Azure CLI 2.0 release notes

May 10, 2017

Version 2.0.6

  • documentdb renamed to cosmosdb
  • Add rdbms (mysql, postgres)
  • Include Data Lake Analytics and Data Lake Store modules.
  • Include Cognitive Services module.
  • Include Service Fabric module.
  • Include Interactive module (rename of az-shell).
  • Add support for CDN commands.
  • Remove Container module.
  • Add 'az -v' as shortcut for 'az --version' (#2926)
  • Improve performance of package load and command execution (#2819)
azure-cli (2.0.6)

acr (2.0.4)
acs (2.0.6)
appservice (0.1.6)
batch (2.0.4)
cdn (0.0.2)
cloud (2.0.2)
cognitiveservices (0.1.2)
command-modules-nspkg (2.0.0)
component (2.0.4)
configure (2.0.6)
core (2.0.6)
cosmosdb (0.1.6)
dla (0.0.6)
dls (0.0.6)
feedback (2.0.2)
find (0.2.2)
interactive (0.3.1)
iot (0.1.5)
keyvault (2.0.4)
lab (0.0.4)
monitor (0.0.4)
network (2.0.6)
nspkg (3.0.0)
profile (2.0.4)
rdbms (0.0.1)
redis (0.2.3)
resource (2.0.6)
role (2.0.4)
sf (1.0.1)
sql (2.0.3)
storage (2.0.6)
vm (2.0.6)


  • core: capture exceptions caused by unregistered provider and auto-register it
  • perf: persist adal token cache in memory till process exits (#2603)
  • Fix bytes returned from hex fingerprint -o tsv (#3053)
  • Enhanced Key Vault Certificate Download and AAD SP Integration (#3003)
  • Add Python location to ‘az —version’ (#2986)
  • login: support login when there are no subscriptions (#2929)
  • core: fix a failure when login using a service principal twice (#2800)
  • core: Allow file path of accessTokens.json to be configurable through an env var (#2605)
  • core: Allow configured defaults to apply on optional args (#2703)
  • core: Improved performance
  • core: Custom CA Certs - Support setting REQUESTS_CA_BUNDLE environment variable
  • core: Cloud configuration - use 'resource manager' endpoint if 'management' endpoint not set


  • fix the master and agent count to be integer instead of string
  • expose 'az acs create --no-wait' and 'az acs wait' for async creation
  • expose 'az acs create --validate' for dry-run validations
  • remove windows profile before PUT call for scale command (#2755)


  • functionapp: add full functionapp supports, including create, show, list, delete, hostname, ssl, etc
  • Adding Team Services (vsts) as a continuous delivery option to "appservice web source-control config"
  • Create "az webapp" to replace "az appservice web" (for backward compat, "az appservice web" will stay for 2 releases)
  • Expose arguments to configure deployment and "runtime stacks" on webapp create
  • Expose "webapp list-runtimes"
  • support configure connection strings (#2647)
  • support slot swap with preview
  • Polish errors from appservice commands (#2948)
  • Use the app service plan's resource group for cert operations (#2750)


  • Rename documentdb module to cosmosdb.
  • Added support for documentdb data-plane APIs: database and collection management
  • Added support for enabling automatic failover on database accounts
  • Added support for new consistency policy ConsistentPrefix

Data Lake Analytics

  • Fix a bug where filtering on result and state for job lists would throw an error.
  • Add support for new catalog item type: package. accessed through: az dla catalog package
  • Made it possible to list the following catalog items from within a database (no schema specification required):

    • Table
    • Table valued function
    • View
    • Table Statistics. This can also be listed with a schema, but without specifying a table name.

Data Lake Store

  • Update the version of the underlying filesystem SDK, which gives better support for handling server side throttling scenarios.
  • Improve performance of package load and command execution (#2819)
  • missed help for access show. adding it. (#2743)


  • improve search results and allow for versioning of the search index


  • BC:az keyvault certificate download change -e from string or binary to PEM or DER to better represent the options
  • BC: Remove --expires and --not-before from keyvault certificate create as these parameters are not supported by the service.
  • Adds the --validity parameter to keyvault certificate create to selectively override the value in --policy
  • Fixes issue in keyvault certificate get-default-policy where 'expires' and 'not_before' were exposed but 'validity_in_months' was not.
  • keyvault fix for import of pem and pfx (#2754)


  • Adding create, show, delete & list commands for environment in the lab.
  • Adding show & list commands to view ARM templates in the lab.
  • Adding --environment flag in az lab vm list to filter VMs by environment in the lab.
  • Add convenience command az lab formula export-artifacts to export artifact scaffold within a Lab's formula.
  • Add commands to manage secrets within a Lab.


  • Bug Fix: Modeling --actions of az alert-rules create to consume JSON string (#3009)
  • Bug fix - diagnostic settings create does not accept logs/metrics from show commands (#2913)


  • Add network watcher test-connectivity command.
  • Add support for --filters parameter for network watcher packet-capture create.
  • Add support for Application Gateway connection draining.
  • Add support for Application Gateway WAF rule set configuration.
  • Add support for ExpressRoute route filters and rules.
  • Add support for TrafficManager geographic routing.
  • Add support for VPN connection policy-based traffic selectors.
  • Add support for VPN connection IPSec policies.
  • Fix bug with vpn-connection create when using the --no-wait or --validate parameters.
  • Add support for active-active VNet gateways
  • Remove nulls values from output of network vpn-connection list/show commands.
  • BC: Fix bug in the output of vpn-connection create
  • Fix bug where '--key-length' argument of 'vpn-connection create' was not parsed correctly.
  • Fix bug in dns zone import where records were not imported correctly.
  • Fix bug where traffic-manager endpoint update did not work.
  • Add 'network watcher' preview commands.


  • Support login when there are no subscriptions found (#2560)
  • Support short param name in az account set --subscription (#2980)


  • Adding update command which also adds the ability to scale for redis cache
  • Deprecates the 'update-settings' command.


  • Add managedapp and managedapp definition commands (#2985)
  • Support 'provider operation' commands (#2908)
  • Support generic resource create (#2606)
  • Fix resource parsing and api version lookup. (#2781)
  • Add docs for az lock update. (#2702)
  • Error out if you try to list resources for a group that doesn't exist. (#2769)
  • [Compute] Fix issues with VMSS and VM availability set update. (#2773)
  • Fix lock create and delete if parent-resource-path is None (#2742)


  • create-for-rbac: ensure SP's end date will not exceed certificate's expiration date (#2989)
  • RBAC: add full support for 'ad group' (#2016)
  • role: fix issues on role definition update (#2745)
  • create-for-rbac: ensure user provided password is picked up


  • Added az sql server list-usages and az sql db list-usages commands.
  • SQL - ability to connect directly to resource provider (#2832)


  • Default location to resource group location for storage account create.
  • Add support for incremental blob copy
  • Add support for large block blob upload
  • Change block size to 100MB when file to upload is larger than 200GB


  • avail-set: make UD&FD domain counts optional

    note: VM commands in sovereign clouds Please avoid managed disk related features, including the following:

    1. az disk/snapshot/image
    2. az vm/vmss disk
    3. Inside "az vm/vmss create", use "—use-unmanaged-disk" to avoid managed disk Other commands should work
  • vm/vmss: improve the warning text when generates ssh key pairs
  • vm/vmss: support create from a market place image which requires plan info (#1209)

April 3, 2017

Version 2.0.2

We released the ACR, Batch, KeyVault, and SQL components in this release.

azure-cli (2.0.2)

acr (2.0.0)
acs (2.0.2)
appservice (0.1.2)
batch (2.0.0)
cloud (2.0.0)
component (2.0.0)
configure (2.0.2)
container (0.1.2)
core (2.0.2)
documentdb (0.1.2)
feedback (2.0.0)
find (0.0.1b1)
iot (0.1.2)
keyvault (2.0.0)
lab (0.0.1)
monitor (0.0.1)
network (2.0.2)
nspkg (2.0.0)
profile (2.0.2)
redis (0.1.1b3)
resource (2.0.2)
role (2.0.1)
sql (2.0.0)
storage (2.0.2)
vm (2.0.2)


  • Add acr, lab, monitor, and find modules to default list.
  • Login: skip erroneous tenant (#2634)
  • login: set default subscription to one with the state of "Enabled" (#2575)
  • Add wait commands and --no-wait support to more commands (#2524)
  • core: support login using service principal with a cert (#2457)
  • Add prompting for missing template parameters. (#2364)
  • Support setting default values for common arguments like default resource group, default web, default vm
  • Support login to specific tenant


  • [ACS] Adding support for configuring a default ACS cluster (#2554)
  • Add support for ssh key password prompting. (#2044)
  • Add support for windows clusters. (#2211)
  • Switch from Owner to Contributor role. (#2321)


  • appservice: support to get external ip address used for DNS A records (#2627)
  • appservice: support binding wildcard certificates (#2625)
  • appservice: support list publishing profiles (#2504)
  • AppService - Trigger source control sync after config (#2326)


  • Initial release of Data Lake Analytics module.
  • Initial release of Data Lake Store module.


  • DocumentDB: Adding support for listing connection strings (#2580)


  • [Compute] Add AppGateway support to virtual machine scale set create (#2570)
  • [VM/VMSS] Improved disk caching support (#2522)
  • VM/VMSS: incorporate credentials validation logic used by portal (#2537)
  • Add wait commands and --no-wait support (#2524)
  • Virtual machine scale set: support * to list instance view across vms (#2467)
  • Add --secrets for VM and virtual machine scale set ([#2212}(
  • Allow VM creation with specialized VHD (#2256)

February 27, 2017

Version 2.0.0

This release of Azure CLI 2.0 is the first "Generally Available" release. General availability applies to these command modules:

  • Container Service (acs)
  • Compute (including Resource Manager, VM, virtual machine scale sets, Managed Disks)
  • Networking
  • Storage

These command modules can be used in production and are supported by standard Microsoft SLA. You can open issues directly with Microsoft support or on our github issues list. You can ask questions on StackOverflow using the azure-cli tag, or contact the product team at You can provide feedback from the command line with the az feedback command.

The commands in these modules are stable and the syntax is not expected to change in upcoming releases of this version of Azure CLI.

To verify the version of the CLI, use az --version. The output lists the version of the CLI itself (2.0.0 in this release), the individual command modules, and the versions of Python and GCC that you're using.

azure-cli (2.0.0)

acs (2.0.0)
appservice (0.1.1b5)
batch (0.1.1b4)
cloud (2.0.0)
component (2.0.0)
configure (2.0.0)
container (0.1.1b4)
core (2.0.0)
documentdb (0.1.1b2)
feedback (2.0.0)
iot (0.1.1b3)
keyvault (0.1.1b5)
network (2.0.0)
nspkg (2.0.0)
profile (2.0.0)
redis (0.1.1b3)
resource (2.0.0)
role (2.0.0)
sql (0.1.1b5)
storage (2.0.0)
vm (2.0.0)

Python (Darwin) 2.7.10 (default, Jul 30 2016, 19:40:32) 
[GCC 4.2.1 Compatible Apple LLVM 8.0.0 (clang-800.0.34)]

Some of the command modules have a "bn" or "rcn" postfix. These command modules are still in preview and will become generally available in the future.

We also have nightly preview builds of the CLI. For information, see these instructions on getting the nightly builds, and these instructions on developer setup and contributing code.

You can report issues with nightly preview builds in the following ways: