By now you may already know Azure Cloud Shell, available directly from the Azure/Office 365 portals or from the URL https://shell.azure.com, the shell management tool running directly from your web browser.
Well, you can now connect Azure Cloud Shell with a virtual network on your Azure tenant; this could be handy when you have to manage services with no public IP address.
To be able to do it you need to deploy a specific template for both the virtual network and the storage account used by Axure Cloud Shell.
Don’t worry you are not create a new virtual network
These templates are available from:
- Virtual Network for Azure Cloud Shell: https://azure.microsoft.com/en-us/resources/templates/101-cloud-shell-vnet/?WT.mc_id=thomasmaurer-blog-thmaure
- Storage Account for Azure Cloud Shell connected to a VNet: https://azure.microsoft.com/en-us/resources/templates/101-cloud-shell-vnet-storage/?WT.mc_id=thomasmaurer-blog-thmaure
You can also create a full new Cloud Shell storage account and use the option Show VNET isolation settings
NOTE this is currently only available for West US and West Central US region for storage account
Prerequisites
You need to first register the containerinstances resource provider using either the Azure portal or the command
Register-AzureRmResourceProvider -ProviderNamespace Microsoft.ContainerInstance
![image_thumb[11]](https://www.cubesys.com.au/wp-content/uploads/2020/08/image_thumb11-21.png "image_thumb[11]")
![image_thumb[12]](https://www.cubesys.com.au/wp-content/uploads/2020/08/image_thumb12-11.png "image_thumb[12]")
Use the VNET isolation settings
This option is only available for existing storage account
You will need to disconnect Azure Cloud Shell to be able to use it (see Reconnect Azure Cloud Shell as the end of this post)
![image_thumb[9]](https://www.cubesys.com.au/wp-content/uploads/2020/08/image_thumb9-22.png "image_thumb[9]")
Use the templates
For both just use the Deploy to Azure button
![image_thumb[1]](https://www.cubesys.com.au/wp-content/uploads/2020/08/image_thumb1-232.png "image_thumb[1]")
![image_thumb[2]](https://www.cubesys.com.au/wp-content/uploads/2020/08/image_thumb2-182.png "image_thumb[2]")
As you may know when you deploy such template you will define the subscription and the resource group where the template will be deployed as well as the specific details for each object.
Deployment of the Virtual Network Template
You will need to use an existing virtual network name.
You can get the Azure Container Instance OID using the below command
Get-AzADServicePrincipal -DisplayNameBeginsWith ‘Azure Container Instance’
Then other settings are self-explanatory.
![image_thumb[3]](https://www.cubesys.com.au/wp-content/uploads/2020/08/image_thumb3-143.png "image_thumb[3]")
![image_thumb[4]](https://www.cubesys.com.au/wp-content/uploads/2020/08/image_thumb4-113.png "image_thumb[4]")
![image_thumb[5]](https://www.cubesys.com.au/wp-content/uploads/2020/08/image_thumb5-72.png "image_thumb[5]")
Once the deployment is completed, you will see the new subnets available in your virtual network and you can now deploy the Storage Account template.
Deployment of the Storage Account template
You will define the same virtual network and subnets as above
![image_thumb[6]](https://www.cubesys.com.au/wp-content/uploads/2020/08/image_thumb6-58.png "image_thumb[6]")
Once completed, you are done.
Reconnect Azure Cloud Shell
You just need to reconnect your Azure Cloud Shell by disconnecting from the storage account using the command
cloudrive unmount
or
dismount-cloudrive
![image_thumb[7]](https://www.cubesys.com.au/wp-content/uploads/2020/08/image_thumb7-44.png "image_thumb[7]")
Then you can connect again by re selecting the disconnected storage account
![image_thumb[8]](https://www.cubesys.com.au/wp-content/uploads/2020/08/image_thumb8-33.png "image_thumb[8]")
