Skip to content

microsoft/vscode-azureresourcegroups

Repository files navigation

Azure Resources for Visual Studio Code (Preview)

Build Status

View and manage Azure resources directly from VS Code.

Resources explorer

Sign up today for your free Azure account and receive 12 months of free popular services, $200 free credit and 25+ always free services 👉 Start Free.

Move to built-in VS Code authentication

The Azure Resources extension now uses the built-in VS Code Microsoft authentication provider to authenticate with Azure, and no longer depends on the Azure Account extension. This move increases the reliability of Azure authentication, especially when using a proxy.

How to Sign In

Sign in by selecting the "Sign in to Azure..." item in the Azure Resources view.

Note: Sessions won't be migrated from Azure Account to the new built-in authentication. This means you will have to sign in once Azure Resources updates to v0.8.0.

Sign in

You can also sign in using the new "Azure: Sign In" command contributed by the Azure Resources extension. Note: make sure you don't mistake it for the old Azure Account "Azure: Sign In" command.

Sign in using command palette

How to Sign Out

Sign out in the Accounts menu located in the bottom left of your VS Code window.

Sign out with Accounts menu

Filter Subscriptions

You can filter the displayed subscriptions just as before, by selecting the Filter icon on any subscription. Previously filtered subscriptions will not be migrated automatically.

Filter subscriptions

The filtered subscriptions are stored in the new azureResourceGroups.selectedSubscriptions setting.

Manage Accounts & Tenants

You can use the Accounts and Tenants view to manage and authenticate tenants. By checking and unchecking tenants, subscriptions within the Resources view and subscription filter will be filtered out.

Accounts & Tenants view

Sign In to another account

With the Accounts & Tenants view we have also added multi-account support. You can sign into a new account by clicking the + icon in the right corner of the view.

Sign in to Account

Sign In to a Specific Directory/Tenant

Within the tenants view you can now Sign In to a specific tenant by checking an unauthenticated tenant.

Authenticate Tenant

Users are still able to use the "Sign in to Tenant (Directory)" along with the tenants view. This is useful for directories/tenants that require MFA. Executing this command will show a menu with a list of unauthenticated directories. If the list is empty, then sessions exist for each directory already.

Using Sovereign Clouds

Sovereign Clouds

To connect to a sovereign cloud users can click the gear button on the right side of the tenants view. This will bring up a list of sovereign clouds and once chosen the microsoft-sovereign-cloud.environment setting will automatically be set.

Support for vscode.dev

The Azure Resources extension fully supports running on vscode.dev and github.dev. This means you can use the Azure Resources extension to manage your Azure resources directly from your browser! Note that this does not require the Azure Accounts extension and uses VS Code's built-in authentication provider.

Features

Resource and Workspace views

Use the Resources explorer to create and manage Azure resources. Use the Workspace explorer to create files and deploy.

Azure explorer

Grouping

Change the way resources are grouped to fit your workflow.

Grouping

Activity Log

View all of your recent activities and quickly access resources you've recently created in the Activity Log.

Activity Log

Create Resources

Create an Azure resource from your installed extensions directly in VS Code.

Create Resource

Azure Cloud Shell

Azure Cloud Shell instances can be started via the terminal view in VS Code. To begin, click the dropdown arrow in the terminal view and select from either Azure Cloud Shell (Bash) or Azure Cloud Shell (PowerShell).

VS Code terminal view with context menu

If this is your first time using the Cloud Shell, the following notification will appear prompting you to set it up.

"Must setup cloud shell" notification

The Cloud Shell will load in the terminal view once you've finished configuring it.

The Azure Cloud Shell in the terminal window

You may also upload files to Cloud Shell using the Azure: Upload to Cloud Shell command.

Azure Extensions

Install these extensions to enable additional resource-specific features.

Troubleshooting

"unable to get local issuer certificate" on a corporate network

If you're on a corporate network that performs HTTPS/SSL inspection (for example Zscaler, Netskope, Cisco Umbrella, or an internal certificate authority), you may see errors like unable to get local issuer certificate or self-signed certificate in certificate chain in the Azure Resources output channel, and resources may fail to load.

This happens because the inspection proxy re-signs TLS traffic with your organization's root CA. Signing in uses VS Code's built-in Microsoft authentication, which respects VS Code's proxy and certificate settings, but the extension's Azure management (ARM) calls run in the extension-host Node.js process, which by default does not trust certificates from the operating system store. Node.js therefore rejects the re-signed certificate.

To fix it, tell Node.js and VS Code about your corporate root CA:

  1. Export your corporate root CA as a PEM (.pem/.crt) file. Your IT department can provide this, or you can export it from the OS certificate store. If you have multiple CAs, concatenate them into a single PEM file.

  2. Set the NODE_EXTRA_CA_CERTS environment variable to the full path of that file, then restart VS Code so the extension host picks it up:

    • Windows (PowerShell, persists for your user):
      setx NODE_EXTRA_CA_CERTS "C:\certs\corp-ca-bundle.pem"
    • macOS / Linux (add to your shell profile, e.g. ~/.zshrc or ~/.bashrc):
      export NODE_EXTRA_CA_CERTS="/etc/ssl/certs/corp-ca-bundle.pem"

    Launch VS Code from an environment where this variable is set (for example, restart it from the terminal or after signing out/in on Windows). Setting it only inside VS Code's integrated terminal is not enough; it must be present in the environment that starts VS Code.

  3. Check VS Code's certificate and proxy settings in Settings:

    • "http.systemCertificates": true: use the OS certificate store for VS Code's own requests (on by default).
    • "http.proxySupport": leave at the default "override" so VS Code applies proxy support to its requests.
    • "http.proxy": set this to your proxy URL if your organization requires an explicit proxy (otherwise VS Code uses the system proxy).
    • "http.proxyStrictSSL": leave true. Only set it to false as a last resort, since it disables certificate validation and is insecure.

Which setting fixes what: token sign-in goes through VS Code's built-in Microsoft authentication, so "http.systemCertificates": true is what covers it; the extension's Azure management (ARM) calls run in the Node.js extension host and require NODE_EXTRA_CA_CERTS. Set both to be safe. See the VS Code network connections documentation for more on proxy and certificate configuration.

Contributing

There are a couple of ways you can contribute to this repo:

  • Ideas, feature requests and bugs: We are open to all ideas and we want to get rid of bugs! Use the Issues section to either report a new issue, provide your ideas or contribute to existing threads.
  • Documentation: Found a typo or strangely worded sentences? Submit a PR!
  • Code: Contribute bug fixes, features or design changes:
    • Clone the repository locally and open in VS Code.
    • Run "Extensions: Show Recommended Extensions" from the command palette and install all extensions listed under "Workspace Recommendations"
    • Open the terminal (press CTRL+ `) and run npm install.
    • To build, press F1 and type in Tasks: Run Build Task.
    • Debug: press F5 to start debugging the extension.

Legal

Before we can accept your pull request you will need to sign a Contribution License Agreement. All you need to do is to submit a pull request, then the PR will get appropriately labelled (e.g. cla-required, cla-norequired, cla-signed, cla-already-signed). If you already signed the agreement we will continue with reviewing the PR, otherwise system will tell you how you can sign the CLA. Once you sign the CLA all future PR's will be labeled as cla-signed.

Code of Conduct

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Telemetry

VS Code collects usage data and sends it to Microsoft to help improve our products and services. Read our privacy statement to learn more. If you don’t wish to send usage data to Microsoft, you can set the telemetry.enableTelemetry setting to false. Learn more in our FAQ.

License

MIT

About

VS Code extension for managing Azure resources.

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Contributors