How can I get the Object Id of an Azure resource using PowerShell cmdlets?
I tried using Get-AzureRmResource -ResourceName 'my-resource' | fl but it fails with error: Parameter set cannot be resolved using the specified named parameters
I also tried using Get-AzResource -Name 'my-resource' but among the information it retrieves it doesn't include the Object Id.
In Azure, there is no such Object Id for azure resources in the subscription, there is just a ResourceId with the format /subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/{resource-provider-namespace}/{resource-type}/{resource-name}.
You can get it via Get-AzResource you used, it returns the ResourceId.
Related
I'm using Azure Powershell 3.8.0
I'm trying to fetch the Object ID that can be seen in this screen:
I tried using the following:
PS> (Get-AzResource -Name "func-example").Identity.PrincipalId
But it does not match the Object ID.
then also:
PS> (Get-AzWebApp -Name "func-example" -ResourceGroupName RGNAME).Identity
But also does not match
Does anyone know how to fetch that ID using Azure Powershell?
You can do this,
With PowerShell :
Get-AzADServicePrincipal -DisplayName 'func-example'
With CLI :
az ad sp list --display-name 'func-example'
like to know all the sites in Azure that are currently associated to our Azure Tenant includes full URL,azure web apps,azure SQL,Storage accounts,Datalake,Cosmosdb,container registries
Tried Get-AzureADTenantDetail and also az resource list but not able find it
Any Powershell script will help
You can use
Azure CLI
az resource list
Powershell
Get-AzureRmResource
You can use Get-AzureRmResource to get the list of resources in an Azure Subscription. By default this Cmdlet will list all resources in an Azure Subscription. To get a list of certain resource types, you can specify an OData filter query.
For example, the Cmdlet below will list all storage accounts and webapps in an Azure Subscription:
Get-AzureRmResource -ODataQuery "ResourceType eq 'Microsoft.Storage/storageAccounts' or ResourceType eq 'Microsoft.Web/sites'" | ft
You will need to find the proper resource type values for each kind of resource that you want to find.
Another thing to notice is that this Cmdlet is scoped to a single Azure Subscription. If your Azure Tenant serves as authentication/authorization source for multiple subscriptions, you would need to run this Cmdlet for each subscription separately.
If you have multiple tenants, you can switch between tenants and get resources within them (subscription by subscription) via
connect-azaccount -Tenant [different tenant id]
$context = Get-AzSubscription [subscriptionid in different tenant id]
set-azcontext $context
get-azresource > resources.tenantname.subcription.txt
where tenantname and subscription are the names of the tenant and subscription in english form (instead of id's).
you should probably not use those azurerm commands anymore, they will stop working sometime in 2024. use the az equivalents (basically replace azurerm with az (yeah, i could delete urerm but that seems weirder!))
I'm trying to create an Application Insights resource following the directions provided here: https://learn.microsoft.com/en-us/azure/azure-monitor/app/powershell
However, when I execute the command from the docs:
New-AzResourceGroupDeployment -ResourceGroupName Fabrikam -TemplateFile .\template1.json -appName myNewApp
Replacing Fabrikam my Resource Group Name, it throws ResourceGroupNotFound. If I list the Resource Groups with:
az group list
I can clearly see the Resource Group in the list, so I know I'm in the right subscription context.
Any thing obvious that I'm missing?
I've uploaded my version of template1.json already to the CLI storage.
I can clearly see the Resource Group in the list, so I know I'm in the right subscription context.
No, if you can use az group list to see the group, it just means the azure CLI context is in the right subscription. The New-AzResourceGroupDeployment is azure powershell, they are different, you need to use Get-AzResourceGroup to list groups.
To check if you are in the correct subscription, just use Get-AzContext. If you want to set the subscription for the powershell context, just use Set-AzContext -Subscription "<subscription-id>".
I've uploaded my version of template1.json already to the CLI storage.
I suppose you mean you upload the template to the azure storage. If so, you could not use this parameter -TemplateFile, you need to use -TemplateUri and -TemplateParameterUri, you need to generate the SAS urls for your template files(if your container is not public), then specify the two parameters, see this link.
Actually, you can use New-AzResource to create the app insight directly, no need to use the template in the doc.
Sample:
New-AzResource -ResourceName "<appinsight-name>" -ResourceGroupName <resourcegroup-name> -ResourceType "Microsoft.Insights/components" -Location "East US" -PropertyObject #{"Application_Type"="web"}
Deployment script needs to enumerate existing public IP addresses from public IP prefix. Public IP Prefix object contains an array of resource identifies of individual public IP address.
I'd like to retrieve individual public ip addresses using provided resource identifier. Something like this:
Get-AzPublicIpAddress -ResourceId $resourceId;
Unfortunately, such signature doesn't exist. Get-AzPublicIpAddress expects ip address name as input parameter.
I understand that I can do:
Call Get-AzResource and get needed information from returned object [it means extra network call]
Parse needed information out of resource identifier [would like to avoid implementing this logic in PowerShell]
Question - are these the only options? Or maybe Az provides a built-in way of parsing resource identifiers?
You can use Get-AzResource -resourceId xxx -ExpandProperties | fl * for such requests. its a generic cmdlet that will work for any resource.
How is calling Get-AzResource an extra network call, compared to Get-AzPublicIpAddress? Its 1 call vs 1 call.
No, Az doesnt provide any parsing capabilities, they are not needed. You have tools to use resource id as well as individual names.
getting resource name out of resource id is fairly easy:
$resourceId -split '/' | Select-Object -Last 1
I don't think you can pass the -ResourceId directly to the command, all the built-in parameters are here : https://learn.microsoft.com/en-us/powershell/module/az.network/get-azpublicipaddress?view=azps-1.4.0. The most close way I can find is your option 2.
Not sure why you want to use Get-AzPublicIpAddress via ResourceId, even if we use -Name and -ResourceGroupName i.e. Get-AzPublicIpAddress -Name <publicIpName> -ResourceGroupName <ResourceGroupName>, it essentially also passes them into the request url of the rest api which the command called.
GET https://management.azure.com/subscriptions/xxxxxxxxx/resourceGroups/joywebapp/providers/Microsoft.Network/publicIPAddresses/joyVM-ip?api-version=2018-10-01
Actually, you could find /subscriptions/xxxxxxxxx/resourceGroups/joywebapp/providers/Microsoft.Network/publicIPAddresses/joyVM-ip is the ResourceId.
So I think it should be not too difficult for Microsoft to add the -ResourceId as a bulit-in parameter of the Get-AzPublicIpAddress command, if you want to improve it, you could give the feedback here.
Update:
Microsoft has replied to the this issue, see : https://github.com/Azure/azure-powershell/issues/8704#issuecomment-470604852
thanks for opening this feature request -- to provide more insight as to why the issues you mentioned above were closed: all new cmdlets that we ship in Az must conform to the pattern of having parameter sets that allow the user to do the following:
Provide the components of a resource (e.g., resource group name, resource name, etc.)
Provide the resource id of a resource
Provide the object representation of the resource (some cmdlets won't use this, like Get-*)
Later this year, we will begin generating our cmdlets using AutoRest (see this blog post for more details), and the above patterns will be enforced in the generator. Our goal then is to generate cmdlets for existing Azure services and replace our existing cmdlets with the generated ones.
I created a VM in Windows Azure and some networking people are asking me for the deployment id. I cannot see this property anywhere on the portal. How can I get the deployment id of a Windows Azure VM? I just created the VM through the portal.
One way is to:
Go to https://resources.azure.com and log in
Search for the name of your VM and click to open details. It should return JSON information about the VM.
In the JSON data, search for deploymentId (it should be under the hardwareProfile section in the JSON)
You can see the deployment ID in the virtual machine's Dashboard tab. Refer to the screenshot-
Here's how you can do it via Powershell:
First log in to azure:
login-AzureRmAccount
Then get a reference to the virtual machine. In my case, I have a virtual machine called malcolms-dad in the resource group breaking-bad:
$vm = (Get-AzureRmResource -ResourceGroupName breaking-bad -ResourceName malcolms-dad -ResourceType MicrosoftClassicComputer/virtualMachines)
Now you have the reference, you can query for the deployment id property:
$vm.Properties.HardwareProfile.DeploymentId
Note that we had to pass in the -ResourceType parameter into the Get-AzureRmResource query. This might seem superfluous, but if you omit the parameter the command returns an object without the Properties field.