Common Azure Admin Tasks - Portal Cheat Sheet

Common Azure Admin Tasks - Portal Cheat Sheet

Shivakant Upadhyay Shivakant Upadhyay

Shivakant Upadhyay

Bridging Business Goals with Technical Execution

发布日期: 2024年10月20日
+ 关注

This handy cheat sheet I prepared some time back. It contains steps to perform common Azure admin tasks 'manually' using Azure portal for quick reference.

Virtual Machines (VMs) and Compute

Basic VM Operations

1. Create a VM:

- Portal > Search "Virtual Machines" > +Create > Fill Basics > Review + Create > Create

2. Start/Stop a VM:

- VM > Overview > Start / Stop

3. Resize a VM:

- VM > Size > Select new size > Resize

4. Delete a VM:

- VM > Overview > Delete > Confirm

5. Reset VM Password:

- VM > Reset Password > Enter username and new password > Update

6. Attach a Data Disk to VM:

- VM > Disks > +Add Data Disk > Save

7. Enable Auto-Shutdown for a VM:

- VM > Auto-shutdown > Enable > Set time > Save

8. Monitor VM Performance:

- VM > Insights > View metrics and graphs

9. Create VM from Marketplace Image:

- +Create > Virtual Machine > Select image from Marketplace > Proceed

10. Capture a VM Image:

- VM > Capture > Provide name > Generalize > Create

Advanced VM Operations

11. Create VM Scale Set (VMSS):

- Search "Virtual Machine Scale Sets" > +Create > Configure > Create

12. Configure Load Balancer for VMSS:

- VMSS > Networking > Load Balancer > Configure rules > Save

13. Use Custom Script Extension on VM:

- VM > Extensions > +Add > Select Custom Script > Upload script

14. Enable Managed Identity for VM:

- VM > Identity > Enable System Assigned Identity > Save

15. Create a Proximity Placement Group:

- Search "Proximity Placement Groups" > +Create > Configure > Create

16. Migrate VM from Classic to ARM Model:

- Use Azure Migrate > Discover > Migrate VMs

17. Set Up VM Backup to Another Region:

- VM > Backup > Configure geo-redundant policy

18. Enable VM Disk Encryption (ADE):

- VM > Disks > Encryption > Enable > Select Key Vault

19. Create a Custom Image from a VM:

- VM > Capture > Generalize VM > Capture Image

20. Deploy Spot VMs:

- +Create VM > Select Spot Instance > Configure > Create

21. Create a VM with Custom VHD:

- +Create VM > Select Custom Image > Upload VHD > Create

22. Configure Accelerated Networking for a VM:

- VM > Networking > Enable Accelerated Networking > Restart VM

23. Enable Disk Performance Tuning:

- VM > Disks > Configure caching mode > Save

24. Configure Azure Bastion with IP-Based Access:

- Bastion > Configure IP-based connection > Save

25. Set Up Azure VM Serial Console Access:

- VM > Support + Troubleshooting > Serial Console > Enable

26. Clone a VM Using Azure CLI:

- Use: az vm create with source VM's managed disk

27. Configure Availability Sets:

- VM > Availability > Create Availability Set > Add VMs

28. Create and Manage Proximity Groups for VMs:

- Create Proximity Placement Group > Assign to VMs

29. Convert a VM from Standard to Spot Instance:

- VM > Configuration > Change to Spot Instance > Save

Networking

Basic Networking

30. Create a Virtual Network:

- Search "Virtual Networks" > +Create > Fill Basics > Create

31. Add a Subnet to a VNet:

- VNet > Subnets > +Subnet > Fill details > Save

32. Create a Public IP:

- Search "Public IP Addresses" > +Create > Fill details > Create

33. Assign Public IP to VM:

- VM > Networking > Associate Public IP > Save

34. Create a Network Security Group (NSG):

- Search "NSG" > +Create > Configure rules > Create

35. Add Inbound Rule to NSG:

- NSG > Inbound Rules > +Add Rule > Save

36. Enable DDoS Protection:

- VNet > DDoS Protection > Enable > Save

37. Create Application Gateway:

- Search "Application Gateway" > +Create > Configure > Create

38. Monitor Network Health:

- Network Watcher > Network Performance Monitor > View status

39. Delete a Virtual Network:

- VNet > Overview > Delete > Confirm

Advanced Networking

40. Create a Hub-and-Spoke Network Topology:

- VNets > Configure peering > Create Hub and Spoke VNets

41. Enable VNet-to-VNet Connection:

- VNet Gateway > Connections > +Add > Connect to another VNet

42. Configure Azure Application Gateway WAF:

- App Gateway > Configuration > Enable WAF > Save

43. Create a Private Endpoint for Storage Account:

- Storage > Networking > +Private Endpoint > Configure > Save

44. Configure Azure Firewall:

- Search "Firewall" > +Create > Configure > Set rules > Save

45. Enable ExpressRoute for Hybrid Connectivity:

- ExpressRoute > +Create > Configure > Create

46. Set Up DNS Private Zones:

- DNS Zone > +Private Zone > Configure > Link VNet

47. Configure BGP Peering on VPN Gateway:

- VPN Gateway > Configure BGP > Save

48. Monitor Traffic with Network Watcher Flow Logs:

- Network Watcher > NSG Flow Logs > Enable > Save

49. Configure NAT Gateway for Outbound Connectivity:

- NAT Gateway > Create > Associate with VNet > Save

50. Implement Azure Private Link for SaaS Services:

- Private Link > Configure for supported services > Save

51. Set Up VNet Peering Across Subscriptions:

- VNet > Peering > Add Peering > Configure Cross-subscription Access

52. Configure Application Gateway with Custom SSL Certificate:

- App Gateway > Listeners > Upload Certificate > Save

53. Implement Forced Tunneling with VPN Gateway:

- VPN Gateway > Configure forced tunneling > Save

54. Configure Azure Route Table (UDR):

- Route Table > Create > Define Routes > Associate with Subnet

55. Enable Traffic Manager with Multi-Region App:

- Traffic Manager > +Profile > Configure > Save

56. Deploy Azure Load Balancer with Health Probes:

- Load Balancer > Configure Health Probes > Save

57. Monitor Network Latency Using Network Performance Monitor:

- Network Watcher > NPM > Create > Configure VMs for Monitoring

58. Implement Service Endpoints for Storage Access:

- VNet > Subnets > Enable Service Endpoint > Select Storage

Storage

Basic Storage Operations

59. Create a Storage Account:

- Search "Storage Accounts" > +Create > Fill Basics > Review + Create

60. Enable Blob Soft Delete:

- Storage Account > Data Protection > Enable soft delete > Save

61. Generate SAS Token:

- Storage Account > Shared Access Signature > Configure > Generate

62. Upload Files to Blob Storage:

- Storage Account > Containers > +Container > Upload > Select files

63. Enable Static Website Hosting:

- Storage Account > Static Website > Enable > Save

64. Create File Share:

- Storage Account > File Shares > +File Share > Create

65. Enable Encryption on Storage:

- Storage Account > Encryption > Enable encryption > Save

66. Monitor Storage Metrics:

- Storage Account > Monitoring > Insights > View metrics

67. Set Storage Account Firewall:

- Storage Account > Networking > Set firewall rules > Save

68. Delete Storage Account:

- Storage Account > Overview > Delete > Confirm

Advanced Storage Operations

69. Configure Blob Lifecycle Management:

- Storage > Data Management > +Add Rule > Configure > Save

70. Enable Cross-Region Replication for Storage:

- Storage Account > Replication > Configure to GRS or RA-GRS

71. Migrate Files Using Azure Data Box:

- Search "Data Box" > +Order > Configure > Create

72. Use AzCopy for Bulk Storage Transfer:

- Run: azcopy copy <source> <destination>

73. Create Shared Access Policies for Blob Storage:

- Storage Account > Containers > Access Policy > Configure

74. Enable Immutable Blob Storage:

- Storage Account > Containers > Immutable Policy > Configure

75. Configure Storage Account Firewall with VNet Rules:

- Storage Account > Networking > Firewall > Configure VNet rules

76. Enable Azure File Sync Service:

- File Sync > +Create Sync Group > Register server > Sync files

77. Configure Azure Data Lake Storage Gen2:

- Storage Account > Enable Data Lake Gen2 > Configure access

Identity and Access Management (IAM)

Basic IAM Operations

78. Add a User in Azure AD:

- Azure AD > Users > +New User > Fill details > Create

79. Reset User Password:

- Azure AD > Users > Select user > Reset Password

80. Assign Role to a User:

- Resource > IAM > +Add Role Assignment > Select Role/User > Save

81. Create Service Principal:

- Azure AD > App Registrations > +New > Register > Certificates & Secrets > Add secret

82. Enable MFA for User:

- Azure AD > Users > MFA > Enable

83. Create Azure AD Group:

- Azure AD > Groups > +New Group > Fill details > Create

84. Assign Group to Role:

- Resource > IAM > +Add Role Assignment > Select Group/Role > Save

85. Monitor Sign-ins:

- Azure AD > Sign-ins > View logs

86. Enable Conditional Access Policy:

- Azure AD > Conditional Access > +New Policy > Configure > Enable

87. Delete a User from Azure AD:

- Azure AD > Users > Select User > Delete

Advanced IAM Operations

88. Enable Azure AD Identity Protection:

- Azure AD > Identity Protection > Configure policies

89. Set Up Privileged Identity Management (PIM):

- Azure AD > PIM > Configure roles > Assign temporary access

90. Implement Just-in-Time (JIT) VM Access:

- Security Center > JIT Access > Enable for VMs

91. Set Up Azure AD B2C:

- Search "Azure AD B2C" > +Create > Configure > Deploy

92. Configure Multi-Factor Authentication Bypass:

- Azure AD > Conditional Access > Exclude from MFA

93. Configure Conditional Access with Device Compliance:

- Azure AD > Conditional Access > Create policy with compliance check

94. Create a Custom Role in Azure IAM:

- IAM > Roles > +Add Custom Role > Define permissions

95. Enable Azure AD Passwordless Authentication:

- Azure AD > Security > Authentication Methods > Enable Passwordless

96. Monitor Privileged User Activity Logs:

- Azure AD > Audit Logs > Filter privileged roles

Backup and Recovery

97. Create Recovery Services Vault:

- Search "Recovery Services Vault" > +Create > Fill details > Create

98. Enable Backup for VM:

- VM > Backup > Configure Policy > Enable

领英推荐

99. Restore a VM from Backup:

- Recovery Vault > Backup Items > Restore VM > Follow steps

100. Configure Backup Policy:

- Vault > Backup Policies > +Add > Configure > Save

101. Enable Soft Delete for Backups:

- Vault > Properties > Soft Delete > Enable

102. Monitor Backup Jobs:

- Vault > Backup Jobs > View status

103. Stop Backup for Resource:

- Vault > Backup Items > Stop Backup > Retain data or delete

104. Create Site Recovery Plan:

- Recovery Services Vault > Replicated Items > +Replication > Configure

105. Test Failover for DR:

- Vault > Replicated Items > Test Failover > Validate

106. Delete Recovery Services Vault:

- Vault > Overview > Delete > Confirm

107. Enable Azure Backup Instant Restore:

- Vault > Backup > Configure Instant Restore > Save

Monitoring and Alerts

108. Create an Alert Rule:

- Monitor > Alerts > +New Alert Rule > Configure condition and action > Create

109. Enable Activity Logs:

- Monitor > Activity Log > Enable Diagnostics > Configure

110. Create Metric Alerts for a VM:

- Monitor > Alerts > +New Alert Rule > Select VM and metrics > Create

111. Set Up Log Analytics Workspace:

- Monitor > Log Analytics Workspaces > +Create > Configure > Create

112. Query Logs in Log Analytics:

- Monitor > Logs > Select Workspace > Run query

113. Create a Dashboard:

- Monitor > Dashboards > +New > Add metrics and charts > Save

114. Enable Diagnostic Settings for a Resource:

- Resource > Monitoring > Diagnostic Settings > Enable > Save

115. Monitor Costs in Azure:

- Monitor > Cost Management + Billing > Cost Analysis

116. Set Budget Alerts:

- Cost Management + Billing > Budgets > +Add > Configure and Save

117. Delete an Alert Rule:

- Monitor > Alerts > Select Rule > Delete

118. Create Action Groups for Alerts:

- Monitor > Action Groups > +Create > Configure > Save

119. Enable Log Analytics on Multiple Resources:

- Monitor > Logs > Configure for multiple workspaces

120. Use KQL Queries in Log Analytics:

- Monitor > Logs > Query > Write and run KQL queries

121. Configure Azure Monitor Autoscale:

- Monitor > Autoscale > +Add > Set metrics and rules

122. Integrate Azure Monitor with Grafana:

- Search "Grafana" > +Create > Connect to Azure Monitor

123. Configure Application Insights for Web Apps:

- Web App > Application Insights > Enable > Monitor metrics

124. Set Up Azure Monitor for Custom Applications:

- Monitor > Logs > Create Queries for Custom App Insights

125. Configure Autoscaling with Metrics Alerts:

- Monitor > Autoscale > Add Rule > Configure Metric Alert

126. Enable Continuous Export in Log Analytics:

- Log Analytics > Configure Export > Select Storage Destination

127. Use Azure Monitor for Container Health Monitoring:

- Monitor > Containers > Configure Insights > View Metrics

128. Enable Application Performance Management (APM) in Azure:

- App Insights > Enable APM > Configure Alerts > Save

Automation and Scripts

129. Create an Automation Account:

- Search "Automation Accounts" > +Create > Configure > Create

130. Import a Runbook:

- Automation Account > Runbooks > +Import > Upload script > Save

131. Schedule a Runbook:

- Runbook > Schedule > Link a Schedule > Save

132. Enable Auto-Start for VMs:

- Automation Account > Runbooks > Add start script > Schedule

133. Use Cloud Shell for Automation:

- Portal > Cloud Shell > Choose PowerShell or Bash > Run commands

134. Create a Logic App:

- Search "Logic Apps" > +Create > Configure workflow > Create

135. Deploy ARM Templates:

- Portal > Template > +Add > Paste template > Deploy

136. Create a Function App:

- Search "Function App" > +Create > Configure > Create

137. Enable Azure Automation Update Management:

- Automation Account > Update Management > Enable > Select VMs

138. Delete Automation Account:

- Automation Account > Overview > Delete

139. Automate VM Patching with Update Management:

- Automation Account > Update Management > Enable > Add VMs

140. Create a Custom Azure Policy Definition:

- Policy > Definitions > +Create Policy > Configure > Assign

141. Deploy an Azure Blueprint Across Subscriptions:

- Blueprints > +Create > Assign > Monitor deployment

142. Automate Resource Cleanup with Logic App:

- Logic App > Workflow > Automate deletion of unused resources

143. Use Azure Automation to Shut Down Unused VMs:

- Automation Account > Create Runbook > Schedule Shut Down

144. Automate Resource Group Cleanup with Scheduled Tasks:

- Logic App > Create Cleanup Workflow > Schedule Run

145. Create Runbooks for Automatic Resource Tagging:

- Automation Account > Create Runbook > Automate Tagging

Databases

146. Create an Azure SQL Database:

- Search "SQL Database" > +Create > Configure > Create

147. Create a SQL Server:

- Search "SQL Servers" > +Create > Configure > Create

148. Enable Azure SQL Firewall Rule:

- SQL Server > Firewall Rules > Add Rule > Save

149. Backup Azure SQL Database:

- SQL Database > Backups > Configure Policy > Save

150. Restore SQL Database from Backup:

- SQL Database > Restore > Select backup > Configure

151. Create a Cosmos DB:

- Search "Cosmos DB" > +Create > Choose API > Configure > Create

152. Scale Azure SQL Database:

- SQL Database > Compute + Storage > Scale > Save

153. Monitor Database Performance:

- SQL Database > Monitoring > View metrics

154. Enable Advanced Data Security:

- SQL Database > Security > Enable Advanced Threat Protection

155. Delete SQL Database:

- SQL Database > Overview > Delete > Confirm

156. Configure Azure SQL with Always On Availability Groups:

- SQL Database > Enable High Availability > Configure AAG

157. Implement Read Replicas for Azure SQL Database:

- SQL Database > Replicas > Add Read Replica > Save

158. Enable Cosmos DB Multi-Region Writes:

- Cosmos DB > Replication > Enable Multi-Write > Save

159. Set Up Azure Synapse Analytics Workspace:

- Search "Synapse" > +Create > Configure Workspace > Save

160. Use Data Factory to Migrate Data from On-Prem:

- Data Factory > +Create > Configure Pipeline > Run

161. Monitor Azure SQL Vulnerability Assessments:

- SQL Database > Security > Vulnerability Assessments > Enable

162. Enable Transparent Data Encryption (TDE) for SQL:

- SQL Database > Security > Enable TDE > Save

163. Use Data Lake Storage with Data Analytics Tools:

- Data Lake > Create > Configure Access > Use with Synapse

164. Configure Cosmos DB Consistency Levels:

- Cosmos DB > Configuration > Set Consistency Level > Save

165. Implement Private Link for Azure SQL Database:

- SQL Database > Private Link > Configure Endpoint > Save

Kubernetes and Containers

166. Create a Kubernetes Cluster (AKS):

- Search "Kubernetes Services" > +Create > Configure > Create

167. Deploy Container to AKS:

- AKS > Workloads > +Create > Upload YAML > Deploy

168. Create an Azure Container Registry (ACR):

- Search "Container Registry" > +Create > Configure > Create

169. Push Image to ACR:

- Use CLI: docker login, docker tag, docker push

170. Deploy Web App from Container:

- Search "Web App" > +Create > Select Docker container > Deploy

171. Enable Auto-Scaling on AKS:

- AKS > Scaling > Enable autoscaling > Configure

172. Monitor AKS Cluster:

- AKS > Insights > View metrics and logs

173. Enable RBAC for AKS:

- AKS > Configuration > Enable RBAC > Save

174. Connect to AKS with Kubectl:

- Use Cloud Shell: az aks get-credentials > kubectl get nodes

175. Delete Kubernetes Cluster:

- AKS > Overview > Delete

Security and Governance

176. Enable Azure Defender:

- Security Center > Settings > Enable Defender > Save

177. Create a Key Vault:

- Search "Key Vault" > +Create > Configure > Create

178. Store Secret in Key Vault:

- Key Vault > Secrets > +Generate/Import > Add

179. Access Key Vault from App:

- Grant app access through Key Vault > Access Policies

180. Enable Azure Policy:

- Policy > Definitions > +Assign > Configure > Assign

181. Monitor Compliance Status:

- Policy > Compliance > View resources

182. Create a Resource Lock:

- Resource > Locks > +Add > Configure > Save

183. Enable Azure Blueprint:

- Blueprints > +Create > Assign blueprint to subscription

184. Enable Security Alerts:

- Security Center > Alerts > Configure notifications

185. Delete a Key Vault:

- Key Vault > Overview > Delete > Confirm

186. Configure Key Vault with Azure Policies:

- Key Vault > Access Policies > Assign Policy > Save

187. Set Up Azure Sentinel Data Connectors:

- Sentinel > Data Connectors > Enable Log Sources

188. Implement Geo-Redundant Key Vault Replication:

- Key Vault > Geo-redundancy > Enable replication > Save

189. Enable Microsoft Defender for Cloud Recommendations:

- Defender > Settings > Enable Recommendations > Save

190. Create and Manage Azure Governance Tagging:

- Resource Group > Tags > Add Tags > Save

191. Enable Resource Locks for Critical Resources:

- Resource > Locks > +Add > Set Lock Type > Save

192. Create Azure Policies with Exemptions:

- Policy > Assign Policy > Set Exemptions > Save

193. Implement Just-in-Time (JIT) Privileged Access for Users:

- Azure AD > PIM > Configure JIT > Save

194. Monitor Security with Conditional Access Insights:

- Azure AD > Conditional Access > Insights > Analyze Logs

195. Implement Azure Identity Governance:

- Azure AD > Governance > Configure Settings

Cost Management and Optimization

196. Monitor Azure Costs Across Multiple Subscriptions:

- Cost Management > Cross-Subscription View > Analyze

197. Implement Azure Reservations to Optimize Costs:

- Search "Reservations" > +Add > Reserve Resources > Save

198. Use Azure Cost Management for Budget Tracking:

- Cost Management > Budgets > Create Budget > Set Alerts

199. Analyze Cost by Resource Tags:

- Cost Management > Cost Analysis > Group by > Tags

200. Set Up Cost Alerts for Subscriptions:

- Cost Management > Alerts > Create Alert > Configure Thresholds

要查看或添加评论,请登录

Shivakant Upadhyay的更多文章

社区洞察

其他会员也浏览了