What is Azure’s Cloud Shell?
Azure Cloud Shell is a browser-based, interactive shell that comes in two flavors: PowerShell and Bash. Microsoft has had this in public preview for some time now. It offers you the ability to pretty much get a PowerShell prompt to your Azure subscription (or Bash) from anywhere and on any device.
While the Azure Portal tends to be the main place administrators manage resources and services, there are times it is just quicker to run a PowerShell or CLI command. You also have cases where the use of PowerShell/CLI is the only option for some task. Cloud Shell also means you are no longer tied to having access to one machine that has all your tools installed. You can quickly access a full PowerShell session that has both AzureRM module and the Azure CLI installed. At the click or tap of a button, you don’t have to think of things like, “Is the AzureRM module installed on this machine?”.
Access from anywhere
Being that it is hosted in the cloud it goes without saying that it should be available from anywhere you are, so Microsoft provides access via multiple paths:
An unofficial method is also available via an open source app that Tyler Leonhardt (@TylerLeonhardt) published. He also happens to be the maintainer for the PowerShell Extension in VS Code. You can download the app from his GitHub repository here.
The Cloud Shell is run within a container via the Azure Container Service at no charge to you or your subscription for the container itself. The only cost for Cloud Shell is the storage account that is created and associated to it. The first time you open Cloud Shell from the Azure Portal you will need to select whether you want Bash or PowerShell, I chose PowerShell. After that you can select your subscription and Azure will automatically create a storage account and resource group. If you go through the advanced options it provides you with the ability to use a preexisting storage account. Using the option to just let Azure create the resources, after you click on “Create Storage” you will see output around the storage creation, and then when the prompt is returned it will have your location set to the Azure Drive (
Azure:\, more on this in a bit).
Two important items to be aware of:
1. There is a timeout for Cloud Shell. It is set to 20 minutes right now, so after 20 minutes of inactivity you will be disconnected. I found with VS Code extension, it simply disappears or closes that terminal.
2. As stated in the limitations in Cloud Shell this is meant as an interactive experience and use; so non-interactive processes that are long running can be killed without warning.
The storage account that is tied to Cloud Shell will get mounted to the container on start up for you. This is mounted under the user profile for PowerShell. You can find this under
$home\CloudDrive, or the full path would be
Beauty in the little things
The beauty of having this storage is it allows you to persist files between sessions. When you start and exit (or your session times out) for the Cloud Shell, that container that was spun up is removed. So any files or items you install outside of your CloudDrive will be lost, you should consider it as ephemeral storage.
Since the storage account is Azure Storage you can upload and retrieve files via the normal methods (e.g. via Azure Storage Explorer or via Azure Portal). There are three methods now that allow you to upload files directly:
2. Accessing via Azure Portal
3. VS Code’s Azure Account extension
VS Code has a monthly cadence now so extensions are being updated from Microsoft just as frequently. While preparing this post the extension that provides access to the Azure Cloud Shell was updated to include support for uploading a file. The only thing specific to this method is that in the Shell you have to ensure you current location is set to the
$home\CloudDrive directory, otherwise from what I could figure out it goes into an area that only Neo could access.
A side note:
I have at times experienced the cloud drive failing to mount when the Shell starts. I have seen a few posts stating this primarily happens when your storage account is lost. Which in my testing I did happen to drop my storage account to just see what would happen. If you delete or loose that storage account and file share you basically reset your Cloud Share. The next time you access it you will simply be taken through that initial wizard again.
Being that I did drop my storage account intentionally, even after I let it create another one, I would still receive the error on startup sometimes. Restarting my session would allow it to finally mount my file share for me, but I didn’t want to keep doing that all the time. Researching the issue I found the work around when this starts happening is you basically have to force Cloud Shell to reset and then you can re-associate the storage account again. I just run
Dismount-CloudDrive within a Cloud Shell session and once it has completed the session closed. The next time I accessed it, I had to go through the setup wizard again. This time though I went through the advanced option and selected my current storage account and file share. So far I have not experienced any more errors on startup.
SHiPs provider and the Azure drive
It would be pretty boring if all this was just an empty container and a mounted file share, right? Well, Microsoft has not left us high and dry. One of the default modules that is pre-loaded for you is the Simple Hierarchy in PowerShell (SHiPS). This is a provider that allows you to build out a directory tree structure and lets you traverse those objects like you would the system volume of a Windows Server. In this case it is your Azure subscriptions.
Outside of just PowerShell and PowerShell modules Microsoft has provided other tools that can be used for automation or simple convenience. You can see from the screenshot below the container has Python and Git. One thing that threw me a bit was when I saw Vim is available…Who does not love Vim?
I opened up Vim to play around and found Microsoft has integrated the PowerShell Editor Service. This allows you to have full intellisense for PowerShell built-in commands, and installed modules you may be using. This also (apparently) comes with PSScriptAnalzyer support as well.
For those not comfortable with Vim you also have Nano that can be used for editing files, it just does not include the Editor Services so no intellisense is available.
Adding PowerShell modules
Cloud Shell allows you access to the PowerShell Gallery, so you can install any module that you want or need. As noted earlier that anything outside of the CloudDrive should be considered ephemeral, you need to ensure when installing modules that you scope it to
CurrentUser. This will ensure it persist from session to session.
Now you may be asking: if only things inside of the
$home\CloudDrive directory are persisted, how do modules you install stay around? It is by Symbolic links. You may already know but you can ensure modules are installed under your user profile by running the command with the scope set to
Install-Module MyModule -Scope CurrentUser
This will ensure it will always be installed within the profile of the given user; more specifically for Cloud Shell in the full path
Microsoft auto configures a symbolic link for you where the modules will be installed under
$home\CloudDrive\.pscloudshell\PowerShell\modules\ if you fancy using PowerShell Core. You can see the symbolic link that is created by checking the file object of the profile path. You can simply run:
Get-Item C:\Users\ContainerAdministrator\Documents\WindowsPowerShell\ | Format-List
Take note of the two properties LinkType and Target:
Closing it up
Azure Cloud Shell while still in preview, is a big step forward in interactively managing your Azure resources (or just needing a PowerShell environment to work from) more easily. You can find more information around Cloud Shell by checking the documentation. As well, as you are using it, if you see features missing or not working as you expect, Microsoft would love the feedback. You can find the feedback site for this product here.