Step 1: Run PowerShell as an Administrator
Allows you to run administrative commands [sometimes needed to install modules]
Start – Type PowerShell – Right-click, run as administrator
Step 2: Install Azure RM Module
The Azure RM Module will give you the ability to run Azure commands in PowerShell. Prior to Windows 10, you will need to download and install Azure PowerShell; from the Azure downloads page Command Line Tools (Windows Install) .
Install-module AzureRM
Install-module AzureRM.storage
Get-Module -ListAvailable AzureRM*
Step 3: Authenticate to Azure
Connect to Azure
Login-AzureRmAccount
Step 4: Change Default Subscription
Get-AzureRMSubscription # List available subscriptions
Select-AzureRmSubscription –SubscriptionID “SubscriptonID” # Copy SubscriptionID of the subscription from the SubscriptionList
Set-AzureRmContext -SubscriptionID “SubscriptionID” [where SubscriptionID is the subscription from the SubscriptionList ]
Change Default Subscription via GUI (popup box)
$MySubscription = (Get-AzureRmSubscription | Out-GridView -Title “Select an Azure Subscription …” -PassThru)
$subscriptionId = $mySubscription.SubscriptionId # Set a variable for SubscriptionID
$SubscriptionName = $mySubscription.SubscriptionName #Set a variable for SubscriptionName
Select-AzureRmSubscription -SubscriptionId $SubscriptionId # Set Default Subscription
Set-AzureRmContext -SubscriptionID $subscriptionId # Set Default Context
Write-Host “Subscription: $SubscriptionName [ID: $subscriptionId ]” -ForegroundColor Green # Show the new default subscription
get-AzureRMContext
Give Users Access to a Subscription
#Search for an Azure Group By Name
#Get-AzureRmADgroup -SearchString “group name” # Optional: if needed
#Get-AzureRmADServicePrincipal -SearchString “service name” # Optional: if needed
Get-AzureRmRoleDefinition |format-table ID, Name, Description # List existing Role Definitions
#Get the OjectID of the user by name
$User=Get-AzureRmAdUser -SearchString “Dan Stolts” # Get ObjectID for a particular user (by name)
$User # Display list of users
Get-AzureRmAdUser -UserPrincipalName “email@company.com”
$User=Get-AzureRmAdUser -UserPrincipalName “Dan Stolts” # Get ObjectID for a particular user (by name)
$User.UserPrincipalName
Get-AzureRmSubscription # List avaialble subscriptions
# Set the permission for the user
# Syntax: New-AzureRmRoleAssignment -ObjectId <application id> -RoleDefinitionName <role name> -Scope <subscription id>
# Example:New-AzureRmRoleAssignment -ObjectId “81f4a203-9950-4f4d-9a5d-12e3b45d67f8” -RoleDefinitionName “Owner” -Scope “1942a221-7d86-4e10-9e4b-a5bc2688651d”
New-AzureRmRoleAssignment -ObjectId “UserID” -RoleDefinitionName “Role” -Scope “SubscriptionID”
New-AzureRmRoleAssignment -ObjectId <application id> -RoleDefinitionName <role name> -Scope <subscription id>
