I have 3 subscription in my Azure Account, I need to change the default subscription. When i Run the command:
azure account list
I have this output:
I have tried to change the default or current subscription on this way, with no results...
azure config set subscription {{MyIdSubscription}}
Any ideas? Thanks.
For Azure CLI 2.0 (preview) I had to use
az account set --subscription <name or id>
Please try the following:
azure account set -s {Subscription Id}
That should change the subscription.
1. List all the subscriptions you have
az account list --output table
Name CloudName SubscriptionId State IsDefault
--------------- ------------ ---------------- --------- ----------
AssociateProd AzureCloud xxxxxxxxxxxx Enabled False
2. Pick the subscription you want and use it in the command below.
az account set --subscription <subscription_id>
Use id (subscription id) that is GUID, which will be listed when you did az login
And then execute the below command..
az account set --subscription fffde5cb-cccc-aaaa-eee-457c3292608e
Try in this way.it worked for me to set Azure PowerShell to a specific Azure Subscription
Set-AzContext -SubscriptionId "t666-e251-49ce-a1cd-5c3144"
An important tip!
Be careful mixing Azure Shell and Powershell - eg. "az login" and "Connect-AzAccount"
If you use "az login" it will not reflect on commands like Get-AzContext.
So if you have powershell scripts that depend on Get-AzContext they'll fail.
Azure CLI latest (2.39.0):
az account set (--name or -n) <name>
az account set (--subscription or -s) <id>
I have created a wrapper around the Azure-CLI for this in a PiP Package, with colors.
pip install azure-account-switcher
note: it's dependent on azure-cli which downloads a lot of dependencies. So you should install in environment with azure-cli already present.
Related
I am using the following command in Powershell
az webapp config ssl show
But i get an error:
az : az webapp config ssl: 'show' is not in the 'az webapp config ssl' command group.
How can i add the extension ?
You can use the az extension add --name cmdlet to add a particular extension in Azure CLI as shown below
Here is the az extension add cmdlet with the allowed properities:
az extension add [--name]
[--pip-extra-index-urls]
[--pip-proxy]
[--source]
[--system]
[--upgrade]
[--version]
[--yes]
Refer to this documentation for more information about az extension cmdlet with supported operations.
While creating webapps using Az cli in Azure, the command line have no option to mention the location parameter. However while creating from azure portal,there is a option where in we can select the region .
Following is the link to the command and the command itsel
https://learn.microsoft.com/en-us/cli/azure/webapp?view=azure-cli-latest
az webapp create --name
--plan
--resource-group
[--assign-identity]
[--deployment-container-image-name]
[--deployment-local-git]
[--deployment-source-branch]
[--deployment-source-url]
[--docker-registry-server-password]
[--docker-registry-server-user]
[--https-only {false, true}]
[--multicontainer-config-file]
[--multicontainer-config-type {COMPOSE, KUBE}]
[--role]
[--runtime]
[--scope]
[--startup-file]
[--subnet]
[--tags]
[--vnet]
You can use az webapp up CLI command which has a location switch like
az webapp up -n MyUniqueAppName --runtime "java:11:Java SE:11" -l locationName
BTW, if you even don't specify the location while using az webapp create it will be default to the region of "Resource Group" or if you are specifying app service plan then that region would be in use
You can use this cmdlet for specifying the location while creating the web app in Azure:
New-AzwebApp [[-ResourceGroupName] <String>] [-Name] <String> [[-Location] <String>] ...
Of course, the next question will be some parameters like specifying runtime environment missing in the New-AzWebApp cmdlet, we need to use different combination of cmdlets for our requirement.
Please refer to one of these workarounds that shows how to choose the runtime environment when using the New-AzWebApp cmdlet.
Refer here for more information on New-AzWebApp cmdlet parameters.
Does anyone know if there is any equivalent for the az cli command "az webapp list-runtimes" in PowerShell?
Thanks!
There is none I am aware of. However you can anyway fire az cmd from the same powershell session seamlessly if you are already into latest Az powershell.
$rt = az webapp list-runtimes # for linux, add --linux flag
# use $rt like a regular ps variable (would be array in this case)
I have two MS-Azure subscriptions, SUB1 and SUB2
In SUB1 I have created Log-analytics-workspace named "nonprod-app-law" and after few days I have deleted it.
In SUB2 I have created Log-analytics-workspace named "nonprod-app-law". But getting below error
ERROR:
0-06-28T19:29:24.0541229Z There were errors in your deployment. Error code: DeploymentFailed.
2020-06-28T19:29:24.0626384Z ##[error]Details:
2020-06-28T19:29:24.0627398Z ##[debug]Processed: ##vso[task.issue type=error;]Details:
2020-06-28T19:29:24.0629668Z ##[error]Conflict: The workspace name 'nonprod-app-law' is not unique
2020-06-28T19:29:24.0630757Z ##[debug]Processed: ##vso[task.issue type=error;]Conflict: The workspace name 'nonprod-app-law' is not unique
If you deleted in the portal the default behavior is a soft delete. To delete forcefully you need to run some powershell
Remove-AzOperationalInsightsWorkspace -ResourceGroupName "resource-group-name" -Name "workspace-name" -ForceDelete
If you open the recycle bin of Log Analytics workspaces in the Azure portal, you will see a similar screen similar to the below:
To be able to add a new Log Analytics workspace with the same name to another subscription, you should first recover the soft-deleted one via portal or CLI. Then, you need to delete it with the --force flag on CLI either via PowerShell or Az CLI.
PS:
Remove-AzOperationalInsightsWorkspace -ResourceGroupName
"resource-group-name" -Name "workspace-name" -ForceDelete
Az CLI:
az monitor log-analytics workspace delete --force true
--resource-group MyResourceGroup --workspace-name MyWorkspace
Force deleted using -Force tag is not working #DreadedFrost
There is an issue with PowerShell not supporting force delete, we are fixing (eta: couple of weeks). You can use REST or CLI to force delete
Trying to perform an az cli login using a Service Principal and it is throwing an error stating No subscriptions found for <Service_Principal_AppId>. If this is expected, use '--allow-no-subscriptions'. This code has worked fine previously but now it does not appear to work any longer. Command line being used is below:
$sp_appid = (Get-AzureRmADServicePrincipal -DisplayName $spDisplayName).ApplicationId.Guid
$sp_secret = (Get-AzureKeyVaultSecret -VaultName $kvName -Name $appKeySecretName).SecretValueText
az login --service-principal --username $sp_appid --password $sp_secret --tenant $tenant_Id
I verified that the Service Principal is assigned the Contributor role at the subscription level.
After creating a service principal in the Azure Active Directory you need to give this new user some roles within a subscription:
go to your subscription
go to Access Control (IAM)
Add a roles assignment (for instance make your service principal contributor)
Then az login should work.
Actually, I don't recommend you to mix the Azure Powershell and CLI together. If you insist on doing it, I have tried your script, I could not reproduce your issue, it works fine.
According to the error, you could try to pass a --subscription, it also works.
$sp_appid = (Get-AzADServicePrincipal -DisplayName joywebapp2).ApplicationId.Guid
$sp_secret = (Get-AzKeyVaultSecret -VaultName joykeyvault1 -Name joywebapp2).SecretValueText
$tenant_Id = "xxxxxxxxxxxx"
$subscription_Id = "xxxxxxxxxxx"
az login --service-principal --username $sp_appid --password $sp_secret --tenant $tenant_Id --subscription $subscription_Id
Note: Due to the AzureRM powershell module has been deprecated, I use the new Az powershell module, if you want to upgrade to Az, see this link. (It may not be the reason of the issue, but I recommend you to upgrade it.)
Update:
We have to use AZ CLI simply for the property we are trying to grab...there is no PowerShell equivalent.
Actually you can login with a service principal via powershell, the strong password is the secret, more details see this post.
$azureAplicationId ="Azure AD Application Id"
$azureTenantId= "Your Tenant Id"
$azurePassword = ConvertTo-SecureString "strong password" -AsPlainText -Force
$psCred = New-Object System.Management.Automation.PSCredential($azureAplicationId , $azurePassword)
Add-AzureRmAccount -Credential $psCred -TenantId $azureTenantId -ServicePrincipal
The original problem appears to have been a transient platform problem. Went back to the same code yesterday and it work with no issues.
For me, running cache purge worked:
az cache purge
Also, if it still does not work try printing verbose information using:
az login --verbose
I had the same issue that suddenly no subscriptions where showing up for my service principal (on 2 different build servers that I originally installed at the same time).
Updating the Azure CLI seemed to fix the issue.
Trying to az login with a Service Principal account, which does not have Role Based Access Control in its Subscription Scope, will fail with ERROR: No subscriptions found.
Moreover in recent Azure CLI, using the login command with the subscription flag would return unrecognized arguments: --subscription
Thus, to login without specifying subscription, make sure to add a role to your Service Principal account:
# Authenticate via browser
az login
# Get current subscription
subscriptionID=$(az account show --query id -o tsv)
# Create/update servie account with a role (e.g. "Owner")
az ad sp create-for-rbac --name ${theServiceAccount} --role Owner --scopes /subscriptions/${subscriptionID}
# Get current tenant
tenantID=$(az account show --query tenantId -o tsv)
# Login with the updated service account
az login --service-principal --tenant ${tenantID} -u yourUser -p yourPassword