az keyvault
Manage KeyVault keys, secrets, and certificates.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az keyvault certificate |
Manage certificates. |
Core | GA |
| az keyvault certificate backup |
Backs up the specified certificate. |
Core | GA |
| az keyvault certificate contact |
Manage contacts for certificate management. |
Core | GA |
| az keyvault certificate contact add |
Add a contact to the specified vault to receive notifications of certificate operations. |
Core | GA |
| az keyvault certificate contact delete |
Remove a certificate contact from the specified vault. |
Core | GA |
| az keyvault certificate contact list |
Lists the certificate contacts for a specified key vault. |
Core | GA |
| az keyvault certificate create |
Create a Key Vault certificate. |
Core | GA |
| az keyvault certificate delete |
Deletes a certificate from a specified key vault. |
Core | Deprecated |
| az keyvault certificate download |
Download the public portion of a Key Vault certificate. |
Core | GA |
| az keyvault certificate get-default-policy |
Get the default policy for self-signed certificates. |
Core | GA |
| az keyvault certificate import |
Import a certificate into KeyVault. |
Core | GA |
| az keyvault certificate issuer |
Manage certificate issuer information. |
Core | GA |
| az keyvault certificate issuer admin |
Manage admin information for certificate issuers. |
Core | GA |
| az keyvault certificate issuer admin add |
Add admin details for a specified certificate issuer. |
Core | GA |
| az keyvault certificate issuer admin delete |
Remove admin details for the specified certificate issuer. |
Core | GA |
| az keyvault certificate issuer admin list |
List admins for a specified certificate issuer. |
Core | GA |
| az keyvault certificate issuer create |
Create a certificate issuer record. |
Core | GA |
| az keyvault certificate issuer delete |
Deletes the specified certificate issuer. |
Core | GA |
| az keyvault certificate issuer list |
Lists properties of the certificate issuers for the key vault. |
Core | GA |
| az keyvault certificate issuer show |
Gets the specified certificate issuer. |
Core | GA |
| az keyvault certificate issuer update |
Update a certificate issuer record. |
Core | GA |
| az keyvault certificate list |
List certificates in a specified key vault. |
Core | GA |
| az keyvault certificate list-deleted |
Lists the currently-recoverable deleted certificates. |
Core | GA |
| az keyvault certificate list-versions |
List the versions of a certificate. |
Core | GA |
| az keyvault certificate pending |
Manage pending certificate creation operations. |
Core | GA |
| az keyvault certificate pending delete |
Deletes the creation operation for a specific certificate. |
Core | GA |
| az keyvault certificate pending merge |
Merges a certificate or a certificate chain with a key pair existing on the server. |
Core | GA |
| az keyvault certificate pending show |
Gets the creation operation of a certificate. |
Core | GA |
| az keyvault certificate purge |
Permanently deletes the specified deleted certificate. |
Core | GA |
| az keyvault certificate recover |
Recover a deleted certificate to its latest version. |
Core | GA |
| az keyvault certificate restore |
Restores a backed up certificate to a vault. |
Core | GA |
| az keyvault certificate set-attributes |
Updates the specified attributes associated with the given certificate. |
Core | GA |
| az keyvault certificate show |
Gets information about a certificate. |
Core | GA |
| az keyvault certificate show-deleted |
Get a deleted certificate. |
Core | GA |
| az keyvault create |
Create a Vault or HSM. |
Core | GA |
| az keyvault delete |
Delete a Vault or HSM. |
Core | GA |
| az keyvault delete-policy |
Delete security policy settings for a Key Vault. |
Core | GA |
| az keyvault key |
Manage keys. |
Core | GA |
| az keyvault key backup |
Request that a backup of the specified key be downloaded to the client. |
Core | GA |
| az keyvault key create |
Create a new key, stores it, then returns key parameters and attributes to the client. |
Core | GA |
| az keyvault key decrypt |
Decrypt a single block of encrypted data. |
Core | Preview |
| az keyvault key delete |
Delete a key of any type from storage in Vault or HSM. |
Core | GA |
| az keyvault key download |
Download the public part of a stored key. |
Core | GA |
| az keyvault key encrypt |
Encrypt an arbitrary sequence of bytes using an encryption key that is stored in a Vault or HSM. |
Core | Preview |
| az keyvault key get-policy-template |
Return policy template as JSON encoded policy definition. |
Core | Preview |
| az keyvault key import |
Import a private key. |
Core | GA |
| az keyvault key list |
List keys in the specified Vault or HSM. |
Core | GA |
| az keyvault key list-deleted |
List the deleted keys in the specified Vault or HSM. |
Core | GA |
| az keyvault key list-versions |
List the identifiers and properties of a key's versions. |
Core | GA |
| az keyvault key purge |
Permanently delete the specified key. |
Core | GA |
| az keyvault key recover |
Recover the deleted key to its latest version. |
Core | GA |
| az keyvault key restore |
Restore a backed up key to a Vault or HSM. |
Core | GA |
| az keyvault key set-attributes |
The update key operation changes specified attributes of a stored key and can be applied to any key type and key version stored in Vault or HSM. |
Core | GA |
| az keyvault key show |
Get a key's attributes and, if it's an asymmetric key, its public material. |
Core | GA |
| az keyvault key show-deleted |
Get the public part of a deleted key. |
Core | GA |
| az keyvault list |
List Vaults and/or HSMs. |
Core | GA |
| az keyvault list-deleted |
Get information about the deleted Vaults or HSMs in a subscription. |
Core | GA |
| az keyvault purge |
Permanently delete the specified Vault or HSM. Aka Purges the deleted Vault or HSM. |
Core | GA |
| az keyvault recover |
Recover a Vault or HSM. |
Core | GA |
| az keyvault secret |
Manage secrets. |
Core | GA |
| az keyvault secret backup |
Backs up the specified secret. |
Core | GA |
| az keyvault secret delete |
Delete all versions of a secret. |
Core | Deprecated |
| az keyvault secret download |
Download a secret from a KeyVault. |
Core | GA |
| az keyvault secret list |
List secrets in a specified key vault. |
Core | GA |
| az keyvault secret list-deleted |
Lists deleted secrets for the specified vault. |
Core | GA |
| az keyvault secret list-versions |
List all versions of the specified secret. |
Core | GA |
| az keyvault secret purge |
Permanently deletes the specified secret. |
Core | GA |
| az keyvault secret recover |
Recovers the deleted secret to the latest version. |
Core | GA |
| az keyvault secret restore |
Restores a backed up secret to a vault. |
Core | GA |
| az keyvault secret set |
Create a secret (if one doesn't exist) or update a secret in a KeyVault. |
Core | GA |
| az keyvault secret set-attributes |
Updates the attributes associated with a specified secret in a given key vault. |
Core | GA |
| az keyvault secret show |
Get a specified secret from a given key vault. |
Core | GA |
| az keyvault secret show-deleted |
Gets the specified deleted secret. |
Core | GA |
| az keyvault set-policy |
Update security policy settings for a Key Vault. |
Core | GA |
| az keyvault show |
Show details of a Vault or HSM. |
Core | GA |
| az keyvault show-deleted |
Show details of a deleted Vault or HSM. |
Core | GA |
| az keyvault update |
Update the properties of a Vault. |
Core | GA |
| az keyvault wait |
Place the CLI in a waiting state until a condition of the Vault is met. |
Core | GA |
az keyvault create
Create a Vault or HSM.
If --enable-rbac-authorization is not specified, then default permissions are created for the current user or service principal unless the --no-self-perms flag is specified.
az keyvault create --resource-group
[--administrators]
[--enable-purge-protection {false, true}]
[--enable-rbac-authorization {false, true}]
[--enabled-for-deployment {false, true}]
[--enabled-for-disk-encryption {false, true}]
[--enabled-for-template-deployment {false, true}]
[--hsm-name]
[--location]
[--name]
[--network-acls]
[--network-acls-ips]
[--network-acls-vnets]
[--no-self-perms {false, true}]
[--no-wait]
[--public-network-access]
[--retention-days]
[--sku]
[--tags]Examples
Create a key vault with network ACLs specified (use --network-acls to specify IP and VNet rules by using a JSON string).
az keyvault create --location westus2 --name MyKeyVault --resource-group MyResourceGroup --network-acls "{\"ip\": [\"1.2.3.4\", \"2.3.4.0/24\"], \"vnet\": [\"vnet_name_1/subnet_name1\", \"vnet_name_2/subnet_name2\", \"/subscriptions/000000-0000-0000/resourceGroups/MyResourceGroup/providers/Microsoft.Network/virtualNetworks/MyVNet/subnets/MySubnet\"]}"Create a key vault with network ACLs specified (use --network-acls to specify IP and VNet rules by using a JSON file).
az keyvault create --location westus2 --name MyKeyVault --resource-group MyResourceGroup --network-acls network-acls-example.jsonCreate a key vault with network ACLs specified (use --network-acls-ips to specify IP rules).
az keyvault create --location westus2 --name MyKeyVault --resource-group MyResourceGroup --network-acls-ips 3.4.5.0/24 4.5.6.0/24Create a key vault with network ACLs specified (use --network-acls-vnets to specify VNet rules).
az keyvault create --location westus2 --name MyKeyVault --resource-group MyResourceGroup --network-acls-vnets vnet_name_2/subnet_name_2 vnet_name_3/subnet_name_3 /subscriptions/000000-0000-0000/resourceGroups/MyResourceGroup/providers/Microsoft.Network/virtualNetworks/vnet_name_4/subnets/subnet_name_4Create a key vault with network ACLs specified (use --network-acls, --network-acls-ips and --network-acls-vnets together, redundant rules will be removed, finally there will be 4 IP rules and 3 VNet rules).
az keyvault create --location westus2 --name MyKeyVault --resource-group MyResourceGroup --network-acls "{\"ip\": [\"1.2.3.4\", \"2.3.4.0/24\"], \"vnet\": [\"vnet_name_1/subnet_name1\", \"vnet_name_2/subnet_name2\"]}" --network-acls-ips 3.4.5.0/24 4.5.6.0/24 --network-acls-vnets vnet_name_2/subnet_name_2 vnet_name_3/subnet_name_3 /subscriptions/000000-0000-0000/resourceGroups/MyResourceGroup/providers/Microsoft.Network/virtualNetworks/vnet_name_4/subnets/subnet_name_4Create a key vault. (autogenerated)
az keyvault create --location westus2 --name MyKeyVault --resource-group MyResourceGroupRequired Parameters
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
[HSM Only] Administrator role for data plane operations for Managed HSM. It accepts a space separated list of OIDs that will be assigned.
Property specifying whether protection against purge is enabled for this vault/managed HSM pool. Setting this property to true activates protection against purge for this vault/managed HSM pool and its content - only the Key Vault/Managed HSM service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible.
Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.
[Vault Only] Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.
[Vault Only] Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.
[Vault Only] Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.
Name of the HSM. (--hsm-name and --name/-n are mutually exclusive, please specify just one of them).
Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.
Name of the Vault.
Network ACLs. It accepts a JSON filename or a JSON string. JSON format: {\"ip\":[<ip1>, <ip2>...],\"vnet\":[<vnet_name_1>/<subnet_name_1>,<subnet_id2>...]}.
Network ACLs IP rules. Space-separated list of IP addresses.
Network ACLS VNet rules. Space-separated list of Vnet/subnet pairs or subnet resource ids.
[Vault Only] Don't add permissions for the current user/service principal in the new vault.
Do not wait for the long-running operation to finish.
Control permission for data plane traffic coming from public networks while private endpoint is enabled.
Soft delete data retention days. It accepts >=7 and <=90. Defaults to 90 for keyvault creation. Required for MHSM creation.
Required. SKU details. Allowed values for Vault: premium, standard. Default: standard. Allowed values for HSM: Standard_B1, Custom_B32. Default: Standard_B1.
Space-separated tags: key[=value] [key[=value] ...]. Use "" to clear existing tags.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az keyvault delete
Delete a Vault or HSM.
az keyvault delete [--hsm-name]
[--name]
[--no-wait]
[--resource-group]Examples
Delete a key vault. (autogenerated)
az keyvault delete --name MyKeyVault --resource-group MyResourceGroupOptional Parameters
Name of the HSM. (--hsm-name and --name/-n are mutually exclusive, please specify just one of them).
Name of the Vault.
Do not wait for the long-running operation to finish.
Proceed only if Key Vault belongs to the specified resource group.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az keyvault delete-policy
Delete security policy settings for a Key Vault.
az keyvault delete-policy --name
[--application-id]
[--no-wait]
[--object-id]
[--resource-group]
[--spn]
[--upn]Required Parameters
Name of the Vault.
Optional Parameters
Application ID of the client making request on behalf of a principal. Exposed for compound identity using on-behalf-of authentication flow.
Do not wait for the long-running operation to finish.
A GUID that identifies the principal that will receive permissions.
Proceed only if Key Vault belongs to the specified resource group.
Name of a service principal that will receive permissions.
Name of a user principal that will receive permissions.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az keyvault list
List Vaults and/or HSMs.
az keyvault list [--resource-group]
[--resource-type]Optional Parameters
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
When --resource-type is not present the command will list all Vaults and HSMs. Possible values for --resource-type are vault and hsm.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az keyvault list-deleted
Get information about the deleted Vaults or HSMs in a subscription.
az keyvault list-deleted [--resource-type]Optional Parameters
When --resource-type is not present the command will list all deleted Vaults and HSMs. Possible values for --resource-type are vault and hsm.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az keyvault purge
Permanently delete the specified Vault or HSM. Aka Purges the deleted Vault or HSM.
az keyvault purge [--hsm-name]
[--location]
[--name]
[--no-wait]Optional Parameters
Name of the deleted HSM. (--hsm-name and --name/-n are mutually exclusive, please specify just one of them).
Location of the deleted Vault or HSM.
Name of the deleted Vault.
Do not wait for the long-running operation to finish.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az keyvault recover
Recover a Vault or HSM.
Recover a previously deleted Vault or HSM for which soft delete was enabled.
az keyvault recover [--hsm-name]
[--location]
[--name]
[--no-wait]
[--resource-group]Examples
Recover a key vault. (autogenerated)
az keyvault recover --location westus2 --name MyKeyVault --resource-group MyResourceGroupOptional Parameters
Name of the deleted HSM. (--hsm-name and --name/-n are mutually exclusive, please specify just one of them).
Location of the deleted Vault or HSM.
Name of the deleted Vault.
Do not wait for the long-running operation to finish.
Resource group of the deleted Vault or HSM.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az keyvault set-policy
Update security policy settings for a Key Vault.
az keyvault set-policy --name
[--application-id]
[--certificate-permissions {create, delete, deleteissuers, get, getissuers, import, list, listissuers, managecontacts, manageissuers, purge, recover, setissuers, update}]
[--key-permissions {backup, create, decrypt, delete, encrypt, get, import, list, purge, recover, restore, sign, unwrapKey, update, verify, wrapKey}]
[--no-wait]
[--object-id]
[--resource-group]
[--secret-permissions {backup, delete, get, list, purge, recover, restore, set}]
[--spn]
[--storage-permissions {backup, delete, deletesas, get, getsas, list, listsas, purge, recover, regeneratekey, restore, set, setsas, update}]
[--upn]Examples
Assign key permissions `get`, `list`, `import` and secret permissions `backup`, `restore` to an object id.
az keyvault set-policy -n MyVault --key-permissions get list import --secret-permissions backup restore --object-id {GUID}Assign key permissions `get`, `list` to a UPN (User Principal Name).
az keyvault set-policy -n MyVault --key-permissions get list --upn {UPN}Assign key permissions `get`, `list` to a SPN (Service Principal Name).
az keyvault set-policy -n MyVault --key-permissions get list --spn {SPN}Required Parameters
Name of the Vault.
Optional Parameters
Application ID of the client making request on behalf of a principal. Exposed for compound identity using on-behalf-of authentication flow.
Space-separated list of certificate permissions to assign.
Space-separated list of key permissions to assign.
Do not wait for the long-running operation to finish.
A GUID that identifies the principal that will receive permissions.
Proceed only if Key Vault belongs to the specified resource group.
Space-separated list of secret permissions to assign.
Name of a service principal that will receive permissions.
Space-separated list of storage permissions to assign.
Name of a user principal that will receive permissions.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az keyvault show
Show details of a Vault or HSM.
az keyvault show [--hsm-name]
[--name]
[--resource-group]Examples
Show details of a key vault. (autogenerated)
az keyvault show --name MyKeyVaultOptional Parameters
Name of the HSM. (--hsm-name and --name/-n are mutually exclusive, please specify just one of them).
Name of the Vault.
Proceed only if Key Vault belongs to the specified resource group.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az keyvault show-deleted
Show details of a deleted Vault or HSM.
az keyvault show-deleted [--hsm-name]
[--location]
[--name]Examples
Show details of a deleted key vault.
az keyvault show-deleted --name MyKeyVaultOptional Parameters
Name of the deleted HSM. (--hsm-name and --name/-n are mutually exclusive, please specify just one of them).
Location of the deleted Vault or HSM.
Name of the deleted Vault.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az keyvault update
Update the properties of a Vault.
az keyvault update --name
[--add]
[--enable-purge-protection {false, true}]
[--enable-rbac-authorization {false, true}]
[--enabled-for-deployment {false, true}]
[--enabled-for-disk-encryption {false, true}]
[--enabled-for-template-deployment {false, true}]
[--force-string]
[--no-wait]
[--public-network-access]
[--remove]
[--resource-group]
[--retention-days]
[--set]Examples
Update the properties of a Vault. (autogenerated)
az keyvault update --enabled-for-disk-encryption true --name MyKeyVault --resource-group MyResourceGroupRequired Parameters
Name of the Vault.
Optional Parameters
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.
Property specifying whether protection against purge is enabled for this vault/managed HSM pool. Setting this property to true activates protection against purge for this vault/managed HSM pool and its content - only the Key Vault/Managed HSM service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible.
Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.
[Vault Only] Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.
[Vault Only] Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.
[Vault Only] Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
Do not wait for the long-running operation to finish.
Control permission for data plane traffic coming from public networks while private endpoint is enabled.
Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.
Proceed only if Key Vault belongs to the specified resource group.
Soft delete data retention days. It accepts >=7 and <=90.
Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az keyvault wait
Place the CLI in a waiting state until a condition of the Vault is met.
az keyvault wait --name
[--created]
[--custom]
[--deleted]
[--exists]
[--interval]
[--resource-group]
[--timeout]
[--updated]Examples
Pause CLI until the vault is created.
az keyvault wait --name MyVault --createdRequired Parameters
Name of the Vault.
Optional Parameters
Wait until created with 'provisioningState' at 'Succeeded'.
Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].
Wait until deleted.
Wait until the resource exists.
Polling interval in seconds.
Proceed only if Key Vault belongs to the specified resource group.
Maximum wait in seconds.
Wait until updated with provisioningState at 'Succeeded'.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for