Loading, please wait...

Become An Author
A to Z Full Forms and Acronyms

How to create Azure Windows VM using Azure Power Shell and Azure CLI

Jun 24, 2021 AzureVM, Azure VirtualMachine, 2213 Views
In this article, we will learn how to create Azure Windows VM using Azure Power Shell and Azure CLI scripts.

Create Azure Windows VM using Azure Power Shell and Azure CLI

In this article, we will work on some automation scripts to create Azure Windows VM. I have already written two articles on Azure VM first one is an overview of Azure Virtual Machine, and then created the first Azure Windows VM from Azure Portal.

Prerequisites: Azure Power Shell and Azure CLI should be installed in your local PC or you can use it to log in Azure Portal and use it from there.

So first we will create Azure Windows VM using Azure Power Shell

Step1: Login to MS Azure Account with your credentials

PS C:\Users\Viren2302\Downloads\PowerShell-6.2.3-win-x64> Connect-AzAccount

Output

WARNING: To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code HUTSGHGS6 to authenticate.

Account                              SubscriptionName                  TenantId                                          Environment
-------                                ----------------                        --------                                            -----------
viren*******@gmail.com   Free Trial                    2*****1a-2djs2-3**7-8cde-db********       AzureCloud

Step2: Create Resource Gourp

PS C:\Users\Viren2302\Downloads\PowerShell-6.2.3-win-x64> New-AzResourceGroup -Name az-learning-ps-rg -Location EastUS

Outout

ResourceGroupName : az-learning-ps-rg
Location : eastus
ProvisioningState : Succeeded
Tags :
ResourceId : /subscriptions/4***5-2***-3**a-a**j-b**d*********/resourceGroups/az-learning-ps-rg

Also, you can check Resource group on Azure Portal

Step3: Create Azure Windows Virtual Machine

PS C:\Users\Viren2302\Downloads\PowerShell-6.2.3-win-x64> New-AzVm -ResourceGroupName "az-learning-ps-rg" -Name "powerS
hellVM" -Location "East US" -VirtualNetworkName "powerShellVnet" -SubnetName "powerShellSubnet" -SecurityGroupName "powe
rShellNSG" -PublicIpAddressName "powerShellPublicIpAddress" -OpenPorts 80,3389

Output

cmdlet New-AzVM at command pipeline position 1
Supply values for the following parameters:
Credential
User: powershelluser
Password for user powershelluser: ************

Note: Above output needs to be filled the username and password.

ResourceGroupName : az-learning-ps-rg
Id : /subscriptions/4***5-2***-3**a-a**j-b**d*********/resourceGroups/az-learning-ps-rg/provide
rs/Microsoft.Compute/virtualMachines/powerShellVM
VmId : b3805f41-5a9a-4061-aee6-33885ba3f7ea
Name : powerShellVM
Type : Microsoft.Compute/virtualMachines
Location : eastus
Tags : {}
HardwareProfile : {VmSize}
NetworkProfile : {NetworkInterfaces}
OSProfile : {ComputerName, AdminUsername, WindowsConfiguration, Secrets, AllowExtensionOperations}
ProvisioningState : Succeeded
StorageProfile : {ImageReference, OsDisk, DataDisks}
FullyQualifiedDomainName : powershellvm-fff044.East US.cloudapp.azure.com

Also, you can check the VM on Azure Portal

Step3: Get the public Ip to access the Virtual Machine

PS C:\Users\Viren2302\Downloads\PowerShell-6.2.3-win-x64> Get-AzPublicIpAddress -ResourceGroupName "az-learning-ps-rg" | Select "IpAddress"

Output

IpAddress
---------
52.168.5.197

Step3: You can access your brand new VM to fire below command or type "Remote Desktop Connection" in your computer and get login by credentials you had provided earlier.

PS C:\Users\Viren2302\Downloads\PowerShell-6.2.3-win-x64> mstsc /v:52.168.5.197

Step3: Delete the resource group to save the extra charges

PS C:\Users\Viren2302\Downloads\PowerShell-6.2.3-win-x64> Remove-AzResourceGroup -Name az-learning-ps-rg

Output

Confirm
Are you sure you want to remove resource group 'az-learning-ps-rg'
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): Y
True

===============================================================================================

Let's start with Azure CLI

Step1: Log in to MS Azure Account with your credentials

Input

C:\Program Files\Microsoft SDKs\Azure\.NET SDK\v2.9>az login

Output
Note, we have launched a browser for you to login. For old experience with device code, use "az login --use-device-code"
You have logged in. Now let us find all the subscriptions to which you have access...
[
{
"cloudName": "AzureCloud",
"id": "4***5-2***-3**a-a**j-b**d*********",
"isDefault": true,
"name": "Free Trial",
"state": "Enabled",
"tenantId": "2b77ae1a-2d32-4807-8cde-dbb56ac43a64",
"user": {
"name": "viren******@gmail.com",
"type": "user"
}
}
]

Step2: Create a resource group

C:\Program Files\Microsoft SDKs\Azure\.NET SDK\v2.9>az group create --name az-learning-azurecli-rg --location eastus

Output
{
"id": "/subscriptions/4***5-2***-3**a-a**j-b**d*********/resourceGroups/az-learning-azurecli-rg",
"location": "eastus",
"managedBy": null,
"name": "az-learning-azurecli-rg",
"properties": {
"provisioningState": "Succeeded"
},
"tags": null,
"type": "Microsoft.Resources/resourceGroups"
}

You can check the resource group on the portal as well

Step3: Create Azure Windows Virtual Machine

C:\Program Files\Microsoft SDKs\Azure\.NET SDK\v2.9>az vm create --resource-group az-learning-azurecli-rg --name azurecliVM --image win2016datacenter --admin-username azurecliuser --admin-password Azure@cliuser

Output
{
"fqdns": "",
"id": "/subscriptions/4***5-2***-3**a-a**j-b**d*********/resourceGroups/az-learning-azurecli-rg/providers/Microsoft.Compute/virtualMachines/azurecliVM",
"location": "eastus",
"macAddress": "00-0D-3A-1B-8E-EF",
"powerState": "VM running",
"privateIpAddress": "10.0.0.4",
"publicIpAddress": "52.170.40.221",
"resourceGroup": "az-learning-azurecli-rg",
"zones": ""
}

Also, you can verify on Portal

Step4: Open TCP port 80 for use with the IIS web server

C:\Program Files\Microsoft SDKs\Azure\.NET SDK\v2.9>az vm open-port --port 80 --resource-group az-learning-azurecli-rg --name azurecliVM

Output

{
"defaultSecurityRules": [
{
"access": "Allow",
"description": "Allow inbound traffic from all VMs in VNET",
"destinationAddressPrefix": "VirtualNetwork",
"destinationAddressPrefixes": [],
"destinationApplicationSecurityGroups": null,
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Inbound",
"etag": "W/\"2b8bc752-f4fe-4aff-828b-386aafbb98a6\"",
"id": "/subscriptions/4***5-2***-3**a-a**j-b**d*********/resourceGroups/az-learning-azurecli-rg/providers/Microsoft.Network/networkSecurityGroups/azurecliVMNSG/defaultSecurityRules/AllowVnetInBound",
"name": "AllowVnetInBound",
"priority": 65000,
"protocol": "*",
"provisioningState": "Succeeded",
"resourceGroup": "az-learning-azurecli-rg",
"sourceAddressPrefix": "VirtualNetwork",
"sourceAddressPrefixes": [],
"sourceApplicationSecurityGroups": null,
"sourcePortRange": "*",
"sourcePortRanges": [],
"type": "Microsoft.Network/networkSecurityGroups/defaultSecurityRules"
},
{
"access": "Allow",
"description": "Allow inbound traffic from azure load balancer",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationApplicationSecurityGroups": null,
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Inbound",
"etag": "W/\"2b8bc752-f4fe-4aff-828b-386aafbb98a6\"",
"id": "/subscriptions/4***5-2***-3**a-a**j-b**d*********/resourceGroups/az-learning-azurecli-rg/providers/Microsoft.Network/networkSecurityGroups/azurecliVMNSG/defaultSecurityRules/AllowAzureLoadBalancerInBound",
"name": "AllowAzureLoadBalancerInBound",
"priority": 65001,
"protocol": "*",
"provisioningState": "Succeeded",
"resourceGroup": "az-learning-azurecli-rg",
"sourceAddressPrefix": "AzureLoadBalancer",
"sourceAddressPrefixes": [],
"sourceApplicationSecurityGroups": null,
"sourcePortRange": "*",
"sourcePortRanges": [],
"type": "Microsoft.Network/networkSecurityGroups/defaultSecurityRules"
},
{
"access": "Deny",
"description": "Deny all inbound traffic",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationApplicationSecurityGroups": null,
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Inbound",
"etag": "W/\"2b8bc752-f4fe-4aff-828b-386aafbb98a6\"",
"id": "/subscriptions/4***5-2***-3**a-a**j-b**d*********/resourceGroups/az-learning-azurecli-rg/providers/Microsoft.Network/networkSecurityGroups/azurecliVMNSG/defaultSecurityRules/DenyAllInBound",
"name": "DenyAllInBound",
"priority": 65500,
"protocol": "*",
"provisioningState": "Succeeded",
"resourceGroup": "az-learning-azurecli-rg",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourceApplicationSecurityGroups": null,
"sourcePortRange": "*",
"sourcePortRanges": [],
"type": "Microsoft.Network/networkSecurityGroups/defaultSecurityRules"
},
{
"access": "Allow",
"description": "Allow outbound traffic from all VMs to all VMs in VNET",
"destinationAddressPrefix": "VirtualNetwork",
"destinationAddressPrefixes": [],
"destinationApplicationSecurityGroups": null,
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Outbound",
"etag": "W/\"2b8bc752-f4fe-4aff-828b-386aafbb98a6\"",
"id": "/subscriptions/4***5-2***-3**a-a**j-b**d*********/resourceGroups/az-learning-azurecli-rg/providers/Microsoft.Network/networkSecurityGroups/azurecliVMNSG/defaultSecurityRules/AllowVnetOutBound",
"name": "AllowVnetOutBound",
"priority": 65000,
"protocol": "*",
"provisioningState": "Succeeded",
"resourceGroup": "az-learning-azurecli-rg",
"sourceAddressPrefix": "VirtualNetwork",
"sourceAddressPrefixes": [],
"sourceApplicationSecurityGroups": null,
"sourcePortRange": "*",
"sourcePortRanges": [],
"type": "Microsoft.Network/networkSecurityGroups/defaultSecurityRules"
},
{
"access": "Allow",
"description": "Allow outbound traffic from all VMs to Internet",
"destinationAddressPrefix": "Internet",
"destinationAddressPrefixes": [],
"destinationApplicationSecurityGroups": null,
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Outbound",
"etag": "W/\"2b8bc752-f4fe-4aff-828b-386aafbb98a6\"",
"id": "/subscriptions/4***5-2***-3**a-a**j-b**d*********/resourceGroups/az-learning-azurecli-rg/providers/Microsoft.Network/networkSecurityGroups/azurecliVMNSG/defaultSecurityRules/AllowInternetOutBound",
"name": "AllowInternetOutBound",
"priority": 65001,
"protocol": "*",
"provisioningState": "Succeeded",
"resourceGroup": "az-learning-azurecli-rg",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourceApplicationSecurityGroups": null,
"sourcePortRange": "*",
"sourcePortRanges": [],
"type": "Microsoft.Network/networkSecurityGroups/defaultSecurityRules"
},
{
"access": "Deny",
"description": "Deny all outbound traffic",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationApplicationSecurityGroups": null,
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Outbound",
"etag": "W/\"2b8bc752-f4fe-4aff-828b-386aafbb98a6\"",
"id": "/subscriptions/4***5-2***-3**a-a**j-b**d*********/resourceGroups/az-learning-azurecli-rg/providers/Microsoft.Network/networkSecurityGroups/azurecliVMNSG/defaultSecurityRules/DenyAllOutBound",
"name": "DenyAllOutBound",
"priority": 65500,
"protocol": "*",
"provisioningState": "Succeeded",
"resourceGroup": "az-learning-azurecli-rg",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourceApplicationSecurityGroups": null,
"sourcePortRange": "*",
"sourcePortRanges": [],
"type": "Microsoft.Network/networkSecurityGroups/defaultSecurityRules"
}
],
"etag": "W/\"2b8bc752-f4fe-4aff-828b-386aafbb98a6\"",
"id": "/subscriptions/4***5-2***-3**a-a**j-b**d*********/resourceGroups/az-learning-azurecli-rg/providers/Microsoft.Network/networkSecurityGroups/azurecliVMNSG",
"location": "eastus",
"name": "azurecliVMNSG",
"networkInterfaces": [
{
"dnsSettings": null,
"enableAcceleratedNetworking": null,
"enableIpForwarding": null,
"etag": null,
"hostedWorkloads": null,
"id": "/subscriptions/4***5-2***-3**a-a**j-b**d*********/resourceGroups/az-learning-azurecli-rg/providers/Microsoft.Network/networkInterfaces/azurecliVMVMNic",
"ipConfigurations": null,
"location": null,
"macAddress": null,
"name": null,
"networkSecurityGroup": null,
"primary": null,
"privateEndpoint": null,
"provisioningState": null,
"resourceGroup": "az-learning-azurecli-rg",
"resourceGuid": null,
"tags": null,
"tapConfigurations": null,
"type": null,
"virtualMachine": null
}
],
"provisioningState": "Succeeded",
"resourceGroup": "az-learning-azurecli-rg",
"resourceGuid": "b9cec310-0d99-4a71-bef9-2e17dbd5f28e",
"securityRules": [
{
"access": "Allow",
"description": null,
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationApplicationSecurityGroups": null,
"destinationPortRange": "3389",
"destinationPortRanges": [],
"direction": "Inbound",
"etag": "W/\"2b8bc752-f4fe-4aff-828b-386aafbb98a6\"",
"id": "/subscriptions/4***5-2***-3**a-a**j-b**d*********/resourceGroups/az-learning-azurecli-rg/providers/Microsoft.Network/networkSecurityGroups/azurecliVMNSG/securityRules/rdp",
"name": "rdp",
"priority": 1000,
"protocol": "Tcp",
"provisioningState": "Succeeded",
"resourceGroup": "az-learning-azurecli-rg",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourceApplicationSecurityGroups": null,
"sourcePortRange": "*",
"sourcePortRanges": [],
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"access": "Allow",
"description": null,
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationApplicationSecurityGroups": null,
"destinationPortRange": "80",
"destinationPortRanges": [],
"direction": "Inbound",
"etag": "W/\"2b8bc752-f4fe-4aff-828b-386aafbb98a6\"",
"id": "/subscriptions/4***5-2***-3**a-a**j-b**d*********/resourceGroups/az-learning-azurecli-rg/providers/Microsoft.Network/networkSecurityGroups/azurecliVMNSG/securityRules/open-port-80",
"name": "open-port-80",
"priority": 900,
"protocol": "*",
"provisioningState": "Succeeded",
"resourceGroup": "az-learning-azurecli-rg",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourceApplicationSecurityGroups": null,
"sourcePortRange": "*",
"sourcePortRanges": [],
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
}
],
"subnets": null,
"tags": {},
"type": "Microsoft.Network/networkSecurityGroups"
}

Step5: You can access your brand new VM to fire below command or type "Remote Desktop Connection" in your computer and get login by credentials you had provided earlier.

C:\Program Files\Microsoft SDKs\Azure\.NET SDK\v2.9>mstsc /v:52.170.40.221

Step6: Delete the resource group to save the extra charges

C:\Program Files\Microsoft SDKs\Azure\.NET SDK\v2.9>az group delete --resource-group az-learning-azurecli-rg

Output
Are you sure you want to perform this operation? (y/n): y

I hope, this article will help you with automation work.

Thank You

A to Z Full Forms and Acronyms

Related Article

What is Azure API Management - How to do Subscription Key rotation
Azure Dashboard Walkthrough 2022
AzureDevOps- Automated Testing using Azure Storage with Azurite
Azure - SFTP-SSH API Connection for LogicApps
Azure Databricks Creation using PowerShell and Terraform
CRUD API with ASP.NET and Azure SQL Server by Aditya Oberai | TutorialsLink Student Developer Conference 2021
Top 25 interview questions of Azure
What is Azure Kinect DK ?

Advertisement

JOIN TUTORIALS LINK

Our Newsletter Will Let You Know When Any New
Articles, Tutorials and Video Are Released.

CONTRIBUTE

MOBILE APP

Google Play

Follow us

Copyright © 2024. All Rights Reserved.