az network vnet subnet

Manage subnets in an Azure Virtual Network.

To learn more about subnets visit https://docs.microsoft.com/azure/virtual-network/virtual-network-manage-subnet.

Commands

az network vnet subnet create Create a subnet and associate an existing NSG and route table.
az network vnet subnet delete Delete a subnet.
az network vnet subnet list List the subnets in a virtual network.
az network vnet subnet list-available-delegations List the services available for subnet delegation.
az network vnet subnet show Show details of a subnet.
az network vnet subnet update Update a subnet.

az network vnet subnet create

Create a subnet and associate an existing NSG and route table.

az network vnet subnet create --address-prefixes
--name
--resource-group
--vnet-name
[--defer]
[--delegations]
[--nat-gateway]
[--network-security-group]
[--route-table]
[--service-endpoint-policy]
[--service-endpoints]
[--subscription]

Examples

Create new subnet attached to an NSG with a custom route table.

az network vnet subnet create -g MyResourceGroup --vnet-name MyVnet -n MySubnet \
    --address-prefixes 10.0.0.0/24 --network-security-group MyNsg --route-table MyRouteTable

Create new subnet attached to a NAT gateway.

az network vnet subnet create -n MySubnet --vnet-name MyVnet -g MyResourceGroup --nat-gateway MyNatGateway --address-prefixes "10.0.0.0/21"

Required Parameters

--address-prefixes

Space-separated list of address prefixes in CIDR format.

--name -n

The subnet name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--vnet-name

The virtual network (VNet) name.

Optional Parameters

--defer

Temporarily store the object in the local cache instead of sending to Azure. Use az cache commands to view/clear.

--delegations

Space-separated list of services to whom the subnet should be delegated. (e.g. Microsoft.Sql/servers).

--nat-gateway

Attach Nat Gateway to subnet.

--network-security-group

Name or ID of a network security group (NSG).

--route-table

Name or ID of a route table to associate with the subnet.

--service-endpoint-policy

Space-separated list of names or IDs of service endpoint policies to apply.

--service-endpoints

Space-separated list of services allowed private access to this subnet.

value from: az network vnet list-endpoint-services
--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

az network vnet subnet delete

Delete a subnet.

az network vnet subnet delete [--ids]
[--name]
[--resource-group]
[--subscription]
[--vnet-name]

Examples

Delete a subnet.

az network vnet subnet delete -g MyResourceGroup -n MySubnet

Delete a subnet. (autogenerated)

az network vnet subnet delete --name MySubnet --resource-group MyResourceGroup --vnet-name MyVnet

Optional Parameters

--ids

One or more resource IDs (space-delimited). If provided, no other 'Resource Id' arguments should be specified.

--name -n

The subnet name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--vnet-name

The virtual network (VNet) name.

az network vnet subnet list

List the subnets in a virtual network.

az network vnet subnet list --resource-group
--vnet-name
[--subscription]

Examples

List the subnets in a virtual network.

az network vnet subnet list -g MyResourceGroup --vnet-name MyVNet

Required Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--vnet-name

The virtual network (VNet) name.

Optional Parameters

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

az network vnet subnet list-available-delegations

List the services available for subnet delegation.

az network vnet subnet list-available-delegations [--location]
[--resource-group]
[--subscription]

Examples

Retrieve the service names for available delegations in the West US region.

az network vnet subnet list-available-delegations -l westus --query [].serviceName

List the services available for subnet delegation. (autogenerated)

az network vnet subnet list-available-delegations --resource-group MyResourceGroup

Optional Parameters

--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

az network vnet subnet show

Show details of a subnet.

az network vnet subnet show [--expand]
[--ids]
[--name]
[--resource-group]
[--subscription]
[--vnet-name]

Examples

Show the details of a subnet associated with a virtual network.

az network vnet subnet show -g MyResourceGroup -n MySubnet --vnet-name MyVNet

Optional Parameters

--expand

Expands referenced resources.

--ids

One or more resource IDs (space-delimited). If provided, no other 'Resource Id' arguments should be specified.

--name -n

The subnet name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--vnet-name

The virtual network (VNet) name.

az network vnet subnet update

Update a subnet.

az network vnet subnet update [--add]
[--address-prefixes]
[--delegations]
[--disable-private-endpoint-network-policies {false, true}]
[--disable-private-link-service-network-policies {false, true}]
[--force-string]
[--ids]
[--name]
[--nat-gateway]
[--network-security-group]
[--remove]
[--resource-group]
[--route-table]
[--service-endpoint-policy]
[--service-endpoints]
[--set]
[--subscription]
[--vnet-name]

Examples

Associate a network security group to a subnet.

az network vnet subnet update -g MyResourceGroup -n MySubnet --vnet-name MyVNet --network-security-group MyNsg

Update subnet with NAT gateway.

az network vnet subnet update -n MySubnet --vnet-name MyVnet -g MyResourceGroup --nat-gateway MyNatGateway --address-prefixes "10.0.0.0/21"

Disable the private endpoint network policies

az network vnet subnet update -n MySubnet --vnet-name MyVnet -g MyResourceGroup --disable-private-endpoint-network-policies

Optional Parameters

--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.

--address-prefixes

Space-separated list of address prefixes in CIDR format.

--delegations

Space-separated list of services to whom the subnet should be delegated. (e.g. Microsoft.Sql/servers).

--disable-private-endpoint-network-policies

Disable private endpoint network policies on the subnet.

accepted values: false, true
--disable-private-link-service-network-policies

Disable private link service network policies on the subnet.

accepted values: false, true
--force-string

When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.

--ids

One or more resource IDs (space-delimited). If provided, no other 'Resource Id' arguments should be specified.

--name -n

The subnet name.

--nat-gateway

Attach Nat Gateway to subnet.

--network-security-group

Name or ID of a network security group (NSG). Use empty string "" to detach it.

--remove

Remove a property or an element from a list. Example: --remove property.list OR --remove propertyToRemove.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--route-table

Name or ID of a route table to associate with the subnet.

--service-endpoint-policy

Space-separated list of names or IDs of service endpoint policies to apply.

--service-endpoints

Space-separated list of services allowed private access to this subnet.

value from: az network vnet list-endpoint-services
--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--vnet-name

The virtual network (VNet) name.