Azure Security Operations

From NovaOrdis Knowledge Base
Jump to: navigation, search


Account Operations

az login

The command starts a browser for authentication, and if the login is successful, shows something similar to:

The default web browser has been opened at Please continue the login in the web browser. If no web browser is available or if the web browser fails to open, use device code flow with `az login --use-device-code`.
You have logged in. Now let us find all the subscriptions to which you have access...
    "cloudName": "AzureCloud",
    "homeTenantId": "55555555-9999-4444-bbbb-aaaaaaaaaaaa",
    "id": "99999999-9999-9999-9999-999999999999",
    "isDefault": true,
    "managedByTenants": [],
    "name": " to EA)",
    "state": "Enabled",
    "tenantId": "53ad779a-93e7-485c-ba20-ac8290d7252b",
    "tenantId": <same-as-homeTenantId>,
    "user": {
      "name": "",
      "type": "user"

To avoid starting a browser for authentication [...]. TODO:

Login Status and Account Information

az account list

Set Current Subscription

az account set --subscription ${SUBSCRIPTION_ID}

Role Operations

Assign a Role

az role assignment create –-role Contributor -–assignee <service-principal-id> -g <service-principal-resource-group>