In Azure Classic / Service Management, Get-AzureSubscription would give a list of subscriptions in the Tenant with an indicator of which was current.
There was also a Get-AzureSubscription -Current flag that would give you just the current subscription.
Is there a way to find the current subscription in AzureRM.Profile?
Get-AzureRmContext gives you info about the selected subscription, default storage account, etc.
(Get-AzureRmContext).Subscription gives you the current subscription.
Now you can use the new Az commands
Get-AzContext
You can also use Get-AzureRmSubscription
$sub = Get-AzureRmSubscription
$sub.SubscriptionId
This will give you the SubscriptionId
Related
According to this Official document example from MS Azure team, the following command should display all the VMs in my current subscription. But when I logged-in with my subscription and run the following command, it just brings me back to the command line with no output and no error. I do have VMs in this subscription, and the same login with the same subscription is working for other tasks I am performing in the same session. Question: What I may be missing here, and how can we resolve the issue?
PS C:\Users\MyUserName> Get-azVM
PS C:\Users\MyUserName>
Are you Signed into Azure Connect-AzAccount
Do you have more than one subscription?
If so you might need to switch subscriptions.
Set-AzContext -SubscriptionId "xxxx-xxxx-xxxx-xxxx"
We noticed that our Azure Subscription field is empty eg:
Get-AzContext -ListAvailable
Name Account SubscriptionName Environment TenantId
---- ------- ---------------- ----------- --------
kk89gan-db99-41c8-95c4-d43adfdfaf34ad ... mymy#outlook.zzz ... AzureCloud 674ce2a1-d4sd1da..
so when I try to run on ps command, I receive an error:
New-AzResourceGroup -Name az1rg -Location 'eastus'
New-AzResourceGroup : 'this.Client.SubscriptionId' cannot be null.
At line:1 char:1
If you don't set an Azure subscription, you won't be allowed to create any Azure resources without the subscription.
You need use Get-AzSubscription to list all the available subscriptions.
Then set the subscription by using Select-AzSubscription {subscription id}.
Now you could create Azure resources.
I notice that your account seems to be a guest user right?
If so, you should assign the guest user as an administrator of a subscription at first. Then the guest user can see the subscription in Powershell.
Add your System Managed Identity as Contributor role in Subscription level.
Add Contributor role on subscription level.
Correct me if I am wrong. Thank You.
The following works
Use Get-AzSubscription to list all the available subscriptions.
Set the subscription by using Select-AzSubscription {subscription id}.
This error also occurs if you are using a Managed Identity to authenticate, but the Automation Account (or Functional App) does not have a Role assigned. Assigning a Role (presumably) "homes" this identity in Subscription and populates this property automatically during authentication.
Issue reported in 2019:
https://github.com/Azure/Azure-Functions/issues/1285
like to know all the sites in Azure that are currently associated to our Azure Tenant includes full URL,azure web apps,azure SQL,Storage accounts,Datalake,Cosmosdb,container registries
Tried Get-AzureADTenantDetail and also az resource list but not able find it
Any Powershell script will help
You can use
Azure CLI
az resource list
Powershell
Get-AzureRmResource
You can use Get-AzureRmResource to get the list of resources in an Azure Subscription. By default this Cmdlet will list all resources in an Azure Subscription. To get a list of certain resource types, you can specify an OData filter query.
For example, the Cmdlet below will list all storage accounts and webapps in an Azure Subscription:
Get-AzureRmResource -ODataQuery "ResourceType eq 'Microsoft.Storage/storageAccounts' or ResourceType eq 'Microsoft.Web/sites'" | ft
You will need to find the proper resource type values for each kind of resource that you want to find.
Another thing to notice is that this Cmdlet is scoped to a single Azure Subscription. If your Azure Tenant serves as authentication/authorization source for multiple subscriptions, you would need to run this Cmdlet for each subscription separately.
If you have multiple tenants, you can switch between tenants and get resources within them (subscription by subscription) via
connect-azaccount -Tenant [different tenant id]
$context = Get-AzSubscription [subscriptionid in different tenant id]
set-azcontext $context
get-azresource > resources.tenantname.subcription.txt
where tenantname and subscription are the names of the tenant and subscription in english form (instead of id's).
you should probably not use those azurerm commands anymore, they will stop working sometime in 2024. use the az equivalents (basically replace azurerm with az (yeah, i could delete urerm but that seems weirder!))
ASM had the ability to change the default subscription with the -Default (and now deprecated) parameter
Select-AzureSubscription -Default
but the ARM version
Select-AzureRMSubscription
does not have the -Default parameter.
How can I change the default ARM subscription? It is very annoying that my default is a subscription that I never use.
Edit for clarification: When I say change default subscription I mean the default subscription that you are connected to with each new PowerShell session.
Step 1: Get-AzureRmSubscription
It will List all your subscriptions.
Step 2: Select-AzureRmSubscription -SubscriptionId xxxxx-xxxxx-xxxxxx-xxxx
The SubscriptionID can be found in the output of the Get-AzureRmSubscription. You can also use the SubscriptionName.
Step 3: (Get-AzureRmContext).Subscription
Confirm that you have selected the right subscription.
I don't think there is a way, but for me I've added the following to my powershell profile:
Login-AzureRmAccount -SubscriptionName "My Subscription"
How to customize PowerShell profile
According to your requirement, I tested the following command to change my subscription on my side and I could change the subscription.
Get-AzureRmSubscription –SubscriptionName "your subscription" | Select-AzureRmSubscription
Here is my test, you could refer to it.
Note: You could find the command in this official document about Azure Resource Manager Cmdlets.
This is now resolved with Azure PowerShell version 5.
Enable-AzureRmContextAutosave
Once you run this command, every new Azure PowerShell session will default to the last context set with the
Set-AzureRMContext
command
Add-AzureRmAccount -Environment [If Needed] -Subscription "[Add Yours]" -ContextName "Default"
I have the same challenge - there does not seem to be any Cmdlet in the AzureRM module for it [version 4.2.0]:
Get-Command set-*subscription* -Module AzureRM
Subscription objects returned by Get-AzureSubscription (Azure module) are obviously different from those returned by the GetAzureRmSubscription - ie there's not a IsDefault property on the ARM-ones.
Following the mindset of 4c74356b41 you could add a less "disturbing" line in your profile:
$PSDefaultParameterValues["Login-AzureRmAccount:SubscriptionName"] = "my subscriptionName"
Two scenarios not covered is if you already have a PowerShell profile that you want to edit and if you want to change the PowerShell profile for PowerShell ISE.
The easiest way to set your subscription in ARM is to use your PowerShell profile as 4c74356b41 points out.
To find the path to your PowerShell profiles use $Profile | Format-List.
The Windows PowerShell profile is typically in ..\Documents\WindowsPowerShell\Microsoft.PowerShell_profile.ps1
The PowerShell ISE profile is typically in ..\Documents\WindowsPowerShell\Microsoft.PowerShellISE_profile.ps1
If either are missing use New-Item -path $profile -type file –force from the ISE or PowerShell window to create an empty file.
If you want to list all PowerShell profile files with their path add the -Force switch $Profile | Format-List -Force.
If you are using a Microsoft account, such as me#outlook.com, then add this to the .ps1 file Login-AzureRmAccount -TenantId "Tenant ID" -SubscriptionId "Subscription ID". You can get a list of all Subscription and Tenant IDs using
Get-AzureRmSubscription | Format-List.
You could use APowerShell's answer also, I prefer not to use the Subscription Name parameter. It isn't uncommon for the sub name to change when you have multiple subs, the SubID and TenantID will not change.
If you are logging in using a work account like user#domain.com then you can automate the entire login and subscription selection using something like this.
$AzureAcct = "user#contoso.com"
$AzurePwd = ConvertTo-SecureString "P#s$w0rd" -AsPlainText -Force
$AzureCreds = New-Object System.Management.Automation.PSCredential($AzureAcct, $AzurePwd)
$Login-AzureRmAccount -Credential $AzureCreds -TenantId "Tenant ID" -SubscriptionId "Subscription ID"
If you only use the parameter -SubscriptionId you can get login errors if the account has been added to multiple Azure subscriptions, so it is important to use -TenantId as well.
You will hav eto use context like this Set-AzureRmContext -SubscriptionName for every session
I am trying to move some Azure resources from one subscription to another one. I have one Microsoft Account which is co-administrator in both source and target subscriptions.
I run Powershell and log in using the following commandlet:
Add-AzureRmAccount -TenantId "source tenant GUID"
Then I use
Move-AzureRmResource -ResourceId "id of the resource" -DestinationResourceGroupName "xxx" -SubscriptionId "target subscription GUID"
I am getting this error:
Move-AzureRmResource : LinkedAuthorizationFailed : The client has permission to perform
action 'Microsoft.Resources/subscriptions/resourceGroups/write' on scope '/subscriptions/
xxx/resourceGroups/dotnetportal', however the linked subscription 'target subscription GUID' is not in
current tenant 'source tenant GUID'.
Can't reproduce your question and no official material found, but according to the error message however the linked subscription 'target subscription GUID' is not in
current tenant 'source tenant GUID', I think resources moving between subscriptions belong to different tenant is not allowed. Microsoft Azure should have limited the function within identical tenant.
The Azure PowerShell module Move-AzureRmResource cmdlet allows you to move a resource to a different resource group or subscription, but it requires the subscriptions to be in the same tenant.
The best way to check if you have linked subscription is using UI, first.
Login to your source azure subscription.
Browse > Resource groups and select the resource group that contains the VM.
In the Resource group blade, select Move from the menu.
Check if you can see the linked subscription.
A good workaround to copy or move a resource group from one subscription to another see: https://blogs.msdn.microsoft.com/azuregov/2016/12/09/copying-azure-resource-groups-between-different-azure-subscriptions-or-environments/
Share you some code as reference:
Get-AzureRMResource -ResourceName **** -ResourceGroupName **** |
Move-AzureRMResource -DestinationResourceGroupName *** -DestinationSubscriptionId **** -Force