liminfo

Azure Reference

Free reference guide: Azure Reference

26 results

About Azure Reference

The Azure CLI Reference is a comprehensive, searchable guide to the az command-line interface covering six major Azure service categories. The Compute section alone spans five services: az vm create and az vm list for virtual machine management, az webapp create for App Service deployments with runtime configuration, az functionapp create for serverless Azure Functions with consumption plan billing, and az container create for lightweight Azure Container Instances with public IP assignment. Every command is shown with the resource group, location, and service-specific parameters you actually need.

The Storage section covers az storage account create with SKU options (Standard_LRS for cost efficiency), az storage container create for Blob containers, and az storage blob upload and list for file operations. The Database section covers all three major Azure managed database services: az sql server create and az sql db create for SQL Database, az cosmosdb create with MongoDB API support, and az redis create for Redis Cache. Networking commands include VNet creation with address prefixes and subnet definitions, NSG creation with custom inbound rules (AllowHTTP on ports 80/443), and public IP address provisioning.

The IAM section covers Azure's role-based access control (RBAC) system: az ad sp create-for-rbac for creating service principals with Contributor roles, az role assignment create for granting storage and resource permissions to users or service principals, az role definition list for browsing available roles, and az ad user list for Azure Active Directory user management. The DevOps section bridges infrastructure and application delivery with az pipelines create, az repos create, az boards work-item create, az artifacts universal publish, and az acr build for container image builds in Azure Container Registry.

Key Features

  • Compute: az vm create/list, az webapp create (App Service), az functionapp create (Azure Functions), az container create
  • Storage: az storage account create, az storage container create, az storage blob upload/list with account options
  • Database: az sql server/db create, az cosmosdb create (MongoDB), az redis create with SKU options
  • Networking: az network vnet create (with subnet), az network nsg create/rule create (HTTP/HTTPS), az network public-ip create
  • IAM: az ad sp create-for-rbac, az role assignment create (RBAC), az role definition list, az ad user list
  • DevOps: az pipelines create, az repos create, az boards work-item create, az artifacts universal publish, az acr build
  • All commands include resource group context, location parameters, and realistic option values
  • Filterable by service category for quick access to Compute, Storage, Database, Networking, IAM, or DevOps

Frequently Asked Questions

What is the Azure CLI and how is it different from Azure PowerShell?

The Azure CLI (az) is a cross-platform command-line tool for managing Azure resources, available on Linux, macOS, and Windows. Azure PowerShell uses PowerShell cmdlets (e.g., New-AzVM) and integrates better with Windows scripting environments. Both can do everything in Azure, but the Azure CLI uses bash-style syntax and is preferred in Linux/DevOps environments, while PowerShell is preferred in Windows enterprise environments.

How do I create an Azure VM with SSH access using the CLI?

Run az vm create --resource-group myRG --name myVM --image Ubuntu2204 --size Standard_B2s --admin-username azureuser --generate-ssh-keys. The --generate-ssh-keys flag automatically creates an RSA key pair and stores the public key in the VM and the private key at ~/.ssh/id_rsa. Use --ssh-key-values @~/.ssh/id_rsa.pub to use an existing key instead.

What is an Azure Service Principal and when do I need one?

A Service Principal is an identity created for use with automated tools, applications, or CI/CD pipelines — it is the Azure equivalent of an AWS IAM service account. Use az ad sp create-for-rbac to create one with a specific role (Contributor, Reader, etc.) scoped to a subscription or resource group. Service principals are commonly used in GitHub Actions, Azure DevOps pipelines, and Terraform for authenticating to Azure without using personal credentials.

What is the difference between Azure Blob Storage containers and Azure Container Instances?

Despite sharing the name "container," they are completely different services. Azure Blob Storage containers (az storage container create) are logical groupings of blob files within a storage account — similar to S3 buckets. Azure Container Instances (az container create) run Docker containers as serverless compute — similar to AWS Fargate tasks. Blob containers store files; Container Instances run applications.

How do I deploy a Node.js app to Azure App Service using the CLI?

First create an App Service Plan: az appservice plan create --name myPlan --resource-group myRG --sku B1. Then create the web app: az webapp create --resource-group myRG --plan myPlan --name myWebApp --runtime "NODE:18-lts". Deploy your code with az webapp up or configure continuous deployment from a Git repository using az webapp deployment source config.

How does Azure RBAC work with az role assignment create?

Azure RBAC (Role-Based Access Control) grants access using three elements: a principal (user, group, or service principal), a role (built-in like Reader/Contributor/Owner or custom), and a scope (subscription, resource group, or specific resource). az role assignment create --assignee user@example.com --role "Storage Blob Data Contributor" --scope /subscriptions/{id}/resourceGroups/myRG grants the user blob data access only within that resource group.

What is Azure Container Registry (ACR) and how do I build images with it?

Azure Container Registry is Azure's managed Docker registry for storing and managing container images. az acr build builds a Docker image directly in the cloud without needing Docker installed locally — it uploads your build context to ACR which then runs the build. This is ideal for CI/CD pipelines. The built image is stored in ACR and can be referenced by AKS, App Service, or Container Instances.

How do I set up an NSG rule to allow web traffic in Azure?

First create the NSG: az network nsg create --resource-group myRG --name myNSG. Then add an inbound rule: az network nsg rule create --resource-group myRG --nsg-name myNSG --name AllowHTTP --priority 100 --access Allow --protocol Tcp --destination-port-ranges 80 443. Lower priority numbers have higher precedence in Azure NSGs (unlike AWS security groups which are stateful and allow-only).