Azure PowerShell to manage Azure Subscriptions

After you install the Azure PowerShell modules, you can connect the Azure PowerShell session to the Azure subscriptions that you want to manage. To establish this connection, you first need to authenticate by using an account that exists in the Azure AD tenant and that is associated with the target subscription.

This can be a Microsoft account that you either used to create the subscription or added subsequently to the subscription’s Azure AD tenant. Alternatively, you can also create new accounts in Azure AD. These accounts were formerly referred to as organizational accounts and are now known as work or school accounts.

When managing Azure Resource Manager resources, you authenticate by running the Add-AzureRmAccount cmdlet. By default, running this cmdlet opens a browser window prompting you for the user name and the password of a user account with access to the Azure subscription that you intend to manage.

Azure AD authentication is token-based, and after signing in, the user remains authenticated until the authentication token expires. The expiration time for an Azure AD token is 12 hours.

After you authenticate, you can use the Get-AzureRmSubscription cmdlet to view a list of subscriptions associated with your account. If you have multiple subscriptions, you can specify the one you want to manage by using the Set-AzureRmSubscription cmdlet and providing either the subscription name or ID. You can identify the subscription name and ID by reviewing the output of the Get-AzureRmSubscription cmdlet.

After you authenticate from within a Windows PowerShell session, Azure PowerShell automatically generates a collection of session-related objects, which is known as the session context. That context contains objects such as the account, Azure subscription, and corresponding Azure AD tenant. You can manage the content of the context by using the Set-AzureRmContext and Select-AzureRmSubscription cmdlets and view the context by using the Get-AzureRmContext cmdlet.

When managing Azure Service Management services, you authenticate by running the Add-AzureAccount cmdlet. For access to subscription management functionality that is equivalent to that from Get-AzureRmSubscription and Select-AzureRmSubscription, you can run the corresponding Azure PowerShell cmdlets, including Get-AzureSubscription and Select-AzureSubscription. However, in this case, no corresponding session context exists, so you need to manage its components separately.

Written by Marcos Nogueira

Marcos Nogueira

With more than 18 years experience in Datacenter Architectures, Marcos Nogueira is currently working as a Principal Cloud Solution Architect. He is an expert in Private and Hybrid Cloud, with a focus on Microsoft Azure, Virtualization and System Center. He has worked in several industries, including Aerospace, Transportation, Energy, Manufacturing, Financial Services, Government, Health Care, Telecoms, IT Services, and Gas & Oil in different countries and continents.

Marcos was a Canadian MVP in System Center Cloud & Datacenter Managenment and he has +14 years as Microsoft Certified, with more than 100+ certifications (MCT, MCSE, and MCITP, among others). Marcos is also certified in VMware, CompTIA and ITIL v3. He assisted Microsoft in the development of workshops and special events on Private & Hybrid Cloud, Azure, System Center, Windows Server, Hyper-V and as a speaker at several Microsoft TechEd/Ignite and communities events around the world.

Leave a Reply

Your email address will not be published. Required fields are marked *