Skip to main content

Azure - Cheatsheet

Original Article - https://wiki.mutschlerhome.com/en/CheatSheets/AzureCheatsheet

Powershell Installation and Modules

Install latest version of Azure CLI on Mac

brew update && brew install azure-cli Original Article

Install latest version of Azure CLI on Linux

# YOLO curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash Resources: https://docs.microsoft...

Install PowerShell

brew install --cask powershell-preview Run a powershell terminal with: pwsh-preview

Update Powershell

brew update brew upgrade powershell-preview --cask  

Uninstall Powershell

brew uninstall --cask powershell sudo rm -rf /usr/local/bin/pwsh-preview /usr/local/microsoft/po...

Install Azure PowerShell module

For the current user: if ($PSVersionTable.PSEdition -eq 'Desktop' -and (Get-Module -Name AzureRM...

Setup the AzureRMAlias module

This will deal with incompatibilities with older scripts that use AzureRM: Enable-AzureRmAlias

List available modules

Get-Module -ListAvailable  

Get authenticated in Powershell

Connect-AzAccount %USERNAME  

List commands in a module

Get-Command -Module <module name>  

List functions in a module

Get-Command -Module <module name> -Type Function  

Authenticate via the CLI

Run this command to get authenticated: az login This will result in a web browser opening, or a...

Info Gathering

List subscriptions for authenticated account

az account list  

Get tenant id

az account list | jq '.[].tenantId'  

Get subscription id

az cli: az account list | jq '.[].id' Powershell: Get-AzSubscription Resources:Powershell doc...

List tenants

az account tenant list  

List Resource Groups by name

az group list | jq -r '.[].name' Resource: https://docs.microsoft.com/en-us/cli/azure/group?view...

Set Subscription

az cli: az account set -s <name or id> Powershell: Set-AzureSubscription -Id [Subscription ID]...

List all VMs

az vm list Resource: https://docs.microsoft.com/en-us/cli/azure/vm?view=azure-cli-latest

Blob Storage

General

List all storage accounts and output in a table format: az storage account list -o table List a...

Get storage keys

If you set the env var: az storage account keys list -n $AZURE_STORAGE_ACCOUNT You can assign o...

List storage containers

az storage container list --account-name $AZURE_STORAGE_ACCOUNT --account-key "$AZURE_STORAGE_KEY...

List storage container contents

az storage blob list --container-name <name of storage container from previous command> --account...

List blob names

az storage blob list --container-name <name of storage container from previous command> --account...

Azure Kubernetes (k8s)

Get available versions of k8s in a region

REGION=westus2 # This will vary depending on the region you're using az aks get-versions --locat...

List managed k8s clusters

az aks list Resource: https://docs.microsoft.com/en-us/cli/azure/aks?view=azure-cli-latest

Get Resource Group Name for clusters

AZ_RESOURCE_GROUP_NAME=$(az aks list | jq -r '.[].resourceGroup')  

Get Cluster Name

AZ_CLUSTER_NAME=$(az aks list | jq -r '.[].name')  

Configure kubectl

This is pretty awesome, good job Microsoft: az aks get-credentials --resource-group $AZ_RESOURCE...

Security Auditing

ScoutSuite

https://github.com/nccgroup/ScoutSuite will generate an HTML report outlining various issues that...

PowerZure

git clone git@github.com:hausec/PowerZure.git cd PowerZure pwsh-preview # Authenticate Conn...

Get help for a particular function

For example: get-help Get-AzureTargets

Get all content from all KeyVault

Show-AzureKeyVaultContent -All Resource: https://hausec.com/2020/01/31/attacking-azure-azure-ad...

MicroBurst

git clone git@github.com:NetSPI/MicroBurst.git cd MicroBurst pwsh-preview # Authenticate ...

SkyArk

git clone https://github.com/cyberark/SkyArk cd SkyArk pwsh-preview Import-Module .\SkyArk.ps1...

Create Azure Objects

Create a new user

New-AzureUser -Username 'test@test.com' -Password reallyAwesomePassword123!  

Azure AD

List all applications

az ad app list --output=table --query='[].{Name:displayName,URL:homepage}'  

List all service principles

az ad sp list --output=table --query='[].{Name:displayName,Enabled:accountEnabled,URL:homepage,Pu...

List all groups

az ad group list --output=json --query='[].{Group:displayName,Description:description}' Resource...

VMSS

View all VMSS in a subscription

Simply navigate to this page and use the magical Try it button to use the REST API to grab this i...

Get VMSS by name and associated resource group

az vmss list | jq '.[].name, .[].resourceGroup'  

List vms in a VMSS

az vmss list-instances -n $VMSS_NAME -g $RESOURCE_GROUP Resource: https://docs.microsoft.com/en-...

Get computer name of vms in a VMSS

az vmss list-instances -n $VMSS_NAME -g $RESOURCE_GROUP | jq '.[].osProfile.computerName'

Run command in VM in a VMSS

This will run commands in the instance with an id of 0. See the above commands for how to get the...

Metadata Service

Get all instance metadata

curl -s -H Metadata:true --noproxy "*" "http://169.254.169.254/metadata/instance?api-version=2020...

Get access token

curl -s -H Metadata:true --noproxy "*" "http://169.254.169.254/metadata/identity/oauth2/token?api...

Request storage account token

# Get OAuth Token TOKEN=$(curl -s "http://169.254.169.254/metadata/identity/oauth2/token?api-ver...

Get AKS node IP

curl -s -H Metadata:true "http://169.254.169.254/metadata/instance?api-version=2017-08-01" | jq -...

Roles

Create new role assignment

This will try to assign the assignee the owner role: az role assignment create --assignee <user ...

Features

Show registered features in a table format

az feature list -o table  

Find features associated w/ ContainerService

az feature list -o table --query "[?contains(name, 'Microsoft.ContainerService')].{Name:name,Stat...

Azure Powershell Module Cheatsheet

# Azure Product Azure CLI Example CLI PowerShell Module Example PS 1 Syntax ...
Back to top