Connect to Azure Stack Hub with PowerShell
You can configure Azure Stack Hub to use PowerShell to manage resources like creating offers, plans, quotas, and alerts. This topic helps you configure the operator environment.
Prerequisites
Run the following prerequisites either from the Azure Stack Development Kit (ASDK) or from a Windows-based external client if you're connected to the ASDK through VPN.
- Install Azure Stack Hub-compatible Azure PowerShell modules.
- Download the tools required to work with Azure Stack Hub.
Connect with Microsoft Entra ID
To configure the Azure Stack Hub operator environment with PowerShell, run one of the scripts below. Replace the Microsoft Entra tenantName and Azure Resource Manager endpoint values with your own environment configuration.
Note
If your session expires, your password has changed, or you simply wish to switch accounts, run the following cmdlet before you sign in using Connect-AzAccount: Remove-AzAccount -Scope Process
# Register an Azure Resource Manager environment that targets your Azure Stack Hub instance. Get your Azure Resource Manager endpoint value from your service provider.
Add-AzEnvironment -Name "AzureStackAdmin" -ArmEndpoint "https://adminmanagement.local.azurestack.external" `
-AzureKeyVaultDnsSuffix adminvault.local.azurestack.external `
-AzureKeyVaultServiceEndpointResourceId https://adminvault.local.azurestack.external
# Set your tenant name.
$AuthEndpoint = (Get-AzEnvironment -Name "AzureStackAdmin").ActiveDirectoryAuthority.TrimEnd('/')
$AADTenantName = "<myDirectoryTenantName>.onmicrosoft.com"
$TenantId = (invoke-restmethod "$($AuthEndpoint)/$($AADTenantName)/.well-known/openid-configuration").issuer.TrimEnd('/').Split('/')[-1]
# After signing in to your environment, Azure Stack Hub cmdlets
# can be easily targeted at your Azure Stack Hub instance.
Connect-AzAccount -EnvironmentName "AzureStackAdmin" -TenantId $TenantId
Connect with AD FS
Connect to the Azure Stack Hub operator environment with PowerShell with Microsoft Entra ID Federated Services (Azure AD FS). For the ASDK, this Azure Resource Manager endpoint is set to https://adminmanagement.local.azurestack.external. To get the Azure Resource Manager endpoint for Azure Stack Hub integrated systems, contact your service provider.
# Register an Azure Resource Manager environment that targets your Azure Stack Hub instance. Get your Azure Resource Manager endpoint value from your service provider.
Add-AzEnvironment -Name "AzureStackAdmin" -ArmEndpoint "https://adminmanagement.local.azurestack.external" `
-AzureKeyVaultDnsSuffix adminvault.local.azurestack.external `
-AzureKeyVaultServiceEndpointResourceId https://adminvault.local.azurestack.external
# Sign in to your environment.
Connect-AzAccount -EnvironmentName "AzureStackAdmin"
Note
AD FS only supports interactive authentication with user identities. If a credential object is required, you must use a service principal (SPN). For more information on setting up a service principal with Azure Stack Hub and AD FS as your identity management service, see Manage an AD FS app identity.
Test the connectivity
Now that you've got everything set-up, use PowerShell to create resources within Azure Stack Hub. For example, you can create a resource group for an app and add a virtual machine. Use the following command to create a resource group named MyResourceGroup.
New-AzResourceGroup -Name "MyResourceGroup" -Location "Local"
Next steps
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for