Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Introduction
If you’ve ever logged into the Azure portal and clicked through the steps to create a virtual machine (VM), you know it works… but it can be slow and repetitive. Now imagine doing that for 10, 50, or even 100 VMs. That’s where PowerShell automation saves the day.
In this post, we’ll walk through how to create and configure an Azure VM using PowerShell, step by step. By the end, you’ll have a working VM deployed in your Azure subscription — all from your terminal.
Why Automate VM Deployment?
Manual deployments in the Azure Portal are fine for quick experiments, but automation gives you:
- Consistency – every VM is created with the same configuration.
- Speed – spin up VMs in seconds without clicking through menus.
- Scalability – deploy multiple VMs across environments with just a script.
- Version control – store scripts in GitHub/DevOps pipelines.
Automation = fewer mistakes, less time wasted, and a lot more control.
Prerequisites
Before we jump into the script, make sure you have:
- An Azure subscription (free or paid).
- The Azure PowerShell module installed. Run this if you don’t have it yet:
Install-Module -Name Az -AllowClobber -Force
Logged into your account:
Connect-AzAccount
Step 1: Create a Resource Group
Every VM lives inside a resource group. Let’s create one:
New-AzResourceGroup -Name MyResourceGroup -Location eastus
This will create a container to hold all the resources we’ll build (VM, network, disks, etc.).
Step 2: Create Networking Resources
A VM needs a virtual network (VNet), a subnet, and a public IP. Let’s create them with a few commands:
# Create VNet
$subnetConfig = New-AzVirtualNetworkSubnetConfig -Name "mySubnet" -AddressPrefix "10.0.0.0/24"
$vnet = New-AzVirtualNetwork -ResourceGroupName MyResourceGroup -Location eastus `
-Name "myVNet" -AddressPrefix "10.0.0.0/16" -Subnet $subnetConfig
# Public IP
$pip = New-AzPublicIpAddress -ResourceGroupName MyResourceGroup -Location eastus `
-Name "myPublicIP" -AllocationMethod Dynamic
# Network Security Group (firewall rules)
$nsgRuleRDP = New-AzNetworkSecurityRuleConfig -Name "Allow-RDP" -Protocol Tcp -Direction Inbound `
-Priority 1000 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * `
-DestinationPortRange 3389 -Access Allow
$nsg = New-AzNetworkSecurityGroup -ResourceGroupName MyResourceGroup -Location eastus `
-Name "myNSG" -SecurityRules $nsgRuleRDP
# NIC
$nic = New-AzNetworkInterface -ResourceGroupName MyResourceGroup -Location eastus `
-Name "myNic" -SubnetId $vnet.Subnets[0].Id -PublicIpAddressId $pip.Id -NetworkSecurityGroupId $nsg.Id
This script creates a secure network for your VM with RDP (Remote Desktop) access enabled.
Step 3: Define VM Configuration
Now let’s configure the VM itself.
# VM credentials
$cred = Get-Credential -Message "Enter username and password for the VM"
# VM config
$vmConfig = New-AzVMConfig -VMName "myVM" -VMSize "Standard_B1s" |
Set-AzVMOperatingSystem -Windows -ComputerName "myVM" -Credential $cred -ProvisionVMAgent -EnableAutoUpdate |
Set-AzVMSourceImage -PublisherName "MicrosoftWindowsServer" -Offer "WindowsServer" `
-Skus "2019-Datacenter" -Version "latest" |
Add-AzVMNetworkInterface -Id $nic.Id
Here, we’re setting:
- VM size (
Standard_B1s= small, cost-effective) - OS image (Windows Server 2019 Datacenter)
- Credentials (username/password for login)
Step 4: Create the VM
Finally, let’s deploy the VM:
New-AzVM -ResourceGroupName MyResourceGroup -Location eastus -VM $vmConfig
That’s it! In a few minutes, your VM will be up and running in Azure.
Step 5: Verify in the Azure Portal
Head over to the Azure Portal → Resource Groups → MyResourceGroup. You should see:
- A VM
- A Public IP
- A VNet + Subnet
- An NSG (with RDP enabled)
You can now connect to your VM via Remote Desktop using the public IP and the credentials you provided earlier.
Automating Linux VM Deployment in Azure with PowerShell
We’ve already seen how to automate a Windows VM deployment with PowerShell. But what if you want a Linux VM (for hosting apps, containers, or web servers)? The good news: the process is almost the same — except we’ll use SSH keys instead of passwords.
Step 1: Create a Resource Group
New-AzResourceGroup -Name LinuxRG -Location eastus
Step 2: Create Networking Resources
# Subnet & VNet
$subnetConfig = New-AzVirtualNetworkSubnetConfig -Name "linuxSubnet" -AddressPrefix "10.1.0.0/24"
$vnet = New-AzVirtualNetwork -ResourceGroupName LinuxRG -Location eastus `
-Name "linuxVNet" -AddressPrefix "10.1.0.0/16" -Subnet $subnetConfig
# Public IP
$pip = New-AzPublicIpAddress -ResourceGroupName LinuxRG -Location eastus `
-Name "linuxPublicIP" -AllocationMethod Dynamic
# Network Security Group (allow SSH)
$nsgRuleSSH = New-AzNetworkSecurityRuleConfig -Name "Allow-SSH" -Protocol Tcp -Direction Inbound `
-Priority 1000 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * `
-DestinationPortRange 22 -Access Allow
$nsg = New-AzNetworkSecurityGroup -ResourceGroupName LinuxRG -Location eastus `
-Name "linuxNSG" -SecurityRules $nsgRuleSSH
# NIC
$nic = New-AzNetworkInterface -ResourceGroupName LinuxRG -Location eastus `
-Name "linuxNic" -SubnetId $vnet.Subnets[0].Id -PublicIpAddressId $pip.Id -NetworkSecurityGroupId $nsg.Id
Step 3: Generate or Use Existing SSH Keys
If you don’t already have SSH keys, generate them locally:
ssh-keygen -t rsa -b 2048
This creates id_rsa (private key) and id_rsa.pub (public key) in your ~/.ssh folder.
Step 4: Define VM Configuration
# Load SSH public key
$sshPublicKey = Get-Content -Path "$env:USERPROFILE\.ssh\id_rsa.pub"
# VM config
$vmConfig = New-AzVMConfig -VMName "linuxVM" -VMSize "Standard_B1s" |
Set-AzVMOperatingSystem -Linux -ComputerName "linuxVM" -Credential (New-Object System.Management.Automation.PSCredential("azureuser",(ConvertTo-SecureString "DummyPassword123!" -AsPlainText -Force))) -DisablePasswordAuthentication |
Set-AzVMSourceImage -PublisherName "Canonical" -Offer "UbuntuServer" `
-Skus "20_04-lts" -Version "latest" |
Add-AzVMNetworkInterface -Id $nic.Id
# Add SSH Key
$vmConfig = Add-AzVMSshPublicKey -VM $vmConfig -KeyData $sshPublicKey -Path "/home/azureuser/.ssh/authorized_keys"
Notice here:
- Linux OS → Ubuntu 20.04 LTS.
- DisablePasswordAuthentication → password logins are off for better security.
- SSH key added → ensures secure login.
Step 5: Create the VM
New-AzVM -ResourceGroupName LinuxRG -Location eastus -VM $vmConfig
Step 6: Connect to the Linux VM
Once the deployment finishes, grab the public IP:
Get-AzPublicIpAddress -ResourceGroupName LinuxRG -Name linuxPublicIP | Select-Object IpAddress
Now connect via SSH:
ssh azureuser@<Public-IP>
Wrapping Up
With just a few tweaks to our PowerShell script, we’ve automated a Linux VM deployment in Azure.
Now you know how to:
- Automate Windows VMs with RDP access.
- Automate Linux VMs with SSH keys.
This covers most real-world VM automation needs in Azure. From here, you can extend the script to:
- Add custom scripts/extensions (e.g., install Nginx, Docker).
- Deploy multiple VMs in a loop.
- Integrate with ARM templates or Bicep for hybrid automation.
