Azure Portal Life Hacks
In this post, I will explain how you can make better use of the Azure Portal by using the features that we overlook. We focus most of our time figuring out the latest networking whiz-bang or untangling the ever-expanding maze of virtual machine series. However, we never pay much attention to the thing that Azure admins, operators, and devs are staring at all day: the portal.
Say Goodbye to Traditional PC Lifecycle Management
Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.
Not Just For Azure
Before we start looking at the Azure Portal features, I should remind you that the Azure Portal (which needs a rename, I think) is not just the -Azure- Portal. More and more services are moving into this portal, making this the MS cloud portal.
Any organization with a “tenant”, think of that as an Azure Active Directory (AAD) domain, can use the Azure Portal. In fact, any user can sign in. They just can’t see or do anything unless they have been granted some rights.
If an AAD global admin signs in, they can manage the domain, users, groups, and advanced features such as Azure AD Connect. Customers with AAD Premium (never buy AAD Basic because you will regret not buying Premium) licensing must use the Portal to manage their premium features, such as conditional access, branding, and so on.
Other examples include the Intune portal and Azure Information Protection. I think I heard at Ignite that the OMS (Log Analytics) Portal was also moving into the Azure Portal.
We will start with an easy one, the navigation bar; that’s the big blue bar on the left with shortcuts to various resources types and services in the Azure Portal. If you click More Services (the > at the bottom), then you will see an additional scroll box that lists every possible resource/service in the Azure Portal. Notice the star on the right-hand side of each entry. You can select (gold icon) an item to move it onto the navigation bar.
An unsung hero in the navigation bar is “Recent”. If you click this option, a blade appears with objects that you have recently been working with. This can be a huge click/time saver.
When you open More Services in the navigation bar, have you ever tried typing in the name of the thing you are looking for? For example, start typing recovery services vault. You only have to type recov and the list of options is shrunk to two. You can just hit <ENTER> to go the recovery services vaults blade.
Another “I didn’t notice that before” item is the search bar in the top-right corner. Click that and ust as with Recent in the navigation bar, recently managed resources will appear. You can type in the name of a resource and search will open it for you when you press <ENTER>.
One criticism of the Azure Portal is that it has a huge east-west spread, popping up lots of blades. Over time, Microsoft has reduced that spread, but those blades can go well off of screen. A quick way to jump back, instead of closing blades, is to just click the desired past location in the breadcrumb trail at the top.
When I am teaching Azure, many students find that they need to look something else in another resource. They close a bunch of blades, find the something, and then restart whatever they were doing. They could have just opened the Azure Portal in another tab in the same browser. Their existing sign-in would have been used. I normally have the Azure Portal open in 2-3 tabs when I am doing stuff in Azure.
I wonder how many people are using multiple dashboards in the Azure Portal? You can pin shortcuts to resources or resource groups, live metrics charts, and more to a dashboard, giving you a live view of some system(s). I recommend having 1 dashboard for each service/LOB app that you work with and switching to that dashboard when you start to work with that service. Immediately, you will see health/performance information in the Azure Portal and you will have shortcuts to the various things of interest.
Let’s get this straight, tags are not just for billing! We know that resource groups should be used like OUs in Active Directory. They are not an org chart. They are a method of delegating permissions and logically organizing.
Tags can be used to add a key-value pair (KVP) to any resource in Azure. That means you can create something like a registry key, with a value, to help you find things in Azure. For example, let’s say that I have opened up a bunch of resources from lots of resource groups and added a tag called Dept with a value of Petri. There also might be departments such as AidanFinn, Thurrott, and more.
Now, I can open Tags (search in the Navigation bar) in the Azure Portal and click the item called Dept:Petri. A results blade appears and I can see all resources with a Dept value of Petri.
This is a new feature in the Azure Portal. If you go into a resource type blade, you can select some/all resources using a checkbox on the left. This is very useful, especially with virtual machines; you can select some/all of your machines and click Start or Stop, saving you from having to write a PowerShell query or going into the settings of each machine to start/stop it.
I have a lot of Microsoft and Work accounts for my personal subscriptions (Office 365 and Azure), production stuff at work, and for training/demo stuff at work. One of the annoying things for me, but useful for “normals” is that the browser automatically inherits whatever identity you are using. So, I often would find myself logging into an Azure subscription with the wrong account. I could enable single sign-on using AAD guest accounts and subscription permissions but I have deliberately kept boundaries. So in the past, I have used multiple browsers and incognito/private mode.
And then a visiting trainer told me of incognito extensions for the Chrome browser, which is my preferred browser anyway, even if it’s cache can mess up the Azure Portal from time to time. I can click an extension button and get a new tab in the same browser that is private from the OS and the other tabs in the browser. If I duplicate that tab, I get another private tab but in the same privacy bubble as the original – that approach has saved me a lot of RAM in the past months.
Have You Any Tricks?
In something as big as Azure, everyone has different experiences and knowledge. Have you learned any more tricks in addition to the above? If so, please share in the comments below.