How can we improve Azure Cloud Shell?

Allow cloudshell to be created inside a VNET

It would be quite helpful to be able to SSH or PowerShell into systems that are only accessible from inside of the VNET. This would reduce the need for me to fire up my laptop if I just need to check on something quickly on a VM (I could just use the Azure app on my phone at that point).

39 votes
Sign in
Sign in with: Microsoft
Signed in as (Sign out)

We’ll send you updates on this idea

Stephen Steck shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →


Sign in
Sign in with: Microsoft
Signed in as (Sign out)
An error occurred while saving the comment
  • Benjamin Mitchell commented  ·   ·  Flag as inappropriate

    Another month and another "No Update".. How long is this going to be "Under Review"? Is this on the backlog or not?

  • BenTheBuilder commented  ·   ·  Flag as inappropriate

    It is crazy that you expect us to expose resources to the public internet to use this tool.for management.

  • Ben Mitchell commented  ·   ·  Flag as inappropriate

    Add me to the list of users that would LOVE this. Attaching cloud shell to VNET would let us manage our resources more securely and efficiently.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Handy for us too. Would like to mount a storage account with our command line tools for managing resources on our VNET, for our support staff etc.

  • Erwen commented  ·   ·  Flag as inappropriate

    We're looking at a managed bastion host as a service. Was hoping ACS would get us close, but it looks like all VMs still need PIPs and winrm open to Any (eeeek).

  • Jasper Siegmund commented  ·   ·  Flag as inappropriate

    We had the same idea. To add to the scenario, we would also find it very useful to be able to do basic things like ping, trace route, DNS resolve, etc. etc. for debug-type scenarios where you would quickly want to see what the situation is for a specific component.

    So what we imagine is that you could instantiate a shell within a specific resource group / vnet / subnet to execute these command within that environment. This would eliminate the need to spawn a VM, which our current way of doing this.

Feedback and Knowledge Base