Engineer Handbook

A quick reference for Azure CLI commands I often use Date Category 2025-12-05 Azure / CLI Table of Contents Getting Started Installation Azure Cloud Shell Authentication Command Reference Subscription Management Resource Management (Resource Groups) Management Groups Entra ID (Formerly Azure AD) Role Assignments (RBAC) Key Vault & Secrets Virtual Machines (VMs) Networking Storage Kubernetes (AKS & Kubectl) App Service (Web Apps) Private Networking & DNS Installation Windows # Option 1: Chocolatey (My Personal Favorite Windows Package Manager) choco install azure-cli # Option 2: Using Winget winget install -e --id Microsoft.AzureCLI # Option 3: No Admin Rights (ZIP Method) # Follow the official guide: https://learn.microsoft.com/en-us/cli/azure/install-azure-cli-windows?view=azure-cli-latest&pivots=zip macOS # Using Homebrew (Recommended) brew install azure-cli Linux # Ubuntu / Debian curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash Azure Cloud Shell (Browser-Based) If you don’t want to install anything locally, you can use the interactive shell directly in the Azure Portal. ...

A quick reference for Azure Powershell Commands I use often Date Category 2025-12-05 Azure / PowerShell Table of Contents Getting Started Installation Authentication Subscription Management Resource Management Command Reference Entra ID (Formerly Azure AD) Active Directory & Entra Sync Role Assignments (RBAC) Key Vault & Secrets Compute (Virtual Machines) Networking Storage Azure Policy & Governance Monitoring Azure Migrate Installation Prerequisite: You need PowerShell 7+ (recommended) or Windows PowerShell 5.1. Windows # Option 1: Install from PSGallery (Admin Required) Install-Module -Name Az -Repository PSGallery -Force # Option 2: MSI Installer # Download: https://github.com/Azure/azure-powershell/releases macOS # 1. Install PowerShell via Homebrew brew install --cask powershell # 2. Enter PowerShell pwsh # 3. Install Az Module Install-Module -Name Az -Repository PSGallery -Force Linux # Ubuntu / Debian # 1. Update the list of packages and install wget sudo apt-get update sudo apt-get install -y wget apt-transport-https software-properties-common # 2. Download the Microsoft repository GPG keys and register repository wget -q "https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/packages-microsoft-prod.deb" sudo dpkg -i packages-microsoft-prod.deb # 3. Update & Install sudo apt-get update sudo apt-get install -y powershell # 4. Enter PowerShell & Install Module pwsh Install-Module -Name Az -Force Authentication 1. Log In # Interactive Login (Browser) Connect-AzAccount # Device Code Login (for servers/headless) Connect-AzAccount -UseDeviceAuthentication # Service Principal Login (Automation) $cred = Get-Credential Connect-AzAccount -ServicePrincipal -Credential $cred -Tenant "<TENANT_ID>" 2. Cloud Shell Alternatively, use the browser-based shell in the Azure Portal. ...

Understanding how Private Endpoints, Private DNS Zones, and the Azure Private DNS Resolver enable seamless hybrid connectivity. Date Category 2025-12-05 Networking TL;DR: On-premise users can’t reach Azure Private Endpoints because Private DNS Zones only exist inside Azure. Solution: Deploy an Azure Private DNS Resolver in your Hub VNet, configure conditional forwarders on-prem to point to it, and it will resolve private IPs for you. Prerequisites Before attempting to implement Hybrid DNS, you must have the networking foundation in place: ...