storage Accounts
The following command lists storage accounts in the subscription.
$ az storage account list
[
{
"accessTier": null,
"creationTime": "2017-04-12T14:56:30.753347+00:00",
"customDomain": null,
"enableHttpsTrafficOnly": false,
"encryption": {
"keySource": "Microsoft.Storage",
"keyVaultProperties": null,
"services": {
"blob": {
"enabled": true,
"lastEnabledTime": "2017-11-02T09:26:48.386498+00:00"
},
"file": {
"enabled": true,
"lastEnabledTime": "2017-11-06T11:36:11.136031+00:00"
},
"queue": null,
"table": null
}
},
"id": "/subscriptions/..../resourceGroups/default-web-eastus/providers/Microsoft.Storage/storageAccounts/....",
"identity": null,
"kind": "Storage",
"lastGeoFailoverTime": null,
"location": "eastus",
"name": "....",
"networkRuleSet": {
"bypass": "AzureServices",
"defaultAction": "Allow",
"ipRules": [],
"virtualNetworkRules": []
},
.... omitted
List Storage Account Keys
The following command lists the storage account keys for bdstorageacct01 in resource group TestRSGroup01.
$ az storage account keys list --resource-group TestRSGroup01 --account-name bdstorageacct01
[
{
"keyName": "key1",
"permissions": "Full",
"value": "jPb0Ec0yX3XhCRZz+if0EtBEkIawsSrqW9bM1rVveJfyAv9AX...."
},
{
"keyName": "key2",
"permissions": "Full",
"value": "ZcbKFVWrGxbmaMZmDe7TBw4QZSkhTwo1vv37aPvtXA0ehhQgR...."
}
]
List Storage Containers
The following command lists the storage containers in storage account bdstorageacct01.
$ az storage container list --account-name bdstorageacct01 --account-key jPb0Ec0yX3XhCRZz+if0EtBEkIaw....
[
{
"metadata": null,
"name": "bootdiagnostics-rhel7vm-3db604bf-6fb0-4ae6-....",
"properties": {
"etag": "\"0x8D526....\"",
"lastModified": "2017-11-08T16:06:43+00:00",
"lease": {
"duration": null,
"state": null,
"status": null
},
"leaseDuration": null,
"leaseState": "available",
"leaseStatus": "unlocked",
"publicAccess": null
}
}
]
Create a Storage Container
The following command creates a new container storagecontainer01 in storage account bdstorageacct01.
$ az storage container create --name storagecontainer01 --account-name bdstorageacct01
{
"created": true
}
Upload Blob Storage
The following command uploads RHEL image file rhel-azure-vm-image.vhd to blob storage account storagecontainer01, where it is named rhel-azure-vhd.
$ az storage blob upload --account-name bdstorageacct01 --container-name storagecontainer01 --name rhel7-azure-vhd --file rhel-azure-vm-image.vhd
Finished[#############################################################] 100.0000%
{
"etag": "\"0x8D526FA47D0D20B\"",
"lastModified": "2017-11-08T22:44:33+00:00"
}
List Blob Storage
The following command lists blob storage in storage container storagecontainer01.
$ az storage blob list --container-name storagecontainer01 --account-name bdstorageacct01 --account-key jPb0Ec0yX3XhCRZz+if0EtBEkIaw....
Create a Managed Disk
The following command creates a 50 GiB managed disk named managed-disk01 in resource group TestRSGroup01.
$ az disk create --resource-group TestRSGroup01 --name managed-disk01 --size-gb 50
{
"creationData": {
"createOption": "Empty",
"imageReference": null,
"sourceResourceId": null,
"sourceUri": null,
"storageAccountId": null
},
"diskSizeGb": 50,
"encryptionSettings": null,
"id": "/subscriptions/..../resourceGroups/TestRSGroup01/providers/Microsoft.Compute/disks/managed-disk01",
"location": "eastus2",
"managedBy": null,
"name": "managed-disk01",
"osType": null,
"provisioningState": "Succeeded",
"resourceGroup": "TestRSGroup01",
"sku": {
"name": "Premium_LRS",
"tier": "Premium"
},
"tags": {},
"timeCreated": "2017-11-08T21:50:39.124885+00:00",
"type": "Microsoft.Compute/disks",
"zones": null
}
List Managed Disks
The following command lists managed disks in the subscription.
$ az disk list
[
{
"creationData": {
"createOption": "FromImage",
"imageReference": {
"id": "/Subscriptions/.../Providers/..../Locations/.../Publishers/RedHat/ArtifactTypes/VMImage/Offers/RHEL/Skus/6.8/Versions/latest",
"lun": null
},
"sourceResourceId": null,
"sourceUri": null,
"storageAccountId": null
},
"diskSizeGb": 32,
"encryptionSettings": null,
"id": "/subscriptions/..../resourceGroups/ANAND-RHEL68/providers/Microsoft.Compute/disks/....",
"location": "....",
"managedBy": null,
"name": "....",
"osType": "Linux",
"provisioningState": "Succeeded",
"resourceGroup": "....",
"sku": {
"name": "Premium_LRS",
"tier": "Premium"
},
"tags": null,
"timeCreated": "2017-08-02T00:43:06.279617+00:00",
"type": "Microsoft.Compute/disks",
"zones": null
},
.... omitted
Delete a Managed Disk
$ az disk delete --name managed-disk01 --resource-group TestRSGroup01
Are you sure you want to perform this operation? (y/n): y
{
"endTime": "2017-11-08T21:53:51.663989+00:00",
"error": null,
"name": "abc8a60f-dd79-4a0a-895e-4fa4e8cef427",
"startTime": "2017-11-08T21:53:51.507755+00:00",
"status": "Succeeded"
}
Images
The following commands are commonly used to manage images.
Get an Image URL
The following command returns the URL for a blob image in storage. You need the blob URL to create a custom VM image.
$ az storage blob URL --container-name storagecontainer01 -n rhel-azure-vm-image.vhd --account-name bdstorageacct01 --account-key "ZcbKFVWrGxbmaMZmDe7TBw4QZSkhT...."
"https://bdstorageacct01.blob.core.windows.net/storagecontainer01/rhel-azure-vm-image.vhd"
Create a Custom Virtual Machine Image from a Page Blob
The following command creates a custom image named rhel-azure-vm in resource group TestRSGroup01.
$ az image create --resource-group TestRSGroup01 --source https://bdstorageacct01.blob.core.windows.net/storagecontainer01/rhel-azure-vm-image.vhd --name rhel-azure-vm --os-type Linux
Networks
The following commands are commonly used to manage virtual networks, ports, security, and network interfaces.
Open a Network Port on a Virtual Machine
The only port opened by default for Azure VMs is port 22. The following command opens port 80 for rhel7vm.
$ az vm open-port --name rhel7vm --resource-group TestRSGroup01 --port 80
.... omitted
},
{
"access": "Allow",
"description": null,
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationApplicationSecurityGroups": null,
"destinationPortRange": "80",
"destinationPortRanges": [],
"direction": "Inbound",
"etag": "W/\"....\"",
"id": "/subscriptions/..../resourceGroups/TestRSGroup01/providers/..../networkSecurityGroups/rhel7vmNSG/securityRules/open-port-80",
"name": "open-port-80",
"priority": 900,
"protocol": "*",
"provisioningState": "Succeeded",
"resourceGroup": "TestRSGroup01",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourceApplicationSecurityGroups": null,
"sourcePortRange": "*",
"sourcePortRanges": []
}
.... omitted
Add a Network Interface to a Virtual Machine
The following command attaches an existing network interface named PrivateNIC01 to rhel7vm in resource group TestRSGroup01. The network interface must exist in the same resource group as the VM and cannot be used by any other VM in the resource group.
$ az vm nic add --resource-group TestRSGroup01 --vm-name rhel7vm --nics PrivateNIC01
$
Create a Virtual Network
The following command creates a virtual network (vnet) named PrivateNetwork01 in the resource group TestRSGroup01 with an address range of 192.168.1.0/24.
$ az network vnet create --resource-group TestRSGroup01 --name PrivateNetwork01 --address-prefixes 192.168.1.0/24
{
"newVNet": {
"addressSpace": {
"addressPrefixes": [
"192.168.1.0/24"
]
},
"dhcpOptions": {
"dnsServers": []
},
"enableDdosProtection": false,
"enableVmProtection": false,
"etag": "W/\"....\"",
"id": "/subscriptions/..../resourceGroups/TestRSGroup01/providers/Microsoft.Network/virtualNetworks/PrivateNetwork01",
"location": "eastus2",
"name": "PrivateNetwork01",
"provisioningState": "Succeeded",
"resourceGroup": "TestRSGroup01",
"resourceGuid": "....",
"subnets": [],
"tags": {},
"type": "Microsoft.Network/virtualNetworks",
"virtualNetworkPeerings": []
}
}
Delete a Virtual Network
$ az network vnet delete --resource-group TestRSGroup01 --name PrivateNetwork01
$
List Virtual Networks
List virtual networks in the subscription.
$ az network vnet list
[
{
"addressSpace": {
"addressPrefixes": [
"192.168.1.0/24"
]
},
"dhcpOptions": null,
"enableDdosProtection": false,
"enableVmProtection": false,
"etag": "W/\"....\"",
"id": "/subscriptions/..../resourceGroups/azure-rhel-support/providers/Microsoft.Network/virtualNetworks/....",
"location": "westus",
"name": "....",
"provisioningState": "Succeeded",
"resourceGroup": "azure-rhel-support",
"resourceGuid": "....",
"subnets": [
{
.... omitted
Add a Subnet to a Virtual Network
$ az network vnet subnet create --resource-group TestRSGroup01 --vnet-name PrivateNetwork01 --name PrivateSubnet01 --address-prefix 192.168.1.0/24
{
"addressPrefix": "192.168.1.0/24",
"etag": "W/\"...."",
"id": "/subscriptions/..../resourceGroups/TestRSGroup01/providers/Microsoft.Network/virtualNetworks/PrivateNetwork01/subnets/PrivateSubnet01",
"ipConfigurations": null,
"name": "PrivateSubnet01",
"networkSecurityGroup": null,
"provisioningState": "Succeeded",
"resourceGroup": "ResourceGroup01",
"resourceNavigationLinks": null,
"routeTable": null
}
List Subnets within a Virtual Network
$ az network vnet subnet list --vnet-name PrivateNetwork01 --resource-group TestRSGroup01
[
{
"addressPrefix": "192.168.1.0/24",
"etag": "W/\"....\"",
"id": "/subscriptions/..../resourceGroups/TestRSGroup01/providers/Microsoft.Network/virtualNetworks/PrivateNetwork01/subnets/PrivateSubnet01",
"ipConfigurations": null,
"name": "PrivateSubnet01",
"networkSecurityGroup": null,
"provisioningState": "Succeeded",
"resourceGroup": "TestRSGroup01",
"resourceNavigationLinks": null,
"routeTable": null
}
]
List Network Interfaces
List network interfaces in the subscription.
$ az network nic list
[
{
"dnsSettings": {
"appliedDnsServers": [],
"dnsServers": [],
"internalDnsNameLabel": null,
"internalDomainNameSuffix": null,
"internalFqdn": null
},
"enableAcceleratedNetworking": false,
"enableIpForwarding": false,
"etag": "W/\"....\"",
"id": "/subscriptions/..../resourceGroups/azure-rhel-support/providers/Microsoft.Network/networkInterfaces/....",
"ipConfigurations": [
{
"applicationGatewayBackendAddressPools": null,
"applicationSecurityGroups": null,
"etag": "W/\"....\"",
"id": "/subscriptions/..../resourceGroups/..../providers/Microsoft.Network/networkInterfaces/..../ipConfigurations/....",
"loadBalancerBackendAddressPools": null,
"loadBalancerInboundNatRules": null,
"name": "ipconfig1",
"primary": true,
"privateIpAddress": "10.0.0.4",
"privateIpAddressVersion": "IPv4",
"privateIpAllocationMethod": "Dynamic",
"provisioningState": "Succeeded",
.... omitted
Add a Network Interface to a Virtual Network
The following command adds the network interface PrivateNIC01 to the existing virtual network PrivateNetwork01 in the subnet PrivateSubnet01.
$ az network nic create --resource-group TestRSGroup01 --vnet-name PrivateNetwork01 --subnet PrivateSubnet01 --name PrivateNIC01
{
"NewNIC": {
"dnsSettings": {
"appliedDnsServers": [],
"dnsServers": [],
"internalDnsNameLabel": null,
"internalDomainNameSuffix": ".....cx.internal.cloudapp.net",
"internalFqdn": null
},
"enableAcceleratedNetworking": false,
"enableIpForwarding": false,
"etag": "W/\"....\"",
"id": "/subscriptions/..../resourceGroups/TestRSGroup01/providers/Microsoft.Network/networkInterfaces/PrivateNIC01",
"ipConfigurations": [
{
.... omitted
Create a Network Security Group Rule
The following command creates a rule in Network Security Group (NSG) rhel7vmNSG to allow inbound TCP traffic over port 80 for VM rhel7vm.
$ az network nsg rule create -g TestRSGroup01 --nsg-name rhel7vmNSG -n allow-http --priority 100 --access Allow --direction Inbound --protocol Tcp --destination-port-range 80
{
"access": "Allow",
"description": null,
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationApplicationSecurityGroups": null,
"destinationPortRange": "80",
"destinationPortRanges": [],
"direction": "Inbound",
"etag": "W/\"....\"",
"id": "/subscriptions/..../resourceGroups/..../providers/..../..../..../securityRules/allow-http",
"name": "allow-http",
"priority": 100,
"protocol": "Tcp",
"provisioningState": "Succeeded",
"resourceGroup": "TestRSGroup01",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourceApplicationSecurityGroups": null,
"sourcePortRange": "*",
"sourcePortRanges": []
}
List Rules in a Network Security Group
$ az network nsg rule list --nsg-name rhel7vmNSG --resource-group TestRSGroup01
[
{
"access": "Allow",
"description": null,
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationApplicationSecurityGroups": null,
"destinationPortRange": "22",
"destinationPortRanges": [],
"direction": "Inbound",
"etag": "W/\"....\"",
"id": "/subscriptions/..../resourceGroups/..../providers/..../..../default-allow-ssh",
"name": "default-allow-ssh",
"priority": 1000,
"protocol": "Tcp",
"provisioningState": "Succeeded",
"resourceGroup": "....",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourceApplicationSecurityGroups": null,
"sourcePortRange": "*",
"sourcePortRanges": []
},
{
"access": "Allow",
"description": null,
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationApplicationSecurityGroups": null,
"destinationPortRange": "80",
"destinationPortRanges": [],
"direction": "Inbound",
"etag": "W/\"....\"",
"id": "/subscriptions/..../resourceGroups/..../providers/..../..../securityRules/allow-http",
"name": "allow-http",
"priority": 100,
"protocol": "Tcp",
"provisioningState": "Succeeded",
"resourceGroup": "....",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourceApplicationSecurityGroups": null,
"sourcePortRange": "*",
"sourcePortRanges": []
}
]
Show Information about a Network Security Group
The following command shows information about rules with "Allow" access in NSG rhel74vmNSG.
$ az network nsg show --name rhel7vmNSG --resource-group TestRSGroup01 --query "defaultSecurityRules[?access=='Allow']"
[
{
"access": "Allow",
"description": "Allow inbound traffic from all VMs in VNET",
"destinationAddressPrefix": "VirtualNetwork",
"destinationAddressPrefixes": [],
"destinationApplicationSecurityGroups": null,
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Inbound",
"etag": "W/\"....\"",
"id": "/subscriptions/..../resourceGroups/..../..../networkSecurityGroups/..../defaultSecurityRules/AllowVnetInBound",
"name": "AllowVnetInBound",
"priority": 65000,
"protocol": "*",
"provisioningState": "Succeeded",
"resourceGroup": "....",
"sourceAddressPrefix": "VirtualNetwork",
"sourceAddressPrefixes": [],
"sourceApplicationSecurityGroups": null,
"sourcePortRange": "*",
"sourcePortRanges": []
},
{
"access": "Allow",
"description": "Allow inbound traffic from azure load balancer",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationApplicationSecurityGroups": null,
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Inbound",
Azure Cloud Information
The following commands are commonly used to view and access Azure API endpoints.
Display API Endpoints and Cloud Profile
$ az cloud show
{
"endpoints": {
"activeDirectory": "https://login.microsoftonline.com",
"activeDirectoryDataLakeResourceId": "https://datalake.azure.net/",
"activeDirectoryGraphResourceId": "https://graph.windows.net/",
"activeDirectoryResourceId": "https://management.core.windows.net/",
"batchResourceId": "https://batch.core.windows.net/",
"gallery": "https://gallery.azure.com/",
"management": "https://management.core.windows.net/",
"resourceManager": "https://management.azure.com/",
"sqlManagement": "https://management.core.windows.net:8443/",
"vmImageAliasDoc": "https://raw.githubusercontent.com/Azure/azure-rest-api-specs/master/arm-compute/quickstart-templates/aliases.json"
},
"isActive": true,
"name": "AzureCloud",
"profile": "latest",
"suffixes": {
"azureDatalakeAnalyticsCatalogAndJobEndpoint": "azuredatalakeanalytics.net",
"azureDatalakeStoreFileSystemEndpoint": "azuredatalakestore.net",
"keyvaultDns": ".vault.azure.net",
"sqlServerHostname": ".database.windows.net",
"storageEndpoint": "core.windows.net"
}
}
Get a Temporary Access Token
The following command returns a temporary access token for Azure. This is useful for directly accessing Azure API endpoints.
$ az account get-access-token
{
"accessToken": "eyJ0eXAiOiJKV1QiLCJhbGc....",
"expiresOn": "2017-11-06 12:16:48.612080",
"subscription": "....",
"tenant": "....",
"tokenType": "Bearer"
}