Managing Azure subscriptions in PowerShell

Hello world,


This is my first post on learning how to manage Microsoft Azure with PowerShell. We will go through installing and configuring the PowerShell environment to access and alternate between multiple Azure or Windows Azure Pack environments.

First, how to access the Azure PowerShell module? Microsoft has created the module as an open source project in GitHub. You can download the latest release from the releases page, either via WebPI or through a standalone installer.

Now, installation and configuration instructions are available here, and you should be able to test your installation and module version with the following command.


Get-Module -ListAvailable -Name Azure
#ModuleType Version Name ExportedCommands
#———- ——- —- —————-
#Manifest 0.8.4 Azure {Disable-AzureServiceProjectRemoteDesktop,…


So for your daily tasks, feel free to leverage Azure AD and configure your access using the Add-AzureAccount command, you will be greeted with a browser prompting you to login to Azure and where you can provide your credentials.

In my case, I have both an internal team subscription to Azure and my MSDN subscription, so I would run this two times, once for each of my accounts. Once you are done, you can verify the added accounts with the Get-AzureAccount command.

At this point, your should have your subscriptions configured, and you can quickly check their settings with Get-AzureSubscription.


Now, the issue with the above method, is that credentials will expire from time to time, making it less suitable when you want to configure authentication for workflows or scripts that will run as part of automated systems. In that case you actually do not want your subscriptions to have the Azure account configured, but use the certificate authentication method instead. Also, when configured with both methods, most Azure PowerShell commands will default to the Azure account credentials, failing the command in case those have expired. You can remove the Azure credentials by using:


Get-AzureAccount | Remove-AzureAccount


To use certificate authentication, you need to download and import the certificate using the following commands. If you have multiple Azure accounts, logon to the Azure management portal with each account before running the commands.


Import-AzurePublishSettingsFile -PublishSettingsFile <path_to_file>


Once the certificate is imported, you can verify the configuration of your subscriptions by using the following command.


Get-AzureSubscription | fl -Property SubscriptionName,ActiveDirectoryUserId,Certificate,IsDefault


Finally, alternate between subscriptions with Select-AzureSubscription or remove them with Remove-AzureSubscription. You are now ready to automate your usage of Microsoft Azure!




Comments (0)