Wilson Mar bio photo

Wilson Mar

Hello. Hire me!

Email me Calendar Skype call 310 320-7878

LinkedIn Twitter Gitter Google+ Instagram Youtube

Github Stackoverflow Pinterest

Do anything you want!


This tutorial describes the use of Windows PowerShell on Azure cloud.

Powershell refers to both the command-line shell and scripting language designed system administration. Built on the .NET Framework, Windows PowerShell helps IT professionals and power users control and automate the administration of the Windows operating system and applications that run on Windows. Windows PowerShell cmdlets, let you manage the computers from the command line.

One-time tasks

Windows PowerShellGet Module.

If you don’t want to install these from the Web Platform Installer (wpilauncher.exe) at https://www.microsoft.com/web/downloads/platform.aspx

Install for ARM Declarative Templates

declarative syntax are defined in Resource Manager templates used by ARM to enable infrastructure configurations to be defined (much like Puppet).

Install for ASM Imperative Commands

Imperative commands (verbs such as to start or stop an app or machine) are used in ASM.

  1. http://azure.microsoft.com/en-us/downloads
  2. Click PowerShell to download WindowsAzurePowershellGet.3f.3f.3fnew.exe and invoke it to download more.
  3. Click Install.
  4. Accept the pre-requisite of Windows Azure Powershell.

  5. Click Add for Azure Cross-platform Command-line Tools to download WindowsAzureXPlatCLI.3f.3f.3fnew.exe aka Power Tools

    NOTE: “XPlat” means Cross-platform. It’s for ASM portal usage.

Install PowerShell

Run from the Powershell Gallery the Workflow to Download All Gallery Modules:

  1. Click the “Deploy” button or:

    Install-Script -Name Download-AllGalleryModules
  2. Press Y to accept that the modules are from an untrusted source.

  3. Click the “Deploy” button. You should see Azure’s Custon Deployment bolt with Parameters:

  4. Type in for new Resource Group name “Download-AllGalleryModules”.
  5. Click Create to see error icons.
  6. Click Edit parameters.
  7. Select your Resource group location (such as “East US 2”).
  8. Click Review legal terms then click Purchase.
  9. Click Create.

Make Imperative Commands

PS C:\>

Windows PowerShell providers access data stores, such as the Windows Registry and certificate store, as easily as you access the file system.

Install NuGet provider:

   Install-PackageProvider -Name NuGet -Force

Get a count of how many commands for Azure module:

   Get-Command -Module Azure | Measure-Object

I got a count of 697 commands for just Azure for ASM.

List Azure commands containing “vm”:

   Get-Command -Module Azure -noun *vm*

Enable PS1 execution

PowerShell commands can be be script files with .ps1 file extension.

   Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Unrestricted

PowerShell Version

As with all PowerShell versions:


On MacOS:

On Windows 10:

Name                           Value
----                           -----
PSVersion                      5.0.10586.63
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.10586.63
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3

Compare against the response on Windows 7:

Name                           Value
----                           -----
CLRVersion                     2.0.50727.5420
BuildVersion                   6.1.7601.17514
PSVersion                      2.0
WSManStackVersion              2.0
PSCompatibleVersions           {1.0, 2.0}
PSRemotingProtocolVersion      2.1

## Azure


  1. Establish admin rights on MacOS:

    sudo -v

  2. Install Azure PowerShell for .NET Core:

    Install-Module AzureRM.NetCore

  3. Press A for all to this prompt:

    Untrusted repository
    You are installing the modules from an untrusted repository. If you trust this repository, change its InstallationPolicy value by running the 
    Set-PSRepository cmdlet. Are you sure you want to install the modules from 'PSGallery'?
    [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "N"): 

    BLAH: This keeps me from going further:

    PackageManagement\Install-Package : Administrator rights are required to install modules in 
    '/usr/local/microsoft/powershell/6.0.0-beta.7/Modules'. Log on to the computer with an account that has Administrator rights, and then try 
    again, or install '/Users/wilsonmar/.local/share/powershell/Modules' by adding "-Scope CurrentUser" to your command. You can also try running 
    the Windows PowerShell session with elevated rights (Run as Administrator).
    At /usr/local/microsoft/powershell/6.0.0-beta.7/Modules/PowerShellGet/ char:21
           + ...          $null = PackageManagement\Install-Package @PSBoundParameters
           +                      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     + CategoryInfo          : InvalidArgument: (Microsoft.Power....InstallPackage:InstallPackage) [Install-Package], Exception
     + FullyQualifiedErrorId : InstallModuleNeedsCurrentUserScopeParameterForNonAdminUser,Install-PackageUtility,Microsoft.PowerShell.PackageMan 
  4. Load the module into your PowerShell session. Modules are loaded using the Import-Module cmdlet:

    Import-Module AzureRM.Netcore




  5. Get a list of environments available:

    Get-AzureRmEnvironment | Select-Object Name

    Sample response:

  6. Create an Azure Service Principal if you don’t have one


  7. Get your TenantId from your subscription after logging in interactively:


    CAUTION: This sample response exposes senstive information:

    Environment           : AzureCloud
    Account               : username@contoso.com
    SubscriptionName      : My Production Subscription
    CurrentStorageAccount :
  8. Get the dialog box asking for your Azure credentials to login interactively at https://aka.ms/devicelogin:

    Login-AzureRmAccount -EnvironmentName AzureCloud

    Alternately, login by specifying an Azure Service Principle:

    Login-AzureRmAccount -ServicePrincipal -ApplicationId “http://my-app” -Credential $pscredential -TenantId $tenantid

    PROTIP: Some put the above command in a command file with a short name.

List Mangement Verbs


Clear Screen


Download help files:

   update-help -force

Pop-up help for a command to a different window for multiple windows:

   help Get-AzureSubscription -ShowWindow


   azure login

Copy the code and open https://aka.ms/devicelogin

   azure account list



Envrionment variables

To list, remember the colon at the end:

   Get-ChildItem Env:

For the value to a specific variable:

   Get-ChildItem Env:PATHEXT

Define a temporary environment variable:

   $env:MyTestVariable = "A temporary test variable."

Define a new permanent environment variable:

   [Environment]::SetEnvironmentVariable("TestVariableName", "My Value", "option")

In option is either “Machine”, “User”, or “Process”.

For loops

Based on http://www.symbiosysconsulting.com/pinging-from-powershell

   1..254 | ForEach-Object { ping "192.168.0.$_" }

Notice “$_” is the placeholder variable for the range before the pipe.

This loops through a range of IP’s within an internal subnet to show which ones respond:

    (1..254) | % {
        $ping = New-Object System.Net.NetworkInformation.Ping;
        [Void](Register-ObjectEvent $ping PingCompleted -Action {
            param($s, $e);
            if($e.Reply.Status -eq "Success") {
                Write-Host $e.Reply.Address, ($e.Reply.RoundtripTime.toString() + "ms")

Rather than looping:

Declarative Templates

Multiple services can be deployed at the same time (asychronously), as a group, along with their dependencies by using a group template that defines desired end state of application components.

The Local Configuration Manager (LCM) introduced in Windows PowerShell 5.0 is the engine of DSC = Desired State Configuration.

Differences in each stage of the application lifecycle can be specified.

This makes it easy to get a total bill by viewing the rolled-up costs for the entire group or for a group of resources sharing the same tag.

See Azure Resource Manager overview by Tom FitzMacken.

At http://github.com/Azure are
sample ARM JSON templates at azure-quickstart-template code presented here.

Every template contains this:

    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
    "conventVersion": "",
      "storageAccountUniqueName": {
         "type": "String",
         "metadata": {
           "description": "Unique name of storage account"
      "storageAccountType": {
         "type": "String",
         "defaultValue": "Standard_LRS",
         "allowedValues": [





  • Standard_LRS = Locally Redundant Storage
  • Standard_GRS = Geographically Redundant Storage
  • Standard_RAGRS = Read Access Geographically Redundant Storage
  • Premium_LRS =


Parameters can be overriden with separate parameter files references:

    "type": "Microsoft.Storage/storageAccounts",
    "name": "variables('StorageAccountName')",
    "location": "[resourceGroup().location]",
    "apiVersion": "2015-05-01-preview",
    "propterties": {
      "accountType": "[parameters('storageAccountType')]"

“[resourceGroup().location]” enables the resource group to span across regions.

Load Balancer

An example DNS host name is mydeployment.eastus.cloudapp.azure.com, IP

Up to 100 vms can be supported by a Load Balancer.

NAT rules on the Load Balancer route inbound traffic dynamically or statically to reserved IPs.

Virtual Machine images

An example declarative template would include:

    "imageReference": {
      "publisher": "MicrosoftSQLServer",
      "offer": "SQL2014-WS2012R2",
      "sku": "Standard",
      "version": "latest"

publisher options:

  • “MicrosoftSQLServer”
  • redhat
  • barracuda

sku options:

  • “Standard”
  • “Web”
  • “Enterprise”
  • “EnterpriseOptimized”
  • “EnterpriseOptimizedDW” for Data Warehouse needing fast read but can tolerate slower bulk writes
  • “EnterpriseOptimizedOLTP” needing fast read and fast write

“offer” options:

  • “SP2014SP1-WS2012R2”
  • “SQL2014-WS2012R2”
  • etc.

The equivalent

  • Get-AzureRmVMImagePublisher -Location $locName select PublisherName
  • Get-AzureRmVMImageOffer -Location $locName -PublisherName $Publisher
  • Get-AzureRmVMImageSku -Location $locName -PublisherName $Publisher -Offer $offer

More on DevOps

This is one of a series on DevOps:

  1. DevOps_2.0
  2. ci-cd (Continuous Integration and Continuous Delivery)
  3. User Stories for DevOps

  4. Git and GitHub vs File Archival
  5. Git Commands and Statuses
  6. Git Commit, Tag, Push
  7. Git Utilities
  8. Data Security GitHub
  9. GitHub API
  10. TFS vs. GitHub

  11. Choices for DevOps Technologies
  12. Java DevOps Workflow
  13. AWS DevOps (CodeCommit, CodePipeline, CodeDeploy)
  14. AWS server deployment options

  15. Cloud regions
  16. AWS Virtual Private Cloud
  17. Azure Cloud Onramp
  18. Azure Cloud
  19. Azure Cloud Powershell
  20. Bash Windows using Microsoft’s WSL (Windows Subystem for Linux)

  21. Digital Ocean
  22. Cloud Foundry

  23. Packer automation to build Vagrant images
  24. Terraform multi-cloud provisioning automation

  25. Powershell Ecosystem
  26. Powershell on MacOS
  27. Powershell Desired System Configuration

  28. Jenkins Server Setup
  29. Jenkins Plug-ins
  30. Jenkins Freestyle jobs
  31. Jenkins2 Pipeline jobs using Groovy code in Jenkinsfile

  32. Dockerize apps
  33. Docker Setup
  34. Docker Build

  35. Maven on MacOSX

  36. Ansible

  37. MySQL Setup

  38. SonarQube static code scan

  39. API Management Microsoft
  40. API Management Amazon

  41. Scenarios for load