I am trying to login to Azure AD using PowerShell with a co-administrator account. I use Connect-MsolService and I get in but I can't see any subscriptions when I use Get-AzureSubscription. At the same time, I can login in the portal (both old and new) using that account and I see it there. The issue is I need to do some things that both portals do not let me do.
Is there an issue if I created the subscription using a Microsoft account on outlook.com? Am I missing something?
Just to add to the discussion, if you're not a direct owner of the subscriptions (but have an admin role for the whole or part of the Azure infrastructure) you can use the following cmdlets to get all subscriptions and switch between them:
Get-AzureRmSubscription
Select-AzureRmSubscription -SubscriptionName "subscription_name"
https://learn.microsoft.com/en-us/powershell/module/azurerm.profile/get-azurermsubscription?view=azurermps-5.0.0
This lists the available subscriptions for co-admins and contributors and can be used in Azure resource management scripts if you do not directly own the subscription but have sufficient privileges to access the resources.
Do you get a sign in dialgoue when you run Add-AzureAccount from powershell?
Can you then Get-AzureSubscription after that?
These guides might help in ensuring all the basics work:
https://redmondmag.com/articles/2016/01/25/connect-to-microsoft-azure-with-powershell.aspx
https://azure.microsoft.com/en-gb/documentation/articles/powershell-install-configure/
Update:
What are you trying to do after?
If you want to switch subscriptions, does the following work?:
Switch-AzureMode –Name AzureResourceManager
Get-AzureSubscription
Ref:
https://msdn.microsoft.com/en-us/library/azure/dn931949.aspx
Related
Trying to list all the certificates in my account.
When using Get-AzureCertificate, it complains I need to select default subscription with Select-AzureSubscription.
But no subscription can be selected with Select-AzureSubscription,
I can only select subscription with Select-AzureRmSubscription. But this Get-AzureCertificate needs Select-AzureSubscription.
How do I list all certificates in my Azure with PowerShell?
Did you log in to an ASM subscription? Looks like you have logged in using Add-AzureRMAccount or Login-AzureRMAccount. Use Add-AzureAccount instead.
I need to select my Azure Subscription in Azure PowerShell.
I copy/paste the Subscription ID (to ensure no typos) from the Azure Management Portal, it's a hex-string:
When I run:
Select-AzureSubscription -SubscriptionId '0300...'
I get an error message:
Select-AzureSubscription : The subscription id 0300... doesn't exist.
I know my subscription ID is correctly copied from the settings in Azure Management Portal, I even did a BeyondCompare to make sure.
I'm wondering about security... am I missing something? Do I need to somehow provide my Azure credentials? It wouldn't make sense to just allow anyone to select any Azure subscription, unless the Subscription ID is supposed to be super-secret, like an SSN.
You need to log on to your Azure account first:
To start working with the Azure Service Management cmdlets, first log
on to your Azure account. To log on to your account, run the following
command:
Add-AzureAccount
After logging into Azure, Azure PowerShell creates a context for the
given session. That context contains the Azure PowerShell environment,
account, tenant, and subscription that will be used for all cmdlets
within that session. Now you are ready to use the modules below.
Source: https://learn.microsoft.com/en-us/powershell/azure/install-azure-ps?view=azuresmps-3.7.0
I'm trying to retrieve a complete list of VMs through PowerShell, but I'm having trouble pulling Classic VMs, and I'm having trouble understanding the distinction between RM and regular cmdlets, particularly when it comes to subscriptions.
Get-AzureRMSubscription correctly returns a complete list of the subscriptions my Azure account has access to. Get-AzureSubscription returns nothing. This means that I can correctly pull all of the new style VMs from any one subscription using Get-AzureRMVM, but since I can't find a 'classic' style subscription, I can't pull any of my existing classic VMs as I can't define which subscription to look in.
I can successfully view all VMs in all Subscriptions through the portal, but not through Powershell for whatever reason. I'm all out of ideas, is there something I'm missing?
Get-AzureRMSubscription Get-AzureSubscription Get-AzureRMVM are resource mode cmdlet, your VMs are classic mode VM, you should use classic cmdlets. Just use the following cmdlets.
#login your classic account
Add-AzureAccount
# Enumerates all configured subscriptions on your local machine.
Get-AzureSubscription
# Select the subscription to use
Select-AzureSubscription -SubscriptionName "mysubscription"
#get classic VM
Get-AzureVM
Classic VM's were the norm when Azure was used using manage.windowsazure.com where, each virtual machine had a cloud service attached to it by default and resources such as Virtual Networks and Firewalls (ACL) were static to each resource.
Azure Resource Manager (ARM) based deployments gives you the power of having flexible deployment models (e.g. one firewall/NSG for x number of VM's). A detailed study can be found on the below link:
Azure Resource Manager based deployments explained
For your question you can use the below Cmdlets to get all classic virtual machines.
#login your classic (work AD / Personal) account using the pop-up
Add-AzureAccount
# Get All subscriptions under the non-rm account. DO NOT USE Get-AzureRMSubscription for any classic resources
Get-AzureSubscription
# Select the subscription to use using the Subscription name or ID (if all your subscription names say pay-as-you-go for e.g. you may want to use your subscription ID)
Select-AzureSubscription -SubscriptionName "enter-your-subscription-name" OR -SubscriptionId "alternatively-use-subscription-id"
#List all the VM's in a variable for further use (if needed, else direct display)
$vmList = Get-AzureVM
#Output the Virtual Machines on the subscription
Write-Output ($vmList)
Done !
My Azure account having one subscription is added as a contributor to another Azure account. Using Login-AzureRmAccount in PowerShell, I login to my account and Get-AzureSubscription returns only my own subscription. On the Azure portal, I can switch between these two subscriptions and create/remove resources on the other subscription.
I have checked Select-AzureSubscription, and it can be used in case Get-AzureSubscription returns multiple accounts to choose among them.
I also do not have the credentials of the other account to login manually.
Is there any way to access my contributor-role subscription in PowerShell and run Azure scripts on it?
"Contributor" is an RBAC (Role based access control) role, so you have access to the subscription throught Azure Resource Manager.
To find this subscription in PowerShell, you can use the Get-AzureRmSubscription cmdlet instead of Get-AzureSubscription. Then you can use the cmdlet Select-AzureRmSubscription to select the subscription instead of Select-AzureSubscription.
I have two subscription one with old cloud service and other is with new cloud service. I am using Powershell to access my new subscription. I have downloaded latest .publishsettings and set it using Import-AzurePublishSettingsFile. My problem is that I always get the old subscription set and could not figureout how to force powershell to use my new subscription.
Just to clarify, there are two kinds of 'special' subscriptions, the 'current' subscription (which is the subscription used for any command in the current PowerShell session), and the Defaul subscription, which is the subscription used even after the current PowerShell session ends.
using Select-AzureSubscription <subscription-name> will set the current subscription. If you'd like to change the subscription across sessions, use Select-AzureSubscription -Default <subscription name>
With new Powershell commands you would need to set which particular subscription you would want to use. The steps are as below:
Import-AzurePublishSettingsFile yourpublishsettings.publishsettings
Get-AzureSubscription (this will give you the list of subscription)
Select-AzureSubscription _select_subscription_name (this way you can set which particular subscription you want to use)
This should work!!
This answer is for the classic Azure management. If you're on the new ARM then you want to do something like
Login-AzureRmAccount
Get-AzureRmSubscription
Set-AzureRmContext -SubscriptionId blah
where blah is the subscription ID from the second command