Rivia
Rivia

From A to Azure: Article 1 – Azure Basics

Ashley September 26, 2021
0 Comments

From A to Azure: Article 1 – Azure Basics

About Azure

Welcome to the wonderful world of Azure!

Here we will be exploring Azure from the basics to the most advanced concepts.

This article will be an introduction to get you started into becoming an expert Azure engineer.

Rather than reinventing the wheel explaining every cloud concept, these articles will be written in a fashion to get you into the cloud in the fastest way possible, while providing resources to gain more in-depth knowledge.

What is Cloud Computing?

  • Cloud computing is the delivery of computation services over the internet.
  • Rather than hosting and maintaining your own infrastructure, you rent another companies datacenter, using their resources, their hardware, network, electricity, cooling, security, and their expert technicians that maintain the resources.
  • Cloud hosting is typically much more cost effective, scalable, and nimble than traditional self-hosted infrastructure as it allows you to change what you are using at any moment without the headache of worrying about over or under spending on hardware as you only pay for what you use.
  • More in-depth information: What Is Cloud Computing? A Beginner’s Guide | Microsoft Azure

What is Azure?

What You Will Need

Install-Module Az

Github link to install Az Module

into the Windows PowerShell Terminal

Install-Module Az

Connecting to Azure

  • Web: Log into Azure through the Portal – https://portal.azure.com/
  • Desktop: Launch the desktop app and log in
  • Powershell: Enter the following command:

    Connect AzAccount

and a popup window will allow you to log in.

Github link to connection script

Azure Hierarchy of Resources

  • Azure has a hierarchy for it’s resources, each of which can have their own role based access control to allow users to create, delete, view, or edit resources under them.
    • Tenant (Management Group) – The top level, representing the organization as a whole
      • Subscription – The billing level, representing groups of resources to fall under a specific invoice
        • Resource Group – The resource level, representing logical groupings of resources
          • Resources – The actual resources and services themselves

Navigating Azure

  • Navigating to resources
    • For any resources you do not find on the home screen you may select the hamburger menu on the top left for a list of common resources.
    • You may also utilize the search feature in the center top of the screen. This search feature can not only search for names of resources, but types (For example: Resource Group)

  • Changing Directories / Accounts
    • For larger organizations or for users managing multiple customers, you may find that you have multiple directories or accounts to manage.
    • Select either the directory Icon (Book with a filter icon) Settings Icon (Gear) or select your username and select Switch Directory, all of which will bring you to the Directories + Subscriptions menu within settings. Here you can also change your appearance, default startup screens, language, or your personal information.

The Azure Cloud Shell

  • Azure has a method of utilizing the Az PowerShell and Az CLI from within Azure itself to save you from needing to have the Az PowerShell or CLI installed on your local machine, or even to allow you to initialize PowerShell commands from the Azure mobile app. We will be focusing on PowerShell in these articles. This is called the Azure Cloud Shell.
  • Starting the Azure Cloud Shell:
    • Select the Cloud Shell icon from the top right of the Azure Portal.
    • Select PowerShell.
    • The Cloud Shell requires a storage location, so upon first use the Cloud Shell will prompt to create a storage account.
      • We will select our one and only subscription and select Create Storage.
        • (If following along with a free trial account it should be called Azure subscription 1)
      • Once the storage location is created a PowerShell terminal will populate.
      • Azure Cloud shell will automatically use your current credentials from being logged into Azure so you can begin executing commands right away without the need of utilizing the Connect-AzAccount
      • To demonstrate, we will issue a basic command to list the subscriptions within our current tenant
  Get-AzSubscription

Azure Active Directory

  • Azure Active Directory (Azure AD / AAD) is Microsoft’s cloud-based identity and access management service, which helps your employees sign in and access resources.
  • Azure AD is where we will manage users, groups, devices, domains, applications, licenses, branding, security, and access control.
  • Azure AD will automatically be created for all Azure tenants, as well as for organizations that only utilize Microsoft 365

To get started we will just focus on the user section of Azure AD, so lets begin by creating a new account

  • Select Azure Active Directory from the top left hamburger menu button

  • This will navigate you to the Azure AD service overview pane
  • Select Users from the left hand menu

  • Select either New User to create a new user directly within your tenant or Invite User to send an email invitation to another user to allow them to use their current email as a login. Inviting users as guests can be useful for allowing other administrators to co-manage your cloud resources without needing additional accounts.

  • Enter users information below
  • We will leave most of this information default/blank for now and click Create

  • Navigate back to Azure AD > Users and select your newly created user to view roles, groups, licenses, and devices.

Creating Our First Resources

Navigate To Your First Subscription

The first thing we will want to do is navigate to our pre-created subscription (or existing subscription for those with existing Azure accounts) within our new Azure Tenant.

  • Select Subscriptions from the azure home page on the portal (Home – Microsoft Azure)
  • Select the Subscription
    • (If following along with a free trial account it should be called Azure subscription 1)

From within the subscription context menu we can rename our subscription if we wish.

  • In this instance, I have renamed the subscription to Rivia.

Navigate to Subscription via Powershell

  • After connecting with Connect-AzAccount or via Cloud Shell:

Set-AzContext -SubscriptionName <Name of Subscription>

      • This command will enact a scope within PowerShell in which to perform further commands
      • You may issue Clear-AzContext to reset the scope.
        • Contexts/scopes being set incorrectly is an extremely common issue when finding scripts not working properly.

Github link for Az Context script

Set Permissions for Our New User to Use The Subscription

  • From within the context of the Subcription:
    • Select Access Control (IAM) from the left side menu.
      • Click Add > Add Role Assignment
      • Set the Role
      • Enter the name of the User, Group or Service Principal
      • Select the User, Group or Service Principal
      • Click Save

Add User Access Control Role via Powershell

  • After connecting with Connect-AzAccount or via Cloud Shell:
    • Issue the command

New-AzRoleAssignment -SignInName <UserName> -RoleDefinitionName “<Role Name>” -Scope “/subscriptions/<ID of Subscription>”

Github Link for Access Control script

    • You may get the ID of the subscription by issuing Get-AzSubscription and looking at the ID of the results in the terminal
    • You can also see the ID of the subscription from within the portal

  • We can now find our sample User within the Access Control (IAM) blade of the Subscription

Creating a Resource Group

  • From within the context of our Subscription:
    • Select Resource Groups on the left side menu
    • We should see our default Cloud Shell Resource Group “Cloud-Shell-Storage-EastUS” in this case if you had used the Cloud Shell in the above section.
    • Click the Create button on the top menu bar.

    • Enter a Name, select a Region, and click Review + Create
    • There should be a bar that states Validation Passed then click Create

Create New Resource Group via PowerShell

  • After connecting with Connect-AzAccount or via Cloud Shell and setting the context of a Subscription:
    • Enter the command:

New-AzResourceGroup -Name “<Name>” -Location “<Location>”

Github link to create Resource Group script

  • We should now have two more Resource Groups, Rivia-Portal and Rivia-PowerShell

Create A Virtual Machine

  • Select our newly created Rivia-Portal Resource Group
    • Click Create on the top menu bar

  • In the Search Bar input Free Account Virtual Machine and press Enter to search
  • Select the Free Account Virtual Machine then click Create
    • Note – There are 3 different instances of Free Account Virtual Machine, I have highlighted the one that will allow creation of Windows VMs, the others will only allow Linux

Input a Virtual Machine Name, Region, Image, Username, and Password

  • Please refer to Microsoft’s documentation on proper naming conventions when creating production resources – Define your naming convention – Cloud Adoption Framework | Microsoft Docs
  • Note – Windows Server Core will not have a typical UI and will only have the command prompt
    • Select Windows Server 2016 Datacenter – Gen1
  • Note – The wizard may opt to create a new resource group by default, you may use this, or select our previously created Resource Group
  • For this test, let’s leave the Allow Selected Ports enabled for RDP so we can easily test the VM
  • Click Review + Create
  • Click Create

  • The portal will bring you to a screen to watch the deployment status, you may navigate away from this page if you wish and check in on the progress via the Notification panel, clicking the Deployment in Progress… will return you to the status screen.

  • Once deployment is complete, click Go To Resource

You will land on the Overview page of the VM

  • To connect to the VM and test it, click Connect then RDP on the top menu bar of the Overview Page or navigate to the Connect blade on the left.

  • Click Download RDP File

  • Run the downloaded RDP File and click Connect

  • You may need to select Use a Different Account and input the Username and Password set upon creating the VM

  • Upon successful login you will be prompted with a certificate notice, click Yes to continue

Congratulations! You have just created your first Azure machine and connected to it!

Create VM via PowerShell

  • After connecting with Connect-AzAccount or via Cloud Shell and setting the context of a Subscription:
    • Execute the following commands:

## Interactive method of parameterizing credentials
$cred = Get-Credential -Message “Enter a username and password for the virtual machine.”

## Create PowerShell object with all settings necessary for the Virtual Machine
$vmParams = @{
ResourceGroupName = ‘RG_Name’
Name = ‘VM_Name’
Location = ‘Location’
ImageName = ‘Win2016Datacenter’
PublicIpAddressName = ‘PIP_Name’
Credential = $cred
OpenPorts = 3389
Size = ‘Standard_B1s’
}

## Create Virtual Machine
$newVM1 = New-AzVM @vmParams

Github link to create VM script

  • Note – These are normal Virtual Machines (Not the Free Account VMs) and will use your Azure Credits
    • You should clean these up after creation, instructions below

Clean Up

  • From each resource group you may either opt to delete the entire resource group or select each resource and select Delete

Summary

  • In this article we covered:
    • Creating a free Azure account
    • The tools necessary for success with Azure
    • Connecting to Azure
    • Azure resource hierarchy
    • Basics of PowerShell and Cloud Shell
    • Basics of Azure AD
      • Basics of Users and Access Control
    • Creating Resource Groups
    • Creating Azure Virtual Machines
      • Connecting to Azure Virtual Machines
Categories: AWS, Azure

Related Articles

Responses

Your email address will not be published. Required fields are marked *