Azure CLI Commands Cheatsheet for DevOps Engineers
A comprehensive collection of Azure CLI commands organized by service and common use cases. Each command includes practical examples and typical DevOps scenarios.
Authentication and Account Management
Login and Subscription
| Command |
Example |
Use Case |
az login |
az login --use-device-code |
Secure login in CI/CD pipelines |
az account set |
az account set --subscription "Production" |
Switch between environments |
az account list |
az account list --query "[].{Name:name, ID:id, State:state}" |
Audit available subscriptions |
az account show |
az account show --query "{Name:name, ID:id}" |
Verify active subscription |
Resource Management
Resource Groups
| Command |
Example |
Use Case |
az group create |
az group create --name prod-rg --location eastus --tags env=prod |
Create tagged resource groups |
az group list |
az group list --query "[].{Name:name, Location:location}" |
Inventory resource groups |
az group delete |
az group delete --name dev-rg --yes --no-wait |
Clean up development resources |
Resource Management
| Command |
Example |
Use Case |
az resource list |
az resource list --resource-group prod-rg --query "[].{Name:name, Type:type}" |
Audit resources |
az resource show |
az resource show --resource-group prod-rg --name myapp --resource-type "Microsoft.Web/sites" |
Resource details |
az resource tag |
az resource tag --tags "env=prod" "owner=team" -g prod-rg -n myapp --resource-type "Microsoft.Web/sites" |
Resource tagging |
Virtual Machines
VM Management
| Command |
Example |
Use Case |
az vm create |
az vm create --resource-group prod-rg --name web-vm --image UbuntuLTS --admin-username azureuser --generate-ssh-keys |
Deploy web servers |
az vm list |
az vm list --resource-group prod-rg --query "[].{Name:name, State:powerState}" |
Monitor VM status |
az vm start |
az vm start --resource-group prod-rg --name web-vm |
Start production VMs |
az vm stop |
az vm stop --resource-group dev-rg --name test-vm |
Stop dev machines |
VM Configuration
| Command |
Example |
Use Case |
az vm extension set |
az vm extension set --resource-group prod-rg --vm-name web-vm --name customScript --publisher Microsoft.Azure.Extensions --settings ./script-config.json |
Configure VM software |
az vm update |
az vm update --resource-group prod-rg --name web-vm --set vmSize=Standard_DS3_v2 |
Scale VM resources |
az vm disk attach |
az vm disk attach --resource-group prod-rg --vm-name db-vm --name data-disk --size-gb 128 |
Add storage capacity |
Azure Kubernetes Service (AKS)
Cluster Management
| Command |
Example |
Use Case |
az aks create |
az aks create --resource-group prod-rg --name prod-cluster --node-count 3 --enable-managed-identity |
Create production cluster |
az aks get-credentials |
az aks get-credentials --resource-group prod-rg --name prod-cluster |
Configure kubectl |
az aks scale |
az aks scale --resource-group prod-rg --name prod-cluster --node-count 5 |
Scale cluster capacity |
az aks nodepool add |
az aks nodepool add --resource-group prod-rg --cluster-name prod-cluster --name gpupool --node-count 2 --node-vm-size Standard_NC6 |
Add specialized nodes |
Cluster Operations
| Command |
Example |
Use Case |
az aks upgrade |
az aks upgrade --resource-group prod-rg --name prod-cluster --kubernetes-version 1.26.0 |
Cluster upgrades |
az aks show |
az aks show --resource-group prod-rg --name prod-cluster --query "currentKubernetesVersion" |
Version management |
az aks update |
az aks update --resource-group prod-rg --name prod-cluster --enable-cluster-autoscaler --min-count 1 --max-count 5 |
Enable autoscaling |
Storage Accounts
Account Management
| Command |
Example |
Use Case |
az storage account create |
az storage account create --name prodstore --resource-group prod-rg --sku Standard_ZRS --https-only true |
Create secure storage |
az storage account list |
az storage account list --query "[].{Name:name, Location:location, Kind:kind}" |
Inventory storage accounts |
az storage account update |
az storage account update --name prodstore --resource-group prod-rg --enable-hierarchical-namespace true |
Enable features |
Container Operations
| Command |
Example |
Use Case |
az storage container create |
az storage container create --account-name prodstore --name backups --auth-mode login |
Create backup storage |
az storage blob upload-batch |
az storage blob upload-batch --account-name prodstore --source ./logs --destination logs |
Upload log files |
az storage blob download-batch |
az storage blob download-batch --account-name prodstore --source backups --destination ./restore |
Restore backups |
App Service
Web App Management
| Command |
Example |
Use Case |
az webapp create |
az webapp create --resource-group prod-rg --plan prod-plan --name myapp --runtime "NODE:16-lts" |
Deploy web applications |
az webapp deployment slot create |
az webapp deployment slot create --resource-group prod-rg --name myapp --slot staging |
Set up staging slots |
az webapp deployment source config |
az webapp deployment source config --resource-group prod-rg --name myapp --repo-url https://github.com/org/app --branch main |
Configure CI/CD |
Configuration
| Command |
Example |
Use Case |
az webapp config set |
az webapp config set --resource-group prod-rg --name myapp --always-on true |
Optimize performance |
az webapp config appsettings set |
az webapp config appsettings set --resource-group prod-rg --name myapp --settings DATABASE_URL="url" API_KEY="key" |
Configure app settings |
az webapp log tail |
az webapp log tail --resource-group prod-rg --name myapp |
Monitor applications |
Networking
Virtual Networks
| Command |
Example |
Use Case |
az network vnet create |
az network vnet create --resource-group prod-rg --name prod-vnet --address-prefix 10.0.0.0/16 |
Create network infrastructure |
az network vnet subnet create |
az network vnet subnet create --resource-group prod-rg --vnet-name prod-vnet --name backend --address-prefix 10.0.1.0/24 |
Segment networks |
az network vnet peering create |
az network vnet peering create --resource-group prod-rg --name peer1to2 --vnet-name vnet1 --remote-vnet vnet2 |
Connect networks |
Security Groups
| Command |
Example |
Use Case |
az network nsg create |
az network nsg create --resource-group prod-rg --name web-nsg |
Create security groups |
az network nsg rule create |
az network nsg rule create --resource-group prod-rg --nsg-name web-nsg --name allow-https --priority 100 --port 443 |
Configure access rules |
az network nsg show |
az network nsg show --resource-group prod-rg --name web-nsg --query "securityRules" |
Audit security rules |
Monitor and Diagnose
Monitoring
| Command |
Example |
Use Case |
az monitor metrics list |
az monitor metrics list --resource-id /subscriptions/xxx/resourceGroups/prod-rg/providers/Microsoft.Web/sites/myapp --metric CPUUsage |
Performance monitoring |
az monitor log-analytics workspace create |
az monitor log-analytics workspace create --resource-group prod-rg --workspace-name prod-logs |
Set up logging |
az monitor diagnostic-settings create |
az monitor diagnostic-settings create --resource-id /subscriptions/xxx/resourceGroups/prod-rg/providers/Microsoft.Web/sites/myapp --workspace prod-logs |
Configure diagnostics |
Best Practices and Tips
# Get JSON output
az vm list --output json
# Format as table
az vm list --output table
# Custom query
az vm list --query "[].{Name:name, Size:hardwareProfile.vmSize}" --output table
Working with Multiple Subscriptions
# Create named profiles
az login --scope https://management.core.windows.net//.default
az configure --defaults group=prod-rg location=eastus
# Use specific subscription
az account set --subscription "Production"
Automation Tips
# Use environment variables
export AZURE_DEFAULTS_GROUP=prod-rg
export AZURE_DEFAULTS_LOCATION=eastus
# Create service principals
az ad sp create-for-rbac --name "github-actions" --role contributor --scope /subscriptions/xxx
# Use managed identities
az vm identity assign --resource-group prod-rg --name web-vm
Video Resources
Getting Started
Advanced Topics
Additional Resources