Connect to Azure Stack Hub with PowerShell
You can configure Azure Stack Hub to use PowerShell to manage resources like creating offers, plans, quotas, and alerts. This article helps you configure the operator environment.
Prerequisites
Run the following prerequisites either from the Azure Stack Development Kit (ASDK) or from a Windows-based external client if you're connected to the ASDK through VPN.
- Install Azure Stack Hub-compatible Azure PowerShell modules.
- Download the tools required to work with Azure Stack Hub.
Connect with Microsoft Entra ID
To configure the Azure Stack Hub operator environment with PowerShell, run the following script. Replace the Microsoft Entra tenantName and Azure Resource Manager endpoint values with your own environment configuration.
Note
If your session expires, your password has changed, or you want to switch accounts, run the following cmdlet before you sign in using Connect-AzAccount: Remove-AzAccount -Scope Process.
# Register an Azure Resource Manager environment that targets your Azure Stack Hub instance. Get your Azure Resource Manager endpoint value from your service provider.
Add-AzEnvironment -Name "AzureStackAdmin" -ArmEndpoint "https://adminmanagement.local.azurestack.external" `
-AzureKeyVaultDnsSuffix adminvault.local.azurestack.external `
-AzureKeyVaultServiceEndpointResourceId https://adminvault.local.azurestack.external
# Set your tenant name.
$AuthEndpoint = (Get-AzEnvironment -Name "AzureStackAdmin").ActiveDirectoryAuthority.TrimEnd('/')
$AADTenantName = "<myDirectoryTenantName>.onmicrosoft.com"
$TenantId = (invoke-restmethod "$($AuthEndpoint)/$($AADTenantName)/.well-known/openid-configuration").issuer.TrimEnd('/').Split('/')[-1]
# After signing in to your environment, Azure Stack Hub cmdlets
# can be easily targeted at your Azure Stack Hub instance.
Connect-AzAccount -EnvironmentName "AzureStackAdmin" -TenantId $TenantId
Note
AD FS only supports interactive authentication with user identities. If a credential object is required, you must use a service principal (SPN). For more information about setting up a service principal with Azure Stack Hub and AD FS as your identity management service, see Manage an AD FS app identity.
Test the connectivity
Now that you have everything set up, use PowerShell to create resources within Azure Stack Hub. For example, you can create a resource group for an app and add a virtual machine. Use the following command to create a resource group named MyResourceGroup:
New-AzResourceGroup -Name "MyResourceGroup" -Location "Local"