Written by 4:26 pm Microsoft, Microsoft Azure, PowerShell

Azure Stack Readiness Checker – AzsReadinessChecker


Since I am dealing with a lot of Azure Stack installations I also want to share some interesting tools you can leverage like the Azure Stack Capacity Calculator and others. One of the latest I want to share with you is the Azure Stack Readiness Checker PowerShell module called AzsReadinessChecker. This PowerShell module helps you to run validations of your environment and resources before you deploy Azure Stack. The AzsReadinessChecker module for example validates things like:

  • Certificates
  • Azure Active Directory
  • Azure Accounts
  • Azure Subscriptions

The Start-AzsREadinessChecker cmdlet also helps to generate a Certificate Signing Request (CSR) which you can summit to your CA or your CA provider to get the specific certificates.

Install the AzsReadinessChecker PowerShell module

To install the AzsReadinessChecker PowerShell module, you can simply run the following command to install it from the PSGallery:

Install-Module Microsoft.AzureStack.ReadinessChecker

Generate CSR for Azure Stack Certificates

To generate the Certificate Signing Request (CSR) for the Azure Stack Public Certificates, you can use the simple command. You will need to enter all the information from your Azure Stack deployment like Region, FQDN and more.

$regionName = 'swiss01'
$externalFQDN = 'azurestack.thomasmaurer.ch'
$subjectHash = [ordered]@{"OU"="AzureStack";"O"="ThomasMaurer";"L"="Zurich";"ST"="Baselland";"C"="CH"}
Start-AzsReadinessChecker -regionName $regionName -externalFQDN $externalFQDN -Subject $subjectHash -IdentitySystem AAD -requestType SingleCSR

This will then generate the .req file.

Validate Azure Stack Certificates

After you got your generated Azure Stack Certificates, you can validate them. For that you can also simply use the Start-AzsReadinessChecker cmdlet.

$password = Read-Host -Prompt "Enter PFX Password" -AsSecureString
Start-AzsReadinessChecker -CertificatePath .\Certificates\ -PfxPassword $password -RegionName swiss01 -FQDN azurestack.thomasmaurer.cch -IdentitySystem AAD

Validate Azure Readiness for Azure Stack

As mentioned you will need other resources in Azure to deploy Azure Stack. With the AzsReadinessChecker, you can also validate these. Here are some examples for the validation. For a full list check out the Azure Stack documentation page for: Start-AzsReadinessChecker cmdlet reference

Validate Azure AD identity for Azure Stack

$serviceAdminCredential = Get-Credential -Message "Enter Credentials for Service Administrator of Azure Active Directory Tenant e.g. [email protected]"
Start-AzsReadinessChecker -AADServiceAdministrator $serviceAdminCredential -AzureEnvironment AzureCloud -AzureDirectoryTenantName azurestack.thomasmaurer.ch

Validate Azure Subscription for Azure Stack

$registrationCredential = Get-Credential -Message "Enter Credentials for Subscription Owner"e.g. subscriptionowner@thomasmaurer.ch"
Start-AzsReadinessChecker -RegistrationAccount $registrationCredential -RegistrationSubscriptionID $subscriptionID -AzureEnvironment AzureCloud

Tags: , , , , , , , , , , , , Last modified: August 14, 2018
Close Search Window