When it comes to managing your resources in Microsoft Azure by using the command line, we can use therefore mainly the Azure PowerShell or Azure CLI.

Azure PowerShell is tailored for users who are familiar with PowerShell scripting and Windows environments, while Azure CLI offers a more cross-platform, Bash-like experience that works seamlessly across Linux, macOS, and Windows.

Whether you’re automating complex deployments or managing resources on the fly, understanding these tools is essential for effective cloud administration.

Below I will show the basics about both and update the post on a regular basis.


Table Of Contents
  1. Azure CLI
  2. Azure PowerShell
  3. Links


Azure CLI


az login

To connect to your Azure tenant and subscriptions we can use the following commands.

By default, this command logs in with a user account. CLI will try to launch a web browser
to log in interactively. If a web browser is not available, CLI will fall back to device
code login.

After executing this command, you can logout from an Azure account using az logout.

> az login --tenant <tenant id>


After we are logged-in to our tenant, we can change the active subscription by using the following commands.

# change the active subscription by using the subscription name
> az account set --subscription "My Demos"

# change the active subscription by using the subscription ID
> az account set --subscription "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"

az login –service-principal

We can also login with a service principal and by using its client secret as password.

> az login --service-principal -u <app-id> -p <password-or-cert> --tenant <tenant-id>


The available created service principals in our tenant we find in the Azure portal in Entra ID -> Manage –> App registrations -> All applications.

service principal in Azure is an identity used by applications, services, and automation tools (like scripts or CI/CD pipelines) to access Azure resources without requiring a human user to log in.

Service principals are listed under App Registrations in Entra ID because they are inherently linked to an application object, the two work together to define an app’s identity and permissions in Azure.

They represents the local instance of that application in a specific Entra ID tenant.


The password finally is the client secret’s value below.


The service principal also appears within the Enterprise Applications in Entra ID.

Enterprise Applications is where you manage service principals (actual permissions & access), while App Registrations is where you define application objects (authentication & API permissions).

Azure PowerShell


Connect-AzAccount

To connect to your Azure tenant and subscriptions we can use the following commands.

Connect to Azure with an authenticated account for use with cmdlets from the Az PowerShell modules. After executing this cmdlet, you can disconnect from an Azure account using Disconnect-AzAccount.

PS> Connect-AzAccount

or by already setting the active subscription
PS> Connect-AzAccount -Subscription <subscription ID>


Or by using the Get-Credential cmdlet.

PS> $Credential = Get-Credential


PS> Connect-AzAccount -Credential $Credential


Source: https://learn.microsoft.com/en-us/powershell/module/az.accounts/connect-azaccount?view=azps-13.3.0

Connect-AzAccount -ServicePrincipal

We can also login with a service principal and by using its client secret as password.

PS> $tenantId = "your-tenant-id"  
PS> $subscriptionID = "subscription-id"
PS> $clientId = "your-service-principal-app-id"  
PS> $clientSecret = "your-client-secret" | ConvertTo-SecureString -AsPlainText -Force  

PS> $credential = New-Object System.Management.Automation.PSCredential($clientId, $clientSecret)  

PS> Connect-AzAccount -ServicePrincipal -Credential $credential -Tenant $tenantId -Subscription $subscriptionID

Links

Choose the right Azure command-line tool
https://learn.microsoft.com/en-us/cli/azure/choose-the-right-azure-command-line-tool?view=azure-cli-latest