DevOps help for Cloud Platform Engineers
  • Welcome!
  • Quick Start Guide
  • About Me
  • CV
  • 🧠DevOps & SRE Foundations
    • DevOps Overview
      • Engineering Fundamentals
      • Implementing DevOps Strategy
      • DevOps Readiness Assessment
      • Lifecycle Management
      • The 12 Factor App
      • Design for Self Healing
      • Incident Management Best Practices (2025)
    • SRE Fundamentals
      • Toil Reduction
      • System Simplicity
      • Real-world Scenarios
        • AWS VM Log Monitoring API
    • Agile Development
      • Team Agreements
        • Definition of Done
        • Definition of Ready
        • Team Manifesto
        • Working Agreement
    • Industry Scenarios
      • Finance and Banking
      • Public Sector (UK/EU)
      • Energy Sector Edge Computing
  • DevOps Practices
    • Platform Engineering
    • FinOps
    • Observability
      • Modern Practices
  • 🚀Modern DevOps Practices
    • Infrastructure Testing
    • Modern Development
    • Database DevOps
  • 🛠️Infrastructure as Code (IaC)
    • Terraform
      • Getting Started - Installation and initial setup [BEGINNER]
      • Cloud Integrations - Provider-specific implementations
        • Azure Scenarios
        • AWS Scenarios
        • GCP Scenarios
      • Testing and Validation - Ensuring infrastructure quality
        • Unit Testing
        • Integration Testing
        • End-to-End Testing
        • Terratest Guide
      • Best Practices - Production-ready implementation strategies
        • State Management
        • Security
        • Code Organization
        • Performance
      • Tools & Utilities - Enhancing the Terraform workflow
        • Terraform Docs
        • TFLint
        • Checkov
        • Terrascan
      • CI/CD Integration - Automating infrastructure deployment
        • GitHub Actions - GitHub-based automation workflows
        • Azure Pipelines - Azure DevOps integration
        • GitLab CI - GitLab-based deployment pipelines
    • Bicep
      • Getting Started - First steps with Bicep [BEGINNER]
      • Template Specs
      • Best Practices - Guidelines for effective Bicep implementations
      • Modules - Building reusable components [INTERMEDIATE]
      • Examples - Sample implementations for common scenarios
      • Advanced Features
      • CI/CD Integration - Automating Bicep deployments
        • GitHub Actions
        • Azure Pipelines
  • 💰Cost Management & FinOps
    • Cloud Cost Optimization
  • 🐳Containers & Orchestration
    • Containerization Overview
    • Docker
      • Dockerfile Best Practices
      • Docker Compose
    • Kubernetes
      • CLI Tools - Essential command-line utilities
        • Kubectl
        • Kubens
        • Kubectx
      • Core Concepts
      • Components
      • Best Practices
        • Pod Security
        • Security Monitoring
        • Resource Limits
      • Advanced Features - Beyond the basics [ADVANCED]
        • Service Mesh
        • Ingress Controllers
          • NGINX
          • Traefik
          • Kong
          • Gloo Edge
      • Troubleshooting - Diagnosing and resolving common issues
        • Pod Troubleshooting Commands
      • Enterprise Architecture
      • Health Management
      • Security & Compliance
      • Virtual Clusters
    • OpenShift
  • Service Mesh & Networking
    • Service Mesh Implementation
  • Architecture Patterns
    • Data Mesh
    • Multi-Cloud Networking
    • Disaster Recovery
    • Chaos Engineering
  • Edge Computing
    • Implementation Guide
    • Serverless Edge
    • IoT Edge Patterns
    • Real-Time Processing
    • Edge AI/ML
    • Security Hardening
    • Observability Patterns
    • Network Optimization
    • Storage Patterns
  • 🔄CI/CD & GitOps
    • CI/CD Overview
    • Continuous Integration
    • Continuous Delivery
      • Deployment Strategies
      • Secrets Management
      • Blue-Green Deployments
      • Deployment Metrics
      • Progressive Delivery
      • Release Management for DevOps/SRE (2025)
    • CI/CD Platforms - Tool selection and implementation
      • Azure DevOps
        • Pipelines
          • Stages
          • Jobs
          • Steps
          • Templates - Reusable pipeline components
          • Extends
          • Service Connections - External service authentication
          • Best Practices for 2025
          • Agents and Runners
          • Third-Party Integrations
          • Azure DevOps CLI
        • Boards & Work Items
      • GitHub Actions
      • GitLab
        • GitLab Runner
        • Real-life scenarios
        • Installation guides
        • Pros and Cons
        • Comparison with alternatives
    • GitOps
      • Modern GitOps Practices
      • GitOps Patterns for Multi-Cloud (2025)
      • Flux
        • Overview
        • Progressive Delivery
        • Use GitOps with Flux, GitHub and AKS
  • Source Control
    • Source Control Overview
    • Git Branching Strategies
    • Component Versioning
    • Kubernetes Manifest Versioning
    • GitLab
    • Creating a Fork
    • Naming Branches
    • Pull Requests
    • Integrating LLMs into Source Control Workflows
  • ☁️Cloud Platforms
    • Cloud Strategy
    • Azure
      • Best Practices
      • Landing Zones
      • Services
      • Monitoring
      • Administration Tools - Platform management interfaces
        • Azure PowerShell
        • Azure CLI
      • Tips & Tricks
    • AWS
      • Authentication
      • Best Practices
      • Tips & Tricks
    • Google Cloud
      • Services
    • Private Cloud
  • 🔐Security & Compliance
    • DevSecOps Overview
    • DevSecOps Pipeline Security
    • DevSecOps
      • Real-life Examples
      • Scanning & Protection - Automated security tooling
        • Dependency Scanning
        • Credential Scanning
        • Container Security Scanning
        • Static Code Analysis
          • Best Practices
          • Tool Integration Guide
          • Pipeline Configuration
      • CI/CD Security
      • Secrets Rotation
    • Supply Chain Security
      • SLSA Framework
      • Binary Authorization
      • Artifact Signing
    • Security Best Practices
      • Threat Modeling
      • Kubernetes Security
    • SecOps
    • Zero Trust Model
    • Cloud Compliance
      • ISO/IEC 27001:2022
      • ISO 22301:2019
      • PCI DSS
      • CSA STAR
    • Security Frameworks
    • SIEM and SOAR
  • Security Architecture
    • Zero Trust Implementation
      • Identity Management
      • Network Security
      • Access Control
  • 🔍Observability & Monitoring
    • Observability Fundamentals
    • Logging
    • Metrics
    • Tracing
    • Dashboards
    • SLOs and SLAs
    • Observability as Code
    • Pipeline Observability
  • 🧪Testing Strategies
    • Testing Overview
    • Modern Testing Approaches
    • End-to-End Testing
    • Unit Testing
    • Performance Testing
      • Load Testing
    • Fault Injection Testing
    • Integration Testing
    • Smoke Testing
  • 🤖AI Integration
    • AIops Overview
      • Workflow Automation
      • Predictive Analytics
      • Code Quality
  • 🧠AI & LLM Integration
    • Overview
    • Claude
      • Installation Guide
      • Project Guides
      • MCP Server Setup
      • LLM Comparison
    • Ollama
      • Installation Guide
      • Configuration
      • Models and Fine-tuning
      • DevOps Usage
      • Docker Setup
      • GPU Setup
      • Open WebUI
    • Copilot
      • Installation Guide
      • VS Code Integration
      • CLI Usage
    • Gemini
      • Installation Guides - Platform-specific setup
        • Linux Installation
        • WSL Installation
        • NixOS Installation
      • Gemini 2.5 Features
      • Roles and Agents
      • NotebookML Guide
      • Cloud Infrastructure Deployment
      • Summary
  • 💻Development Environment
    • Tools Overview
    • DevOps Tools
    • Operating Systems - Development platforms
      • NixOS
        • Installation
        • Nix Language Guide
        • DevEnv with Nix
        • Cloud Deployments
      • WSL2
        • Distributions
        • Terminal Setup
    • Editor Environments
    • CLI Tools
      • Azure CLI
      • PowerShell
      • Linux Commands
      • YAML Tools
  • 📚Programming Languages
    • Python
    • Go
    • JavaScript/TypeScript
    • Java
    • Rust
  • 📖Documentation Best Practices
    • Documentation Strategy
    • Project Documentation
    • Release Notes
    • Static Sites
    • Documentation Templates
    • Real-World Examples
  • 📋Reference Materials
    • Glossary
    • Tool Comparison
    • Recommended Reading
    • Troubleshooting Guide
  • Platform Engineering
    • Implementation Guide
  • FinOps
    • Implementation Guide
  • AIOps
    • LLMOps Guide
  • Development Setup
    • Development Setup
Powered by GitBook
On this page
  • 2025 Best Practices
  • Installation
  • Linux (Ubuntu/Debian/Fedora/Arch)
  • NixOS
  • Windows Subsystem for Linux (WSL)
  • Docker/Podman
  • Windows
  • Authentication & Profile Management
  • Login
  • List and Set Subscriptions
  • Named Profiles (2025+)
  • Using .envrc and direnv for Environment Isolation
  • Real-Life Scenarios
  • 1. Provision a VM with Terraform and az CLI
  • 2. Automate AKS Authentication and kubectl Context
  • 3. Use az CLI with GitHub Copilot or Claude
  • 4. Multi-Cloud/Hybrid Automation
  • Authenticating Against AKS and Other Services
  • AKS
  • Azure Container Registry (ACR)
  • Azure Key Vault
  • Useful Resources
Edit on GitHub
  1. Cloud Platforms
  2. Azure
  3. Administration Tools - Platform management interfaces

Azure CLI

The Azure CLI is a cross-platform command-line tool for managing Azure resources. This guide covers 2025 best practices, installation on Linux/WSL/NixOS, real-life DevOps scenarios, LLM integration, a

2025 Best Practices

  • Always use the latest Azure CLI version (az upgrade)

  • Use service principals or managed identities for automation, not personal accounts

  • Store secrets in Azure Key Vault, not in scripts or environment variables

  • Use --output json for scripting and automation

  • Leverage az account set and named profiles for multi-tenant/multi-subscription work

  • Use .envrc and direnv for environment isolation

  • Automate with LLMs (GitHub Copilot, Claude) for repeatable workflows

  • Enable CLI telemetry only if required for troubleshooting

Installation

Linux (Ubuntu/Debian/Fedora/Arch)

# Ubuntu/Debian
curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash

# Fedora
sudo rpm --import https://packages.microsoft.com/keys/microsoft.asc
sudo dnf install -y https://packages.microsoft.com/config/rhel/9.0/packages-microsoft-prod.rpm
sudo dnf install azure-cli

# Arch Linux
yay -S azure-cli

NixOS

Add to your configuration.nix:

{ pkgs, ... }:
{
  environment.systemPackages = with pkgs; [ azure-cli ];
}

Then rebuild:

sudo nixos-rebuild switch

Windows Subsystem for Linux (WSL)

Follow the Linux instructions inside your WSL terminal. For persistent PATH, add to ~/.bashrc or ~/.zshrc:

export PATH=$PATH:/usr/local/bin

Docker/Podman

docker run -it mcr.microsoft.com/azure-cli
# Or with SSH keys:
docker run -it -v ${HOME}/.ssh:/root/.ssh mcr.microsoft.com/azure-cli

Windows

winget install -e --id Microsoft.AzureCLI

Authentication & Profile Management

Login

az login                # Interactive browser login
az login --use-device-code   # For headless/remote
az login --service-principal -u <appId> -p <password|cert> --tenant <tenant>

List and Set Subscriptions

az account list --output table
az account set --subscription <subscription-id>

Named Profiles (2025+)

az account set --subscription <sub-id> --name dev
az account set --subscription <sub-id> --name prod
# Switch profiles
ez az account set --name dev

Using .envrc and direnv for Environment Isolation

Create a .envrc in your project directory:

export AZURE_SUBSCRIPTION_ID="<sub-id>"
export AZURE_TENANT_ID="<tenant-id>"
export AZURE_DEFAULTS_GROUP="my-rg"
export AZURE_DEFAULTS_LOCATION="westeurope"
az account set --subscription $AZURE_SUBSCRIPTION_ID

Enable direnv:

direnv allow

Real-Life Scenarios

1. Provision a VM with Terraform and az CLI

# main.tf
provider "azurerm" {
  features {}
}
resource "azurerm_resource_group" "rg" {
  name     = var.rg_name
  location = var.location
}
az login
terraform init && terraform apply

2. Automate AKS Authentication and kubectl Context

az aks get-credentials --resource-group my-rg --name my-aks --overwrite-existing
kubectl get nodes

3. Use az CLI with GitHub Copilot or Claude

  • Use Copilot/Claude to generate az CLI scripts for resource automation:

# Example prompt to Copilot/Claude:
# "Generate a script to create a storage account and upload a file using az CLI."

  • Review, test, and version-control generated scripts.

4. Multi-Cloud/Hybrid Automation

  • Use az CLI in GitHub Actions, Azure Pipelines, or GitLab CI/CD for IaC and deployment.

  • Example GitHub Actions step:

- name: Azure Login
  uses: azure/login@v2
  with:
    creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Deploy Bicep
  run: az deployment group create -g my-rg -f main.bicep

Authenticating Against AKS and Other Services

AKS

az aks get-credentials --resource-group my-rg --name my-aks
kubectl get pods

Azure Container Registry (ACR)

az acr login --name myregistry

Azure Key Vault

az keyvault secret show --vault-name myvault --name mysecret

Useful Resources

PreviousAzure PowerShellNextTips & Tricks

Last updated 2 days ago

☁️
Azure CLI Docs
Azure CLI Samples
direnv
GitHub Copilot
Claude LLM