Azure Cloud Shell

How it works and what you can do with it

 Posted on 2021-11-09    3 minutes    588 words
Always check Microsoft docs first! - The information below might be obsolete.

Ahhh, the Cloud Shell. Something that can be easily overlooked but yet a very useful feature within Azure.

What is Cloud Shell?

Cloud Shell is a tool that’s available in the Azure portal to manage your Azure resources. It’s a small containerized Linux instance that contains a whole bunch of useful tools, such as CLI, PowerShell, SSH and much more. Especially awesome if you are on the run or you don’t have admin privileges on your local machine.

What can I use it for?

For managing your resources in Azure without having to worry about having the latest version of all the tools and all collected in one spot! You don’t need to worry about authentication as it works from the portal (where you are already signed in).

How does it work?

When creating the Cloud Shell it will create the following:

  1. A Resource group
  2. A Storage account
  3. An Azure Fileshare (within the Storage account).

“To persist files across sessions, Cloud Shell walks you through attaching an Azure file share on first launch. Once completed, Cloud Shell will automatically attach your storage (mounted as $HOME\clouddrive) for all future sessions. Additionally, your $HOME directory is persisted as an .img in your Azure File share. Files outside of $HOME and machine state are not persisted across sessions. Use best practices when storing secrets such as SSH keys. Services like Azure Key Vault have tutorials for setup

From https://docs.microsoft.com/en-us/azure/cloud-shell/features#tools

Give me a use case or two….

Imagine the following. You need to launch one or two PowerShell scripts on a bunch of VMs and you are sitting at home. You have your secondary machine in your lap, your daily driver workstation is in your office (where all the tools are installed) and you just cant be bothered to move from the couch.

Use Cloud Shell instead.

Sign in to the portal - using your Passwordless sign-in for example - click on the Cloud Shell and off you go. All tools ready, you have your clouddrive mounted with all your scripts in it and you can launch remote PowerShell commands on the fly, without having to worry about if everything is updated and not having to carry around your toolkit.

What tools are available in Cloud Shell?

For a full updated list of all the tools available - check out Azure Cloud Shell features

How does Cloud Shell connect to my resources?

It uses the public URL of the services (PaaS) and a combination of ARM and Public IP for VMs depending on how you want to connect/manage them. If you for example want to manage VMs within Azure (such as Stop/Deallocate or deploying VMs) that can be done directly in Cloud Shell - but if you wish to connect to a VM using SSH - you will need a Public IP on the VM (Unless you delegate a subnet for private IP use, see below).

Can I connect Cloud Shell to a VNET using a private IP?

Yes you can! You can delegate a subnet to Cloud Shell to be able to connect to your resources using a private IP.

Cloud Shell in an Azure Virtual Network

Can I run it locally?

Yes - You can run it using the Windows Terminal - (You will need to connect to Azure from your machine) and you can also download the docker image run it all locally if you want. I prefer using the Windows Terminal then running the image itself.

Check out the official docs page on Cloud Shell here

Cloud Shell  Useful  Tools