Azure Resource Manager (ARM) PowerShell
In addition to deploying Microsoft Azure cloud resources using declarative Azure Resource Manager (ARM) JSON Templates, you can also deploy Azure cloud resources one by one, called imperative provisioning. The Azure Resource Manager (ARM) PowerShell module provides commands that are both generic to all resources, as well as commands that are specific to most Azure platform features. In this video demonstration, we will explore the feature-specific commands to create a Microsoft Azure Virtual Network inside of an ARM Resource Group. After using the New-AzureRmResourceGroup command to create a Resource Group, we will use the New-AzureRmVirtualNetworkSubnetConfig command to create a Virtual Network Subnet object, and finally, the New-AzureRmVirtualNetwork PowerShell command to create a Virtual Network. An Azure Virtual Network can be removed (deleted) from an ARM Resource Group by using the Remove-AzureRmVirtualNetwork command.
So in addition to definitive provisioning of Azure resource manager resources, using RM JSON templates, we can also perform imperative provisioning. So we're gonna go ahead and log into Azure by using the login Azure RM account command. So let's go ahead and run that now. Next, we're going to select the Azure subscription that we're going to work on. And we do that with select Azure rm subscription. And then the next step we're gonna do to prepare our environment for imperative provisioning is to create an empty resource group. So we're gonna create an empty resource group called CloudAcademyPS, located in the West Europe region. And for the sake of example, we're also going to assign a tag to that resource group that describes its' purpose as imperative provisioning. Okay, so now at this point, we've got our resource group created. And we can now begin provisioning resources into that resource group. So if you're building an infrastructure environment in the Cloud, one of the first things you would do is to create a virtual network. So let's take a look at how to do that. Well, normally you would call new Azure RM virtual network. And you would take a look at all the parameters on it. So as you can see, we've got the resource group name parameter. So that's the resource group that the virtual network will be provisioned into. Next we have a name for the virtual network. Then we have a location or region where that resource will be deployed into. Next we have an address prefix for the virtual network. We also can specify DNS servers optionally. And then we can also specify the subnets that will make up this virtual network. So because we have to actually specify the subnets when we create the virtual network, let's go ahead and create a new subnet configuration now. So I'm gonna call new Azure RM and then type star subnet to find all the commands that have subnet in the name. And as you can see, I've got a command called new Azure RM virtual network subnet config. So the subnet has a name. So let's just call this hosts. And then we have an address prefix that will specify the address base for this network. So let's go ahead and just use the address prefix of ten dot five slash 24. Now the subnet configuration is not an actual resource that's getting provisioned into our Cloud subscription. What's happening is it's creating just a virtual object in memory that we'll then use to create the virtual network in the actual resource group. So, now we have a variable called subnet config that contains a subnet configuration. So if we take a look at that in the console here, we can see that it is a PS subnet object. And it has a couple of properties, just the name and the address prefix. That's all we need for now. So let's go ahead and create our virtual network. So I'm going to use the PowerShell splatting technique. Which basically allows us to define all of our commands parameters inside of a hash table, which is just a key value pair. So for each of the parameters that we specify for the new Azure RM virtual network, we're actually gonna declare those parameters inside of the hash table. So the resource group name is pretty straight forward because we've already created our resource group. So I'm just going to reference the name property on the resource group variable. Next, I need to specify the name for the virtual network. So let's call this CloudAcademyPS. Now there's some other parameters I also need to specify, such as the location or the Azure region where we're going to deploy this virtual network. And let's just call that West Europe. I also need to specify the address prefix. And I can actually specify one or more address prefixes because it's actually a list of address prefixes. But in this case, I'm only gonna specify one address prefix. So I'm gonna call the address space 10 dot zero dot zero dot zero slash eight. So basically anything that starts with 10 is going to be a valid subnet inside of this virtual network. And as you can see, when we created our subnet configuration, we used the address base of 10 dot five dot zero dot zero slash 24. So anything that starts with 10 dot five dot zero is going to fit into the subnet. And the subnet is a subset of the address base that we specified for the virtual network. So then I can also specify DNS servers. Now DNS servers are not actual DNS services. All they are, are pointers to DNS servers, such that any virtual machine that's brought up inside of this virtual network will obtain these DNS servers, using a DHCP like process. So what I can do is just say DNS server equals and then specify an array of DNS servers. And in this case I'm just going to use some of Google's publicly available DNS servers. Eight dot eight dot eight dot eight and eight dot eight dot four dot four. And as you can see, we again specify a list of strings. So I can specify an array, just like I could with the address prefix. And then my last parameter that I need to specify is the subnet. And as you can see, the subnet is also a generic list of PS subnet objects. So I could actually create more than one subnet object and then pass in an array of subnets into the virtual network, to create more than one subnet. But in this example, we're only going to use one subnet. So as you can see, I'm specifying the subnet parameter. And I'm passing in the subnet configuration object that we created up here on line 16. So now, in order to splatt these parameters from this hash table, onto the new Azure RM network command I'm going to use the at sign and the variable name that contains the input parameters. Okay, so now we've defined our entire command, along with all of its' input parameters. And now we can hit F8 to execute that command. Now this command shouldn't take very long to run because we're literally just creating a virtual network address base inside of our resource group. So now that I've created this virtual network inside of our resource group, we can call the get Azure RM virtual network command to view the virtual networks in our environment. And if we scroll up a little bit here, you'll see that we have CloudAcademyPS, which is a member of the CloudAcademyPS Resource Group. So, we've successfully deployed a virtual network using imperative provisioning into our resource group. Now we can also validate this by using the Azure portal. So if I come into the Azure portal and click on resource groups, I can filter my list of resource groups for ones that have Cloud in the name. So let's go ahead and type Cloud there and hit enter. And as you can see, I've got a filtered list. And now I'm going to open the CloudAcademyPS resource group that we just created using the RM PowerShell module. As you can see, under the list of resources that are inside of this resource group, I have a single virtual network called CloudAcademyPS, which is consistent with the PowerShell commands that we literally just ran. That virtual network is a member of the Microsoft Partner Network. And as you can see, the address base and DNS servers match the configuration that we specified when we used the PowerShell commands to create it. Okay, now if we want to delete the virtual network or update the virtual network, we can use the other virtual networking related commands. So if we just hit star virtual network star, we can get a list of all the virtual network related commands. So for example we can remove our virtual network. Or we can make updates to our virtual network. You'll also see other commands in here that are related to virtual network gateways. So if you wanna set up a VPN connection to your virtual network, you can establish a VPN gateway using the Azure Resource Manager PowerShell module. But in this case, let's say we just want to add some tags to our virtual network. Well, we can call this set Azure RM virtual network command. Pass in a virtual network object and update it. So let's go ahead and call get Azure RM virtual network. And we're going to get a specific one. So we're gonna call the resource group name resource group dot name. And then the name of the virtual network is virtual network dot name. So virtual network dot name. And then we're gonna assign that virtual network to the virtual network to the virtual network object variable. So what we can do at this point is call into the virtual network object and set the tags on it. So we're going to pass in a hash table. And we're gonna use the same tag we used for the resource group. Which is purpose imperative provisioning. So now we've updated the tags on the object. And if we call set Azure RM virtual network, it's gonna go ahead and update the existing object out in that resource group. So after that command returns, we'll go ahead and switch back to the Azure portal. And we'll go ahead and close that resource group and reopen it, just to refresh the view. Then we'll click on the virtual network object. And then we'll go over to the right hand side and go to tags. And as you can see, we've created, successfully a tag called imperative provisioning. Actually the tag's name is purpose and the value is imperative provisioning. So you can update objects that exist inside of your resource groups, using the resource specific commands. So in this case we're updating a virtual network. Now finally, we may want to delete the virtual network because we don't actually have any VMs inside of it. So let's go ahead and specify the resource group name that we want to delete the v net from, as well as the virtual network's name. And then we'll add the force parameter to prevent any prompts from coming up. So if we hit the F8 key to run that command in the ISE. You'll see that it's returned very quickly. And if we go ahead and go back to the portal we'll reopen the resource group. And the resources section now shows that there are no resources in the resource group. So this has just been a demonstration of how to provision resources imperatively through step by step statements in PowerShell instead of using the declarative RM JSON template syntax.
About the Author
Trevor Sullivan is a Microsoft MVP for Windows PowerShell, and enjoys working with cloud and automation technologies. As a strong, vocal veteran of the Microsoft-centric IT field since 2004, Trevor has developed open source projects, provided significant amounts of product feedback, authored a large variety of training resources, and presented at IT functions including worldwide user groups and conferences.