Creating a Resource Group in Azure

A resource group allows for us to leverage a logical container to manage our Azure resources in an efficient way.

For example, let’s say this website requires a VM, some storage, and a user database. All of these resources would then be managed under one resource group for efficiency. By using a resource group we could assign access controls for the right users only to the groups they controlled or we could get a breakdown for how much a specific group costs to run or we can push an update to all resources in the group at once or if it a resource group is no longer needed we can simply blow it all away.

To create a resource group, start by opening the Cloud Shell terminal from the Azure Portal.

$resourceGroupName = Read-Host -Prompt "Enter the name of your Resource Group"
$location = Read-Host -Prompt "Enter the location (i.e. centralus)"

New-AzResourceGroup -Name $resourceGroupName -Location $location

Reference:

https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/manage-resources-powershell

Creating Users in Azure AD

Azure AD introduces a lot of simplicity to working the directory, so much so that creating users and groups in Azure AD is easier than creating them on-prem.

When adding a new user in Azure AD we are given a few ways to do this. You can create the user through the traditional process, you can invite an user from another AD to participate in your AD, or you can add/invite users in bulk. And of course, all of this can be done through PowerShell.

Open the Cloud Shell terminal from the Azure Portal. To work with Azure AD from PowerShell we need to run

Connect-AzureAD

Once connected to Azure AD we must create a password profile object to avoid passing passwords through plaintext. We can do this by creating a variable that instantiates the password profile object

$pwprofile = New-Object -Type Microsoft.Open.AzureAD.Model.PasswordProfile

We then need to store the temporary password in this variable

$pwprofile.password = "hunter2"

Now that the pwprofile variable has the password object we can create the new user

New-AzureADUser -AccountEnabled $true -PasswordProfile $pwprofile -DisplayName "PSEUser" -UserPrincipalName "PSEUser@powershellengineering.com" -MailNickName "PSEUser"

And there you have it, new Azure AD user.