Despite being fairly new, the Azure Cloud Shell has quickly become my go-to place for scripting and programming with Azure. This article describes some of features that make cloud shell useful, and how to use the environment with Python.
What’s to like about Cloud Shell?
Here are my top 5 cloud shell features that make it a useful environment for cloud scripting and programming..
5. It’s an interactive container-on-demand, running an up-to-date patched Linux shell with the commands you’d expect, in a few seconds.
4. The latest version of Azure CLI is pre-installed, connected, and ready to run. In some cases the cloud shell CLI has access to preview features not available elsewhere, this week for example, Container Instances.
3. Your home directory is backed by an Azure storage account – any files you create are there for you next time you connect, from any device.
2. The shell includes Python, and it’s Python 3 by default – thank you. You can install any Python libraries into the user environment. It also has go, and much more.
1. Automatic cloud authentication – each time you start a cloud shell, it puts a current Azure authentication token in the CLI cache. You can use this token for more than CLI, for example calling the Azure REST API directly.
Note: The latest CLI versions now also include a command to display the current authentication token. Try:
- az account get-access-token
Python programming with the cloud shell
To successfully install Python libraries in the cloud shell, make sure you install them in the user environment, so you don’t need root access. E.g. add the –user argument to pip.
pip install --user --upgrade azurerm
The azurerm library can authenticate using an Azure Service Principal, but it also includes a couple of handy functions for getting an authentication token and default subscription ID directly from the CLI cache. I.e. get_access_token_from_cli() and get_subscription_from_cli().
A Python script to create a new Azure resource group using azurerm in Azure cloud shell looks like this:
import azurerm auth_token = azurerm.get_access_token_from_cli() subscription_id = azurerm.get_subscription_from_cli() rgname = 'containergroup' location = 'westus' response = azurerm.create_resource_group(auth_token, subscription_id, rgname, location) if response.status_code == 200 or response.status_code == 201: print('Resource group: ' + rgname + ' - created successfully.') else: print('Return code ' + str(response.status_code) + ' from create_resource_group')
Creating container instances
Both the cloud shell CLI and the azurerm library support the Container Instance groups preview.
Here is an example that creates an nginx based container group using the same resource group:
import azurerm import json auth_token = azurerm.get_access_token_from_cli() subscription_id = azurerm.get_subscription_from_cli() rgname = 'containergroup' location = 'westus' container_name = 'ngx' container_group_name = 'ngxgroup' image = 'nginx' iptype = 'public' port = 80 container_def = azurerm.create_container_definition(container_name, image, port=port) container_list = [container_def] response = azurerm.create_container_instance_group(auth_token, subscription_id, rgname, container_group_name, container_list, location, port=port, iptype=iptype) if response.status_code == 200 or response.status_code == 201: print('create_container_group: ' + container_group_name + ' - called successfully.') else: print('Return code ' + str(response.status_code) + ' from create_container_group')
From here you could use CLI or azurerm to do a GET on the container group to get the public IP address and other details.
The cloud shell provides a self-contained development environment to make direct calls to the Azure management endpoint, without requiring extra authentication or needing to mess with Service Principals to use it.
Cloud shell wish list
The main thing I’d love to see improve would be to make it easier to copy/paste text to and from the shell. This sometimes works for me, and sometimes crashes the shell. This is a small and hopefully temporary inconvenience however.
Update: ctrl-insert and shift-insert can be used as copy/paste shortcuts in the cloud shell.