I'm wanting to execute a Powershell script from an Azure VM to get its current public IP address (and to write this address to an evironment variable for an application to use).
My question is what the best way to authenticate the Azure Powershell environment is? On AWS credentials get 'baked' into an instance when it gets created. Does the equivalent happen with Azure Virtual Machines?
You can use a Management Certificate contained in your Publish Settings file and 'bake' it yourself
Import-AzurePublishSettingsFile –PublishSettingsFile C:\Store\my.publishsettings
If you already have a certificate for management, you can store it in your vm and use it in PS
# Get management certificate from personal store
$certificate = Get-Item cert:\\CurrentUser\My\$CertificateThumbprint
if ($certificate -eq $null) {
throw “Management certificate for $SubscriptionName was not found in the users personal certificate store. Check thumbprint or install certificate”
}
# Set subscription profile
Set-AzureSubscription -SubscriptionName $SubscriptionName -SubscriptionId $SubscriptionId -Certificate $certificate
# Select subscription as the current context
Select-AzureSubscription -SubscriptionName $SubscriptionName
Related
I'm trying to run some azure powershell commands as part of my Visual Studio Team Services build using Azure Resource Manager.
It gives me the following error:
No default subscription has been designated. Use Select-AzureSubscription -Default to set the default subscription.
The commands I'm trying to run:
$website = Get-AzureWebsite | where {$_.Name -eq 'my-website'}
Write-Output ("##vso[task.setvariable variable=DeployUrl;]$website.HostNames")
When I tried to run it locally, I had to call
Add-AzureAccount
Select-AzureRmSubscription -SubscriptionName "Visual Studio Premium with MSDN"
to get it working, but it is not possible in the VSTS build.
UPDATE:
I've configured it to use the azure classic mode instead of resource manager, at it works. I don't think that it is a feasible solution for production as azure classic mode is obsolete.
Since you are using Azure Resource Manager, please check the things below:
Make sure "Azure Resource Manager" service endpoint is added correctly.
Use "Get-AzureRmWebApp" command instead of "Get-AzureWebsite" command just as bmoore mentioned.
I have tested it at my side, it works correctly.
My PowerShell script:
$website = Get-AzureRmWebApp | where {$_.Name -eq 'eddieapp0930'}
Write-Host $website.HostNames
Run from "Azure PowerShell Script" task:
Thank you for your question.
If you are using service manager mode(classic mode), the correct cmdlet is:
Add-AzureAccount
Get-AzureSubscription -SubscriptionName “name” | Select-AzureSubscription
If you are using Resource Manager, the correct cmdlet is:
Login-AzureRmAccount
Get-AzureRmSubscription –SubscriptionName "name" | Select-AzureRmSubscription
or just use -SubscriptionId instead of -SubscriptionName.
More information about ASM and ARM, please refer to the link below:
https://azure.microsoft.com/en-us/documentation/articles/resource-manager-deployment-model/
If you still have questions, welcome to post back here. Thanks.
I want to change the size an Azure VM with powershell. The reason is: I use machine for development. I need A2 size for 4 hours a day. The owner of the VM asked to switch the size of the machine to A0 when I do not develop. I have access to the Azure subscription with my MS Live account. Now I change the size manually through Azure Portal. I want to automate this task with PowerShell. The script should set the size to A2, wait for 4 hours and set it back to A0. I just want to doubleclick the script before starting my development and just forget about the question.
I have the following understanding of the general procedure:
Run Import-AzurePublishSettings
Run Select-AzureSubscription
Get VM object with Get-AzureVM
Run Set-AzureVMSize
Update-AzureVM
I can not get publish profile, because I do not own the machine. Is there a way to authenticate with MS Live account?
Skip the Import-Azurepublish and do a Add-AzureAccount instead. That will popup UI for authenticating with your MS Live account.
Once that is done you can use Select-AzureSubscription
For Classic Deployment you need this:
# authenticate if no account is already added to the powershell session
if (!(Get-AzureAccount)){ Add-AzureAccount }
# Get the vm object out of azure
$vm = get-azurevm | where name -eq "name of the vm"
# Now all you need is to is update the VM with its new size:
$vm | Set-AzureVMSize -InstanceSize Medium | Update-AzureVM
If the VM is deployed via the Resource Manager (RM Model)
if (!(Get-AzureRMContext)){ Add-AzureRmAccount }
Select-AzureRmSubscription -SubscriptionId "{subscriptionId}"
$vm = Get-AzureRmVm | where name -eq "{vmName}"
$vm.HardwareProfile.vmSize = "Medium"
Update-AzureRmVM -VM $vm
btw. Medium is what A2 is called in the API.
I am trying to set Azure Rm Subscription (Get-AzureRMSubscription) CurrentStorageAccount to a particular arm storage account (Get-AzureRmStorageAccount) and I am not able to find a cmdlet that does that.
With regular old azure cmdlets I am able to do following to set CurrentStorageAccount as
$subscription = Get-AzureSubscription
Set-AzureSubscription -SubscriptionName $subscription.SubscriptionName -CurrentStorageAccountName "somestorageaccount"
Get-AzureSubscription | select *
This set's it. But I cannot do this inside arm cmdlets.
Another thing that is confusing is that I am using the same subscription eg. Visual Studio Enterprise. And using both arm and regular cmdlets get-azuresubscription I get the same subscription but why is one showing -CurrentStorageAccount and another subscription not showing -CurrentStorageAccount.
To set the default RM subscription for the current session in PowerShell use
Get-AzureRmSubscription –SubscriptionName "MyFavSubscription" | Select-AzureRmSubscription
and to set the default RM storage context for the current session
Set-AzureRmCurrentStorageAccount –ResourceGroupName "MyFavResourceGroup" `
–StorageAccountName "MyFavStorageAccountName"
First, you must set your default subscription.
$SubscriptionName = "MyDefaultSubscription"
Select-AzureSubscription -SubscriptionName $SubscriptionName –Default
In other cases, you can set your default subscription location.
# For example, South Central US
$Location = "South Central US"
Then get your storage account name/s
$StorageAccountName = (Get-AzureStorageAccount)[0].label
Notice the number zero? It indicates the numbering of your storage. The numbering starts with 0. If you use the command Get-AzureStorageAccount, it will list all of your (classic) storage accounts. For that you can choose your desired storage.
Then lastly, set your default storage account.
Set-AzureSubscription -SubscriptionName $SubscriptionName -CurrentStorageAccountName $StorageAccountName
That commandlet is called Set-AzureRMCurrentStorageAccount.
Exactly as you said, set-azureRmCurrentStorageAccount -context $Ctx will set your default Storage account to context. I also can't find any articles to get out explanation on this. I think you can try to use Azure CLI to set your default Azure storage account in environment variables.
I want to stop and de-allocate a Windows VM in Azure.
In PowerShell, I use the command:
Stop-AzureVM - ServiceName [servicename] - Name [machinename] - Force
However, I get the following error message in PowerShell:
WARNING: "No deployment found in service [servicename]
What could be wrong?
Troubleshooting steps:
Is the VM already in Shutdown or Deallocated state.
Do you have more than one subscriptions. If yes then select correct subscription using below cmdlet and then try to stop the VM:
Select-AzureSubscription -SubscriptionName "<<Your SubscriptionName here>>"
or
Select-AzureSubscription -Id "<<Your Subscription ID>>"
If you have only one Azure Subscription then check if you created the VM using ASM i.e. old portal (https://manage.windowsazure.com) or ARM i.e. new portal (https://portal.azure.com). If you used new portal then you need to use ARM related PowerShell cmdlets like below:
Stop-AzureRmVM -ResourceGroupName "resource group name" -Name "VM name"
Reference for ARM PowerShell cmdlets: Azure Resource Manager and PowerShell
I am using Powershell Azure cmdlets to do some operation on each subscription I have.
However, all my subscriptions have the same name. So if I do an operation like:
$subs | ForEach-Object {
Select-AzureSubscription -Current -SubscriptionName $_.SubscriptionName
$services = Get-AzureService
Write-Output "$($services .Length) services under $($_.SubscriptionId) subscription"
}
it always works for the same subscription because the subscriptions only differ in subscription ID.
And the Select-AzureSubscription does not have a -SubscriptionId parameter.
Any ideas how can I find a workaround?
Not sure if this was added later, but as of Nov 2015 you can use -SubscriptionId
Write-Host "Selecting Azure subscription using id"
Select-AzureSubscription -SubscriptionId $subscriptionId
If you are an account administrator for your account, you can change the name of your subscription. This way when you or anyone else who has access to the subscription downloads publishsettings, the name will be set the way you want.
http://rickrainey.com/windows-azure-how-tos/how-to-change-the-name-of-your-windows-azure-subscription/
Edit the publishsettings file, giving each subscription a different name. Then re-import. At that point, you'll be able to easily access each one uniquely by name.