We’re very happy to announce that the Exchange Online PowerShell module is now available in Azure Cloud Shell!
If you're an Exchange admin and you've never used Azure Cloud Shell before (or have no idea what it even is!), then this blog post is for you. We know it’s hard to keep up to date with all the different things Microsoft is doing at any point in time, so we’re making sure our Exchange admins know about this pretty nifty capability we recently released. In short, Azure Cloud Shell is a browser-based, authenticated shell experience, hosted by Microsoft.
You can use any browser to securely open a shell environment hosted in Azure, then you can connect to Exchange Online (and of course, Azure) – and have the exact same experience managing Exchange Online that you do today – but without any of the concerns about installation of required components or operating system suitability.
To get started, you can either point your browser at shell.azure.com or launch Cloud Shell directly from the Azure portal by clicking the Cloud Shell icon (shown below, top bar, highlighted by the small blue box) and select the PowerShell experience. If you’re coming from shell.azure.com you’ll have to authenticate and complete any MFA requirements (we hope that your subscription has MFA enabled across all accounts).
From there all you need to do is run Connect-EXOPSSession. You need to use an account with the correct Role Based Access Control (RBAC) role assignments and permissions. The best part of this whole experience is that we have enabled Single Sign On (SSO) so there’s no need to provide any additional credentials.
The Exchange cmdlets are automatically pulled down to the Cloud Shell environment and this allows you to perform exactly the same tasks as you might normally have done using Exchange Online PowerShell directly.
Take a look at this video from last year’s Ignite conference to see how we tried to make this process as straightforward as possible. And all you need is a browser!
The section below covers some of the most frequent questions. However, we encourage you to use the comments section below to post your comments and questions and we’ll do our best to answer them.
How does this really work?
When you start a Cloud Shell session, you are connected to a Linux container run by Microsoft. Yes, it’s actually running on Linux. To make that possible we had to re-factor the Exchange Online PowerShell code to work with PowerShell Core.
Once that session is open, you can use any of the tools available in Azure Cloud Shell and Exchange Online PowerShell is now one of them.
What license or other requirements are there?
To use Cloud Shell, you only need an Azure subscription and an Azure Storage account. Cloud Shell needs a Storage account in Azure for temporary storage of the cmdlet working environment, for any import/exports you do, and to save your scripts and other files. This storage is persisted for your account, so wherever and whenever you use Cloud Shell any files/scripts you have are always available.
The only cost for running Azure Cloud Shell comes from using an Azure Storage account which is typically very low. Azure Storage charges are based on a consumption model, so you only pay for what you use. We highly recommend that you always monitor closely your Azure consumption. For more details on pricing please see here.
Is this really the full set of Exchange cmdlets? What’s missing?
Yes, this is the entire Exchange Online cmdlet library. Everything has been modified to work in PowerShell Core. Everything works in the same way as it does today, it’s just accessed differently.
Are you deprecating the current Exchange PowerShell module in favor of this?
We have no plans to do that currently.
What about RBAC?
RBAC is fully respected and works just as it does with Windows PowerShell.
How do I import and export data?
From the Azure Portal or shell.azure.com, there is an Upload/Download icon in the toolbar which can be used to move your local scripts to Cloud Shell and vice versa. You are also able to drag and drop local files into the terminal and they will be automatically uploaded to Cloud Shell.
From the terminal, a Download command is available to install a desired file from Cloud Shell.
Files that are saved under the clouddrive in Cloud Shell will also be surfaced anywhere you can browse your Azure storage accounts, like for instance Azure Storage Explorer.
How do I keep Cloud Shell up to date?
You don’t need to – we do that for you. That’s the beauty of this setup, it’s always up to date, and secure, and accessible from anywhere you can get to with a browser.
Are there any other ways of accessing Cloud Shell?
Azure Cloud Shell is available from the Azure Portal, shell.azure.com, the Azure Mobile App, the Azure Extension in Visual Studio Code, the “Try it” button in Microsoft Docs, and Microsoft Learn.
What other constraints are there?
The only one we want to call out is timeouts – in order to ensure we don’t have sessions running forever doing nothing, we timeout sessions that don’t have interactive use. In short, if you don’t touch the machine for more than 20 minutes (approx.) we will reclaim the session. We anticipate that the current timeout should work for most ad-hoc management scenarios but if you intend to execute long-running scripts then Cloud Shell is not the best tool for the job.
That’s about all we need to tell you for now, and we’d love to hear your feedback in the comments section. There’s also a QuickStart guide here, so take Cloud Shell for a spin today.
Danny Maertens
Azure Cloud Shell PM (and a big fan of Exchange)