A few months back I started using Azure Tables as a quick, cheap, and simple database for a project at work. I was recently re-factoring my main Powershell script which spits data out into an Azure Table for later PowerBI reporting. Thankfully, even though it was close to midnight, my years of “ops management brain” kicked in before I pushed the “go” button on my refactored script. Thankfully it dawned on me I should be testing my updated script on a copy of my table vs. the only copy of the data I had.
Being late and me being tired, it didn’t occur to me to just try Azure Storage Explorer, which allows you to easily copy a table from one storage account to another. Instead, I turned to Powershell. (more…)
Halloween is over but the the world is still a scary place. In a continuation of a thought from an article I wrote a few weeks back for Auditing AzureSQL Firewall Policies, I thought I would also include a short function for auditing azure storage accounts that are currently configured for “public” access.
I recently overhauled a script that I wrote to take advantage of the parallel processing functionality that is included in Microsoft Powershell 7. The results have been excellent with script runtimes being reduced from over an hour down to roughly 5 minutes. Learning the ins-and-outs of using parallel processing was a bit of a chore that I will discuss in a later article, however the first hurdle that had to be mounted was simply getting Powershell 7 installed and figuring out how to make use of it. Quickly getting up and running with Powershell 7 is what this article seeks to address. (more…)
I periodically review Azure PaaS resource edge security. As a part of that process I examine and cleanup AzureSQL firewall rules. Once you have more than a handful of subscriptions and AzureSQL databases, doing this manually starts becoming unfeasible. To that end, Azure Powershell is your friend…
As is typical, you need to install the Powershell AZ module on your workstation, after that you need to run.
Then supply your Azure credentials (preferably creds that have the ability to view and manage all of your AzureSQL databases and firewall rules, otherwise the rest is moot.
I work on Azure Tenants that utilize multiple subscriptions in their design. I wanted to centralize my Azure Automation work and use a single Automation account. By default, I found that powershell scripts I fired off from Azure Automation work within the subscription that the Automation account was created within. But business requirements necessitate multiple subscriptions and MY requirements necessitate using a single Automation Account to simplify my life (and the lives of everyone else that I work with). A running joke is that, when it comes to IT, well-intention’d laziness is a virtue… We rebrand laziness as “simplicity,” “automation,” and/or “efficiency,” depending on the context of the conversation of course. I often say somewhat tongue-n-cheek that “you don’t want your IT department to be “busy” all the time.” An all-the-time overly busy IT department typically means that something was poorly planned and/or your network is being held together with spit and frayed ethernet cable. Anyhow, I digress…
With that groundwork laid, the goal is a Powershell automation script that can essentially “hop” subscriptions as needed. I also value modularity. Goodness knows that in the pursuit of laziness we should never do the same work twice except in the most extreme or dire circumstances. To that end, I wrote a simple function I could just drop into any script along with an additional parameter and now said script can be used across subscriptions…