/ _ \
\_\(_)/_/
 _//"\\_     more on JOHLEM.net
  /   \	                 
	
0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0o0




	
====================================================================================================================================
									CHEAT SHEET                            
====================================================================================================================================
== AZURE Search Cheat Sheet == 
------------------------------------------------------------------------------------------------------------------------------------


+--------------------------------------------------+
|                AZURE MANAGEMENT CLI              |
+--------------------------------------------------+
| # Log in to Azure                                |
| az login                                        |
+--------------------------------------------------+
| # List Azure subscriptions                       |
| az account list --output table                  |
+--------------------------------------------------+
| # Set the default subscription                  |
| az account set --subscription "<subscription>" |
+--------------------------------------------------+
| # Create a new resource group                   |
| az group create -n <name> -l <location>         |
+--------------------------------------------------+
| # Create a VM in a specified resource group     |
| az vm create -g <group> -n <name> --image <img> |
+--------------------------------------------------+
| # Start a virtual machine                        |
| az vm start -g <group> -n <name>                |
+--------------------------------------------------+
| # Deallocate a VM (stops charges)               |
| az vm deallocate -g <group> -n <name>           |
+--------------------------------------------------+
| # Stop a VM without deallocating it             |
| az vm stop -g <group> -n <name>                 |
+--------------------------------------------------+
| # Delete a virtual machine                      |
| az vm delete -g <group> -n <name> --yes         |
+--------------------------------------------------+
| # Create a new storage account                  |
| az storage account create -n <name> -g <group>  |
+--------------------------------------------------+
| # Create a blob container in a storage account  |
| az storage container create --account-name <acc>|
+--------------------------------------------------+
| # Upload a file to a blob storage               |
| az storage blob upload --account-name <acc>     |
+--------------------------------------------------+
| # Create an App Service plan                    |
| az appservice plan create -n <name> -g <group>  |
+--------------------------------------------------+
| # Create a web app in a given app service plan  |
| az webapp create -g <group> -p <plan> -n <name> |
+--------------------------------------------------+
| # Create a Function App in a resource group     |
| az functionapp create -g <group> -n <name>      |
+--------------------------------------------------+
| # Create an Azure SQL server                    |
| az sql server create -n <name> -g <group>       |
+--------------------------------------------------+
| # Create a SQL database on a server             |
| az sql db create -g <group> -s <server> -n <db> |
+--------------------------------------------------+
| # Create a Virtual Network                      |
| az network vnet create -g <group> -n <name>     |
+--------------------------------------------------+
| # Create a Network Security Group               |
| az network nsg create -g <group> -n <name>      |
+--------------------------------------------------+
| # Create an Azure Active Directory user         |
| az ad user create --display-name <name>         |
+--------------------------------------------------+
| # Assign a role to a user or group              |
| az role assignment create --assignee <user>     |
+--------------------------------------------------+
| # Create a Key Vault                            |
| az keyvault create -n <name> -g <group>         |
+--------------------------------------------------+
| # Set a secret in Key Vault                     |
| az keyvault secret set --vault-name <vault>     |
+--------------------------------------------------+
| # List metrics for a resource                   |
| az monitor metrics list --resource <resource>   |
+--------------------------------------------------+

+--------------------------------------------------+
|       AZURE EVENTS AND INVESTIGATION CLI         |
+--------------------------------------------------+
| # List activity logs for a resource group        |
| az monitor activity-log list --resource-group <g>|
+--------------------------------------------------+
| # Create a Log Analytics workspace               |
| az monitor log-analytics workspace create       |
+--------------------------------------------------+
| # Create diagnostic settings for resource logs   |
| az monitor diagnostic-settings create           |
+--------------------------------------------------+
| # List diagnostic settings for a resource        |
| az monitor diagnostic-settings list             |
+--------------------------------------------------+
| # Run a query against Log Analytics workspace    |
| az monitor log-analytics query --workspace <id> |
+--------------------------------------------------+
| # Configure NSG flow logs                        |
| az network watcher flow-log configure           |
+--------------------------------------------------+

+--------------------------------------------------+
|  AZURE EVENTS AND INVESTIGATION CLI COMMANDS     |
+--------------------------------------------------+
| # List activity logs for a resource group        |
| az monitor activity-log list --resource-group <g>|
+--------------------------------------------------+
| # Create a Log Analytics workspace               |
| az monitor log-analytics workspace create -g <g> |
+--------------------------------------------------+
| # List all Log Analytics workspaces              |
| az monitor log-analytics workspace list          |
+--------------------------------------------------+
| # Create diagnostic settings for a resource      |
| az monitor diagnostic-settings create --name     |
+--------------------------------------------------+
| # List diagnostic settings for a resource        |
| az monitor diagnostic-settings list --resource   |
+--------------------------------------------------+
| # Query against Log Analytics                    |
| az monitor log-analytics query --analytics-query |
+--------------------------------------------------+
| # Enable NSG flow logs                           |
| az network watcher flow-log configure            |
+--------------------------------------------------+
| # List NSG flow logs                             |
| az network watcher flow-log list                 |
+--------------------------------------------------+
| # Create an alert rule                           |
| az monitor alert-rules create                    |
+--------------------------------------------------+
| # List all alert rules                           |
| az monitor alert-rules list                      |
+--------------------------------------------------+
| # Create action group for alerts                 |
| az monitor action-group create                   |
+--------------------------------------------------+
| # List action groups                             |
| az monitor action-group list                     |
+--------------------------------------------------+
| # Create activity log alert                      |
| az monitor activity-log alert create             |
+--------------------------------------------------+
| # List activity log alerts                       |
| az monitor activity-log alert list               |
+--------------------------------------------------+
| # Create a metric alert                          |
| az monitor metrics alert create                  |
+--------------------------------------------------+
| # List metric alerts                             |
| az monitor metrics alert list                    |
+--------------------------------------------------+
| # Create log profile for activity log            |
| az monitor log-profiles create                   |
+--------------------------------------------------+
| # List log profiles                              |
| az monitor log-profiles list                     |
+--------------------------------------------------+
| # Export logs to an event hub                    |
| az monitor diagnostic-settings create --export   |
+--------------------------------------------------+
| # Retrieve Azure AD sign-in logs                 |
| az ad sign-in logs list                          |
+--------------------------------------------------+
| # Retrieve Azure AD audit logs                   |
| az ad audit-logs list                            |
+--------------------------------------------------+
| # Retrieve logs from a VM boot diagnostics       |
| az vm boot-diagnostics get-boot-log              |
+--------------------------------------------------+
| # Retrieve metrics for a VM                      |
| az monitor metrics list --resource <vm>          |
+--------------------------------------------------+
| # List security alerts                           |
| az security alert list                           |
+--------------------------------------------------+
| # Set security policy                            |
| az security policy set                           |
+--------------------------------------------------+
| # List security tasks                            |
| az security task list                            |
+--------------------------------------------------+
| # Show security assessment                       |
| az security assessment show                      |
+--------------------------------------------------+
| # Show auto-provisioning settings                |
| az security auto-provisioning-setting show       |
+--------------------------------------------------+
| # Show compliance results                        |
| az security compliance show                      |
+--------------------------------------------------+
| # Show security sub-assessment details           |
| az security sub-assessment show                  |
+--------------------------------------------------+