Azure

Azure – Generate report for unattached Azure disks (managed and un-managed)

When you delete a virtual machine (VM) in Azure, by default, any disks that are attached to the VM aren’t deleted. This feature helps to prevent data loss due to the unintentional deletion of VMs. After a VM is deleted, you will continue to pay for unattached disks.

Unattached MANAGED disks:

When a managed disk is attached to a VM, the ManagedBy property contains the resource ID of the VM. When a managed disk is unattached, the ManagedBy property is null. The script examines all the managed disks in an Azure subscription. When the script locates a managed disk with the ManagedBy property set to null, the script determines that the disk is unattached.

Unattached UN-MANAGED disks:

When an unmanaged disk is attached to a VM, the LeaseStatus property is set to Locked. When an unmanaged disk is unattached, the LeaseStatus property is set to Unlocked. The script examines all the unmanaged disks in all the Azure storage accounts in an Azure subscription. When the script locates an unmanaged disk with a LeaseStatus property set to Unlocked, the script determines that the disk is unattached.

SCRIPT:

Download the script here

PowerShell script to generate a report of unattached VHD disks. This script will create two files – unattached_managed_disks.csv, unattached_un_managed_disks.csv

These two files will contain details about VHD files that are not attached to an Azure virtual machine.

NOTE: You have to login into your account before running the script. “login-azurermaccount” to log in to your account.

You can use the generated CSV to better manage your Azure infrastructure. Understand why the disks are not in use and take an informed decision on whether you want to delete or re-use them. Thus helping you to identify resources that are not being utilized and to reduce cost.

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

Azure – Who de-allocated my virtual machine?

Many a time we might want to know details about certain operations performed on our Azure resources.

Once such case study would be to track how many virtual machines are being de-allocated by users, so we can make a decision on not to monitor them.

I have written a simple script that would make the tracking easy.

Download the script

This script will fetch information of certain Azure operation against Azure resources and create a CSV file. Specifically, this script will create a CSV file that contains a list of Azure operations that de-allocates an Azure virtual machine.

You may alter the IF condition statement to produce desired results.

Example, fetch operational logs for Azure Storage only. Or fetch operational logs for re-start VM or any operation on any Azure resource.

The CSV file will be saved in the same folder from where you run the script and will be saved as “Azure_activity_logs.csv”

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

Azure – Audit report (Azure automation runbook)

The PowerShell script is an Azure automation runbook that pulls the below data and populates the data into a CSV file. The script then summarizes the data into an email’s body and sends an email to the recipient with the CSV files as attachments.

If the Azure automation runbook is scheduled to run every day, you will get a summary/high-level view of what is happening in your environment to your email box. The email could be the first report any organization’s high management would desire to look at.

1. Count of De-allocated Azure virtual machines

2. Count of Running Azure virtual machines

3. Count of Stopped Azure virtual machines

4. Count of Azure virtual machines that do not have native backup configured (Azure Back up and Recovery service)

5. Count of Inbound Security rules that causes vulnerability

Download the script

Sample Summary:

Email is sent via SendGrid service. You need to update the script with your SendGrid credentials.

You may choose a “Free Tier” pricing for SendGrid. Below is documentation to create a SendGrid account:

https://docs.microsoft.com/en-us/azure/sendgrid-dotnet-how-to-send-email

Note: The script is an Azure Automation runbook. You have to run it from an Azure Automation account.

If you would like me to add more data that would be useful as an Azure audit report, please let me know.

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

Azure – Change the Diagnostic storage account for Azure virtual machine

Today we shall see how to change the Diagnostic storage account for an Azure virtual machine.

Step1: Locate your Azure virtual machine in the Azure portal.

Step2: Select “Boot Diagnostics” under the “Support + Troubleshoot” pane.

This slideshow requires JavaScript.

Step 3: Click on “Settings”

Step 4: Select the Storage account that you want to be your “Boot diagnostic storage account” for your virtual machine. Then click on “save.”

This slideshow requires JavaScript.

Note: The list of Storage account that gets populated are the ones that are available in the subscription and the same region where the Virtual machine is created.

Also, Existing diagnostics will not appear in the portal if you change the storage account.

Hope this blog helped you. If you want me to write on any topic, please let me know in the comments section.

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

Azure – Server Inventory solution

This blog post is dedicated to IT Operations team and administrators who are managing Cloud Infrastructure. The recommended practice while providing managed service to any client is to have a CMDB (Configuration Management Database), which tracks the list of servers and the corresponding details, that we are managing for the client.

However, considering the dynamic nature of the cloud environment, it is a difficult task to maintain such a database. Manually updating the list of servers/server inventory is tedious and error-prone. The only solution is to have an automated approach to this problem.

Below is my solution:

The PowerShell script will extract virtual machines and their details. In this particular case, the script will consider virtual machines, which has tags (‘owner’,’Manju’). That is, I want to manage virtual machines owned only by me. You can go ahead and make changes to the script if you have a different requirement.

Next, the script will write the data into an Azure table. Remember, that the Azure table has to be created before running the script. Another option is Azure Cosmos DB.

Next, you can upload this script to your Azure Automation account or a dedicated windows server. Then, schedule this script to run every one hour to track your server inventory.

The script uses cmdlets from the “AzureRmStorageTable” PowerShell module.

Execute “Install-Module AzureRmStorageTable” to install the module.

Note: You have to alter the script when you schedule the script. The login mechanism is different for “Azure Automation” and “Task scheduler via Windows server”. The login mechanism of the below script is to execute it directly (manually) from PowerShell console or PowerShell ISE.

Script:

# Author: Manjunath Rao
# Date: Febuary 13, 2018

# Install-Module AzureRmStorageTable –>> THIS MODULE NEEDED

# Login to Azure
Login-AzureRmAccount
## Code to create Azure table storage context
$azure_table_storage_account_name = “xxx”
$azure_table_name = “xxx”
$azure_table_partitionKey = “xxx”
$azure_table_rowkey = “xxx”

$azure_table_resource_group = “xxx”

$storage_account_context = (Get-AzureRmStorageAccount -ResourceGroupName $azure_table_resource_group -Name $azure_table_storage_account_name).Context

$azure_table_object = Get-AzureStorageTable -Name $azure_table_name -Context $storage_account_context

############################################

# Getting all the resource group
$resource_group_list = Get-AzureRmResourceGroup

# Iterating through the resource group
foreach($resource_group_list_iterator in $resource_group_list){

# Since the solution applies for virtual machines,
# obtain the list of virtual machines for the resource group
$virtual_machine_list = get-azurermvm -ResourceGroupName $resource_group_list_iterator.ResourceGroupName

# Proceed only when resource group contains virtual machines
if(!($virtual_machine_list -eq $null)){

# Iterate through the virtual machine list
foreach($virtual_machine_list_iterator in $virtual_machine_list){

# Creat an unique ID by concatinating ‘Resource Group name’ and ‘Virtual Machine name’
$unique_id = $resource_group_list_iterator.ResourceGroupName + $virtual_machine_list_iterator.name
#Write-Host $unique_id
$tag_list = $virtual_machine_list_iterator.Tags

$tag_list.GetEnumerator() | foreach {
#write-host $_.key
#Write-Host $_.value
#write-host “”

$partitionKey1 = $unique_id

if($_.key -eq ‘owner’ -and $_.value -eq ‘manju’) {
#write-host “true”
$virtual_machine_name = $virtual_machine_list_iterator.Name.ToString()
$virtual_machine_resource_group_name = $resource_group_list_iterator.ResourceGroupName.ToString()
$virtual_machine_location = $virtual_machine_list_iterator.Location.ToString()
$virtual_machine_size = $virtual_machine_list_iterator.HardwareProfile.VmSize.ToString()
$virtual_machine_operating_system = $virtual_machine_list_iterator.StorageProfile.ImageReference.Offer.ToString()

$hash = @{}
#$hash.add(‘currentDate’, $current_date)
$hash.Add(‘VMName’,$virtual_machine_resource_group_name)
$hash.Add(‘ResourceGroup’,$virtual_machine_resource_group_name)
$hash.add(‘Location’,$virtual_machine_location)
$hash.add(‘VMSize’,$virtual_machine_size)
$hash.add(‘OperatingSystem’,$virtual_machine_operating_system)

# Write data into azure table
Add-StorageTableRow -table $azure_table_object -partitionKey (“CA1”) -rowKey ([guid]::NewGuid().tostring()) -property $hash

}
}

}

On the other hand, if you would like to fetch inventory details, and just save it in an excel sheet, I have the perfect scripts that do the job for you:

https://manjunathrao.com/2017/12/04/powershell-generte-azure-paas-inventory/

https://manjunathrao.com/2016/12/30/powershell-generate-azure-inventory/

https://manjunathrao.com/2017/04/06/powershell-generate-aws-inventory/

Click here to download my PowerShell scripts for Free !!

Powershell – Extract user list from Azure Active Directory to an excel file

This script will authenticate to your Azure Active Directory and fetch all the user details. Finally, it will save the details to the excel sheet.

Below is the link to the script:

https://gallery.technet.microsoft.com/scriptcenter/Extract-user-list-from-6cb9a93c

Below are the user attributes the script fetches:

1. Display Name

2. Object ID

3. Type

4. Principal Name

5. Role Name

6. Role Description

The excel sheet is saved as: C:\AzureADUserList\AzureADUserList.xlsx

Pre-Requisites: This script needs ‘MSOnline’ and ‘AzureRM’ PowerShell modules

Click here to download my PowerShell scripts for Free !!

PowerShell – Generate Azure PaaS Inventory

This PowerShell script helps you to maintain an inventory sheet of your Azure Platform-As-A-Service services. So that you can refer to them anytime you want.

Also, it serves a quick way to generate a report when your client needs to have a quick look at their PaaS services.

Below is the flow

The script logins to your Azure account and fetches the details of your Azure PaaS resources – Azure CDN and Azure WebApps.
It creates one worksheet for each Azure resource.
The user is prompted to select the subscription.Powershell Exception handling is implemented.
The user is again prompted if he wishes to view the excel sheet once the script is finished running.

** The script assumes you are using Powershell v5.0 and have excel module. (Basically, you should have MSOffice installed)

Below is the link to the script:

https://gallery.technet.microsoft.com/scriptcenter/Azure-PaaS-inventory-using-d1872989

I have also written script to generate:

Azure IaaS Inventory

AWS IaaS Inventory

Click here to download my PowerShell scripts for Free !!

Azure – First look into Cloudlyn (Azure’s Cost management service)

This is a continuation of my first blog on Cloudlyn. Below is the link to my first blog. It guides you to register for Cloudlyn if you have an Azure subscription.

AZURE – COST MANAGEMENT BETTER THAN EVER USING CLOUDYN (REGISTRATION)

In this post, let us take a first-look into Cloudlyn’s Cost management console and the features Cloudlyn offers.

Once you have completed the registration with Cloudlyn as explained in my first blog (link shared above). You can access the Cloudlyn’s Cost management portal by:

Log into Azure portal
Navigate to “Cost Management + Billing.”
Click on “Go to Cost Management” button
A new window will be opened with an URL – https://azure.cloudyn.com/dashboard#/tool/enterprise_dashboard

Once you navigate to the URL, below is the page you see. This is Cloudlyn’s Management Dashboard.

Below is the Annual Projected Annual cost. I have used only Azure Storage and Azure Network. If you have used more services, their costs will also be projected here.

We can also view Current and Previous Month Projected Cost. This is very useful to track changes in infrastructure costing more than usual.

The “Actual Cost Analysis” will provide cost by Services, Providers, and Accounts. This graph can be further customized. Groups (highlighted below) provides plenty of options that we can check as per our requirement. Finally, you can choose an option from many of the Actions (highlighted below) on what to do with the report. Save / Copy / Export etc.,

The “Actual Cost Over Time” lets you pull up a report to analyze the cost over a range of time.

Cloudlyn also offers an “Alert Management” feature that alerts you when certain thresholds are crossed as per alert’s configuration.

“Cost vs. Threshold” is one of many alerts. As you can see Cloudlyn offers you many options to customize the alert policy. Alerts will be sent to an email ID.

Finally, the last noticeable feature is “Data Transfer.” You can either Analyze data transfer usage or view the trend of data transfer.

These are the noticeable features that I felt to be very valuable.

If you found any other feature to be worth mentioning, let me know in the comments section.

If the content of this blog is valuable to you, do consider sharing with your friends and colleagues.

Click here to download my PowerShell scripts for Free !!

Azure – Cost Management Better Than Ever Using Cloudyn (Registration)

Microsoft’s acquisition of Cloudyn will help Azure customers manage and optimize their cloud usage. Read more about the acquisition here. A message from Sharon Wagner, CEO of Cloudyn.

About Cloudyn

Azure Cost Management by Cloudyn empowers organizations to monitor cloud spend, drive organizational accountability, and optimize cloud efficiency so they can accelerate future cloud investments with confidence.

Microsoft’s acquisition of Cloudyn will help Azure customers and partners as they face the challenges of growing their multi-cloud environments. It will enable them to gain visibility, understand and optimize cloud consumption, as well as accurately project future usage.

Microsoft will continue to support multi-cloud environments, including Azure, AWS, and GCP. Azure Cost Management by Cloudyn is available for free to customers and partners managing Azure spend. Additional premium capabilities are available at no cost through June 2018, once they will become paid features.

Let us look into how to sign up to Cloudyn if you are an Azure customer

Step 1: Login to your Azure Subscription via the Azure portal. Select the “Cost Management + Billing” blade. Then select “Cost Management” from the options on the left-hand side of the pane.

Click on “Go to Cost Management”

Step 2: Once you click the”Go to Cost Management” button, you will be redirected to Cloudlyn’s page to set up your Cost Management details.

Enter your organization name and the type of Azure access you have on your Azure account. I have a personal subscription, so I have chosen as “Azure Individual Subscription Owner.”

Step 3: Cloudlyn Account name and Tenant ID will be automatically populated. Now, select the offer-ID from the drop-down list.

If you do not know your Offer-ID, then go back to your Azure portal. Click on “Subscriptions,” that should provide you the type of subscription that you have.

Step 4: Click “Next”

Step 5: Click “Next”

Step 6: We are done with the registration with Cloudlyn. Cloudlyn needs about 2 hours for collecting the data.

If you find the content valuable, do consider sharing with your friends and colleagues.

Click here to download my PowerShell scripts for Free !!

Azure – PowerShell in Azure Cloud Shell

Today we are looking into PowerShell in Azure Cloud Shell. This is still in public preview as of this writing.

If you are wondering why Microsoft would introduce a PowerShell console inside the Azure Cloud Shell, then have a look at the below features:

Features

Browser-based shell experience

Cloud Shell enables access to a browser-based command-line experience built with Azure management tasks in mind. Leverage Cloud Shell to work untethered from a local machine in a way only the cloud can provide.

Choice of preferred shell experience

Azure Cloud Shell gives you the flexibility of choosing the shell experience that best suits the way you work. Linux users can opt for a Bash experience, while Windows users can opt for PowerShell.

Pre-configured Azure workstation

Cloud Shell comes pre-installed with popular command-line tools and language support so you can work faster.
View the full tooling list for Bash experience and PowerShell experience.

Automatic authentication

Cloud Shell securely authenticates automatically on each session for instant access to your resources through the Azure CLI 2.0.

Connect your Azure File storage

Cloud Shell machines are temporary and as a result, require an Azure file share to be mounted as clouddrive to persist your $Home directory. On the first launch, Cloud Shell prompts to create a resource group, storage account, and file share on your behalf. This is a one-time step and will be automatically attached for all sessions. A single file share can be mapped and will be used by both Bash and PowerShell in Cloud Shell.

Below are some conditions that we have to remember:

Cloud Shell runs on a temporary machine provided on a per-session, per-user basis
Cloud Shell times out after 20 minutes without interactive activity
Cloud Shell can only be accessed with a file share attached
Cloud Shell uses the same file share for both Bash and PowerShell
Cloud Shell is assigned one machine per user account
Permissions are set as a regular Linux user (Bash)

Now that we have some background knowledge on the PowerShell in Cloud Shell, let us dig more into the usage of it:

To access the Cloud Shell, click on the PowerShell icon in the Azure portal:

Once you click on the icon, a pane is opened at the bottom of the screen as shown below. You can choose from two options – BASH or PowerShell. Since we are interested in learning PowerShell in CloudShell, let us choose PowerShell as our desired option.

When you are starting for the first time, the Shell will configure an Azure File Storage. Cloud Shell machines are temporary and as a result, require an Azure file share to be mounted as clouddrive to persist your $Home directory. Alternatively, if you have multiple subscriptions, you will be allowed to choose your favorite subscription to work with.

Azure Authentication, Resource Group, Storage Account and File Storage are automatically created as shown below:

Testing an Azure command. Works perfectly.

If you are idle for more than 20 minutes, you will be kicked off the session, and you will have to start the session again:

Discovering the drives under PowerShell in Cloud Shell:

Now let us execute the Get-ChildItem cmdlet and see what we can find.

As we can see, running the Get-ChildItem in the current scope will list out the subscriptions that your account is associated with.

Traversing one step deeper into the directory, we can see the resources related to the subscription.

Let us get into the “StroageAccounts” directory to confirm if we get to see a list of Storage Accounts under the selected subscription:

PowerShell cmdlets to manage PowerShell in Cloud Shell:

From the below information, we can see that Microsoft provides us two cmdlets to work with the cloud shell.

Get-CloudDrive provides the details of the “Azure File Share” that was created when the cloud shell started. You may continue to use the cloud share. However, if you want a new one, you can dismount and create a new one using the Dismount-CloudDrive cmdlet.

Note: Once you dismount the Azure file share, your current session will be restarted to set up a new cloud share.

Assumption:

I am assuming that Microsoft is using container service infrastructure to provide a session. You will get the below windows path when you query for the temp drive:

C:\Users\ContainerAdministrator\AppData\Local\Temp

Note the administrator is a “ContainerAdministrator.” The container here could be a Windows Server or a Windows Container. I am assuming it is a Windows Container since the underlying “image” comes pre-packaged with below tools and a temporary one. A typical use case scenario for Container technology.