Azure PowerShell
Azure PowerShell includes a powerful set of PowerShell cmdlets (pronounced command-lets) that can be used to manage and administer Azure services from a command line. Scripts developed with Azure PowerShell can be run in the Azure Portal through the Azure Cloud Shell or through the Windows PowerShell command prompt or Integrated Scripting Environment (ISE) on a local machine or VM. Keep in mind that developing and running Azure PowerShell scripts locally requires the Azure Az PowerShell module to be installed on the machine. Steps and considerations for installing the Azure Az PowerShell module can be found at https://docs.microsoft.com/en-us/powershell/azure/install-az-ps?view=azps-6.3.0#installation. This module comes preinstalled on the Azure Cloud Shell, allowing users to immediately use the Azure Az module cmdlets in PowerShell scripts.
The Azure Cloud Shell is a web-based interface that allows users to run PowerShell and Azure CLI scripts in the Azure Portal. You can access the Azure Cloud Shell by selecting the Cloud Shell icon in the upper-right corner of the Azure Portal. Figure 2.16 illustrates what this icon looks like in the Azure Portal.
FIGURE 2.16 Azure Cloud Shell icon
Once the Azure Cloud Shell loads at the bottom of the screen, you will be able to develop and run Bash or PowerShell scripts to manage Azure services. Switch from Bash to PowerShell to run Azure PowerShell commands.
Relational databases can be easily deployed using an Azure PowerShell script. These scripts can define every option related to deploying a relational database, such as where it is deployed, the type of database, the administrator account username and password, network isolation settings, and the service tier. The following code snippet is an Azure PowerShell script that creates the following resources:
- A resource group to logically contain the logical server and its databases
- A logical server and an IP firewall rule that will open port 1433 on the logical server to a defined range of IP addresses
- The username and password for the server’s administrator account
- An Azure SQL Database, its initial service tier, and the initial number of vCores it is allocated
<#
Sign into your Azure environment. Not
required if running this script in the Azure Cloud Shell
#>
Connect-AzAccount
<#
Set the ID for the Subscription this database
is being deployed to. Also not needed if running in the Azure Cloud Shell
#>
$SubscriptionId = “<Azure Subscription ID>”
# Set the resource group name and location for the logical server
$resourceGroupName = “sql001”
$location = “eastus2”
# Set an admin login and password for your server
$adminSqlLogin = “dp900admin”
$password = “<Admin Password>”
# Set a logical server name
$serverName = “dp900sql001sv”
# Set a database name
$databaseName = “dp900sql001db”
<#
The IP address range that you want to allow to
access your server. This is optional and can be
set after the deployment has finished.
#>
$startIp = “<First IP Address in Range>”
$endIp = “<Last IP Address in Range>”
# Set subscription
Set-AzContext -SubscriptionId $subscriptionId
# Create the resource group
$resourceGroup = New-AzResourceGroup -Name $resourceGroupName -Location ` $location
# Create the logical server
$server = New-AzSqlServer -ResourceGroupName $resourceGroupName `
-ServerName $serverName `
-Location $location `
-SqlAdministratorCredentials $(New-Object -TypeName System.Management.Automation.PSCredential
-ArgumentList $adminSqlLogin,
$(ConvertTo-SecureString -String $password -AsPlainText -Force))
<#
Create a server firewall rule that allows
access from the specified IP range
#>
$serverFirewallRule = New-AzSqlServerFirewallRule `
-ResourceGroupName $resourceGroupName `
-ServerName $serverName `
-FirewallRuleName “AllowedIPs” -StartIpAddress $startIp -EndIpAddress ` $endIp
# Create a blank database that uses the General Purpose service tier
$database = New-AzSqlDatabase -ResourceGroupName $resourceGroupName `
-ServerName $serverName `
-DatabaseName $databaseName `
-Edition “GeneralPurpose” `
-Vcore 2