# az cli

# general

az version
az upgrade
az config get
az configure

# find commands
az find "create nsg"

az interactive  # open interactive window

?? # get previous output

az cloud list -o table

# get all resources in a resource group
az resource list \
    --resource-group $rg \
    --output table \
    --query "[*].{Name:name, Type:type}"

az group list --query "[?location!='australiaeast']" -o table   # resource groups not in australiaeast

# accounts

az account get-access-token

# display all pyhsical azure regions
az account list-locations --query "[?not_null(metadata.latitude)] .{RegionName:name}" --output tsv

# login using service principal
az login --service-principal -u http://<NAME> -p <SECRET> -t <TENANT>

# get tenant name
az ad signed-in-user show --query 'userPrincipalName' | cut -d '@' -f 2 | sed 's/\"//'

# az query (JMESPath)

az policy set-definition list -o table --query "[?metadata.category=='ASB - PaaS Security'].[displayName,metadata.category]"

# VMs

az vm list-skus --location australiaeast    # get sku data

az vm list --query '[].{Name:name, SKU:hardwareProfile.vmSize}' -o table    # get VM SKUs

# storage

# upload a file to a storage account container
az storage blob upload --account-name <VALUE> --container-name <VALUE> --file <VALUE> --name <VALUE>

# acr

az acr create --resource-group <rgName> --name <acrName> --sku Basic
az acr show --name <acrName> --query loginServer
az acr login --name <acrName>
az acr repository list -n <acrName>

# service principals

az ad sp create-for-rbac --skip-assignment

az ad sp list --show-mine --query "[].{appId:appId, displayName:displayName}" -o table

az ad sp show --id <id>     # sp app id, uri name or object id

az login --service-principal -u http://<USER-NAME> -p <PASSWORD> -t <TENANT-ID>     # login as SP

az ad app credential reset --id <APP-ID> or <OBJ-ID>   # reset SP creds

# networking

# view network peerings
az network vnet peering list \
    --resource-group <RG-NAME> \
    --vnet-name SalesVNet \
    --o table

# view network routes
az network nic show-effective-route-table \
    --resource-group <RG-NAME> \
    --name SalesVMVMNic \
    --o table

# view VM IPs
az vm list \
    --resource-group <RG-NAME> \
    --query "[*].{Name:name, PrivateIP:privateIps, PublicIP:publicIps}" \
    --show-details \
    --o table

# aci

az container create --resource-group aci-rg --name mycontainer && \
                  --image mcr.microsoft.com/azuredocs/aci-helloworld && \
                  --dns-name-label ek-aci-demo --ports 80

az container show --resource-group aci-rg --name mycontainer --query && \
                  "{FQDN:ipAddress.fqdn,ProvisioningState:provisioningState}" && \
                  --out table

az container logs --resource-group aci-rg --name mycontainer

az container logs --resource-group aci-rg --name myContainerGroup && \
                  --container-name aci-tutorial-sidecar

az container attach --resource-group aci-rg --name mycontainer

az container list --resource-group aci-rg --output table

az container delete --resource-group aci-rg --name mycontainer

AZ ACI CLI (opens new window)

# Links

Azure CLI (opens new window)

← aws cli azure logs →