Search for Commands
az find
--search-query user
or the short syntax
az find -q rbac
Users
List Users
az ad user list
-o table
Create Users
az ad user create
--display-name Ned
--password MyStrongPass987$$
--user-principal-name xxxxxx.xxxxxx#EXT#@XXXXXX.onmicrosoft.com
Roles
Creating Role Assignment
Create Role Assignment on a Subscription
az role assignment create
--role "Owner"
--assignee <Service_Principal>
Create Role Assignment on a Resource Group
az role assignment create
--assignee user_domain.com#EXT#@xxxx.onmicrosoft.com
--role Reader
--resource-group HadzosResourceGroup
Create Role assignment on a Subscription
–assignee Represent a user, group, or service principal. supported format: object id, user sign-in name, or service principal name.
–assignee-object-id: Assignee’s graph object id, such as the ‘principal id’ from a managed service identity. Use this instead of ‘–assignee’ to bypass graph permission issues.
az role assignment create
--assignee-object-id 1d500143-702b-4ed8-a0cc-c46a1f29de1b
--role Contributor
Delete a Role for an Assignee
az role assignment delete
--assignee 1d500143-702b-4ed8-a0cc-c46a1f29de1b
--role Reader
Listing Roles
az role definition list
az role definition list
-o table
az role definition list
--output json | jq '.[] | {"roleName":.properties.roleName, "description":.properties.description}'
az role definition list
--name "Contributor"
List Roles for an Assignee
az role assignment list
--assignee 1d500143-702b-4ed8-a0cc-c46a1f29de1b
-o table
List role assignment
az role assignment list
-o table
List role assignment and filter for name or principalName
az role assignment list | grep 'name|principalName'
List role assignment and filter for name or principalName or principalId
az role assignment list | grep 'name|principalName|principalId'
Listing
Get info about VM from a Resource Group
az vm list
--resource-group $ResourceGroup
az vm list
--resource-group $ResourceGroup | grep 'id'
List images
az vm image list
--output table
List resources
az resource list
-o table
List access
az role assignment list
--assignee "ASSIGNEE-PRINCIPAL-NAME"
Generate an ARM template from an existing resource group
az group export
-n kakoje_acs_rg1
List VM usage in a region
az vm list-usage
--location westeurope -o table
Locks
az lock create
--name ReadOnlyLock
--resource-group HadzosResourceGroup
--lock-type CanNotDelete
Network
List VNets
az network vnet list
-o table
List Public IPs
az network public-ip list
-o table
List Network Security Group
az network nsg list
-o table
List NIC
az network nic list
-o table
List resources in a group
az resource list
-g MyHadzoGroupName
List resources in a group and filter for name or type
az resource list
-g HadzoGroup | grep "name|type"
List VMs
az vm list
List groups
as json
az group list
as table
az group list
--output=table
List locations
az account list-locations
-o table
Create group in westeurope region
az group create
-n HadzoGroup
-l "westeurope"
Show information for a specific group
az group show
-n HadzoGroup
show only id of the group
az group show
-n HadzoGroup
--query id
-o tsv
Creating
Creating VM’s
az vm create
-n MyVM
-g HadzoGroup
--image "UbuntuLTS"
--size Standard_DS2_v2
or
az vm create
--name MyVM
--resource-group HadzoGroup
--image "UbuntuLTS"
--size Standard_DS2_v2
--admin-username "hadzo"
--ssh-key-value ~/.ssh/id_rsa.pub
Deletig
Deleting Resource Groups
az vm delete
-n MyVM
-g MyResourceGroup
az group delete
-n MyGroup
az group delete
--name MyGroup
--yes
--no-wait