Azure CLI release notes
November 19, 2024
Version 2.67.0
AKS
- [BREAKING CHANGE]
az aks create/update
: Remove--uptime-sla
and--no-uptime-sla
parameters - [BREAKING CHANGE]
az aks create
: Remove--aad-client-app-id
,--aad-server-app-id
and--aad-server-app-secret
parameters - [BREAKING CHANGE]
az aks trustedaccess rolebinding create
: Remove deprecated '-r' options az aks create/update
: Fix storage pool name validation for Azure Container Storageaz aks enable-addon
: Update AGIC addon to use Network Contributor instead of Contributor
App Config
az appconfig create/update
: Add new parameters--arm-auth-mode
and--enable-arm-private-network-access
to support data plane proxy settings
Compute
az vm disk attach/detach
: Add new parameter--disk-ids
to support setting multiple disks by disk ids
Compute Fleet
az compute-fleet
: Addcreate/update/show/delete/list/list-vmss
commands for manage Azure Compute Fleet
Container
az container container-group-profile
: Add new command group to manage Azure Container Instance Container Group Profile
Core
- PREVIEW: Support managed identity on Azure Arc-enabled Windows server
DataLake
- [BREAKING CHANGE]
az dla
: Remove dla module since it has been deprecated
DLS
- [BREAKING CHANGE]
az dls account network-rule
: Remove this command group as no server support anymore
Eventhub
az eventhubs eventhub
: Add new parameters--timestamp-type
and--min-compaction-lag-in-mins
az eventhubs namespace replica
: Add new commands to support adding/removing replicas
Extension
- [BREAKING CHANGE]
az extension add/update
: Set default--allow-preview
value fromTrue
to beFalse
for extensions installation and remainTrue
for extensions without stable releases
Kusto
- [BREAKING CHANGE]
az kusto
: Remove kusto from CLI as it has been moved to CLI extensions
Network
- [BREAKING CHANGE]
az network public-ip ddos-protection-statu
: Remove misspelled command group
Packaging
- Drop Python 3.8 support
Profile
- [BREAKING CHANGE]
az login
:--password
no longer accepts a service principal certificate. Use--certificate
to pass a service principal certificate
RDBMS
az postgres flexible-server long-term-retention start/pre-check/list/show
: New commands to support long-term-retention backups on PostgreSql Flex Serveraz postgres flexible-server create
: Support provisioning postgres flexible servers with version 17
Service Connector
az connection create mysql-flexible
: Add--private-endpoint
parameter
SQL
- [BREAKING CHANGE]
az sql mi link create
: Rename input from--source-endpoint
to--partner-endpoint
,--primary-availability-group-name
to--partner-availability-group-name
,--secondary-availability-group-name
to--instance-availability-group-name
,--target-database
to--databases
- [BREAKING CHANGE]
az sql mi link create/show/list/update
: Rename output fromtargetDatabase
,primaryAvailabilityGroupName
,secondaryAvailabilityGroupNamesourceEndpoint
,sourceReplicaId
,targetReplicaId
,linkState
,lastHardenedLsn
todatabases
,partnerAvailabilityGroupName
,instanceAvailabilityGroupName
,partnerEndpoint
,distributedAvailabilityGroupName
,instanceLinkRole
,partnerLinkRole
,failoverMode
,seedingMode
- [BREAKING CHANGE]
az sql failover-group create
: Change default failover policy to manual az sql mi link failover
: Support performing requested failover type in this Managed Instance link
Upgrade
- [BREAKING CHANGE]
az upgrade
: Set default--allow-preview
value fromTrue
to beFalse
for extensions installation and remainTrue
for extensions without stable releases
November 05, 2024
Version 2.66.0
AKS
az aks create
: Add Trusted Launch options--enable-vtpm
and--enable-secure-boot
az aks nodepool add/update
: Add Trusted Launch options--enable-vtpm
and--enable-secure-boot
az aks create/update
: Update the VM SKU details from backend for validations during Azure Container Storage operations
App Service
az functionapp create
: Add--zone-redundant
parameter to support zone redundant for Functions Flex SKUaz functionapp plan update
: Do not show warning message with--set
in command
ARM
az bicep publish
: Remove preview flag from--with-source
parameteraz data-boundary show
: Add command to support getting the data boundary at a specified scopeaz data-boundary show-tenant
: Add command to support getting the data boundary at a tenant levelaz data-boundary create
: Add command to support creating tenant to data boundaryaz bicep generate-params
: Fix the help message for--include-params
parameteraz bicep/deployment/stack
: Conditionally enable invariant globalization for Bicep running inside the Azure CLI docker image
Backup
az backup restore restore-disks
: Add support for enabling Disk access settings for managed VM restores
Compute
az vmss create/update
: Add new parameter--skuprofile-vmsizes
to specify a list of VM sizes to use with VMSS Instance Mixaz vmss create/update
: Add new parameter--skuprofile-allocation-strategy
to update the allocation strategy for VMSS Instance Mix
Container app
- Fix #30053:
az containerapp update
: Fix polling az containerapp env create
: Hide--dapr-instrumentation-key
parameteraz containerapp env update
: Support to update--dapr-connection-string
Core
aaz
: Support managed identity- Resolve CVE-2024-6119
- Resolve CVE-2024-5535
- Resolve CVE-2024-4741
- Resolve CVE-2024-4603
- Resolve CVE-2024-2511
- Use MSAL for Cloud Shell authentication
Extension
az extension add/update
: Pre-announcement default value change fromtrue
tofalse
for--allow-preview
MySQL
az mysql flexible-server create/update
: Add--maintenance-policy-patch-strategy
az mysql flexible-server create/restore
: Add--database-port
az mysql flexible-server replica create
: Add--database-port
NetAppFiles
- [BREAKING CHANGE]
az netappfiles volume create
: Parametersbackup-id
andsnapshot-id
now accept only full Azure ResourceIds and no longer support GUIDs - [BREAKING CHANGE]
az netappfiles account create
: Parameter--kdc-ip
now only accepts a single ip address not a list - [BREAKING CHANGE]
az netappfiles account update
: Parameter--kdc-ip
now only accepts a single ip address not a list - [BREAKING CHANGE]
az netappfiles account ad add
: Parameter--kdc-ip
now only accepts a single ip address not a list - [BREAKING CHANGE]
az netappfiles account ad update
: Parameter--kdc-ip
now only accepts a single ip address not a list az netappfiles volume create
: Fix a bug where parameter--allowed-clients
was not passed along in the requestaz netappfiles check-file-path-availability
: Add new parameter--availability-zone
az netappfiles volume replication
: Add new commandspeer-external-cluster
,authorize-external-replication
,perform-replication-transfer
,finalize-external-replication
az netappfiles volume create
: Add new parameters--external-host-name
,--external-server-name
,--external-volume-name
az netappfiles volume update
: Add new parameters--external-host-name
,--external-server-name
,--external-volume-name
az netappfiles volume update
: Parameters--backup-id
and--snapshot-id
now accept only full Azure ResourceIds and no longer support GUIDs
Network
az network vnet
: Add--private-endpoint-vnet-policies
parameteraz network private-link-service
: Add--destination-ip-address
parameteraz network application-gateway waf-policy managed-rule rule-set add/update
: Support sensitivity for--rule
parameteraz network private-dns link vnet
: Support resolution policy for virtual network linkaz network application-gateway waf-policy managed-rule rule-set add/update
: Add allowed value1.1
for--version
- Fix #29911:
az network public-ip update
: IP tags crash with AttributeError
Profile
az login
: Passing the service principal certificate with--password
is deprecated and will be removed in version 2.67.0. Please use--certificate
instead.
RDBMS
az postgres flexible-server replica create
: Add support for--tags
parameteraz postgres flexible-server replica create
: Allow read replica create from storage auto-grow enabled primary server flexible serveraz postgres flexible-server backup create/delete
: New commands to support creating and deleting backups on PostgreSql Flex Server
Service Bus
az servicebus namespace replica
: Add new command group to manage servicebus namespace replicas
Service Connector
az aks connection create appconfig
: Add--use-appconfig-extension
az webapp connection create fabric-sql
: Add fabric sql target support
SignalR
az signalr start/stop
: Add signalr command start or stop an existing SignalR serviceaz signalr replica start/stop/restart
: Add signalr command start, stop or start an existing SignalR serviceaz signalr network-rule ip-rule add/remove
: Add signalr command add or remove ip-rule of an SignalR serviceaz signalr update client-cert-enabled/disable-local-auth/region-endpoint-enabled
: Toggle clientCertificate, disableLocalAuth, enableRegionEndpointaz signalr replica update region-endpoint-enabled/unit-count
: Toggle enableRegionEndpoint and change unitCount
SQL
az sql geo-backup
: Remove preview tagaz sql failover-group create/update
: Add parameter--secondary-type
to support geo/standby replica on partner server
Storage
az storage blob copy start/start-batch
: Fix--auth-mode login
Upgrade
az upgrade
: Pre-announcement default value change fromtrue
tofalse
for--allow-preview
October 01, 2024
Version 2.65.0
ACR
- Fix #21900:
az acr task identity remove
: Fix incorrect operation_group setting az acr credential-set
: Improve help message
AD
az ad app create/update
: Add--service-management-reference
argument
AKS
az aks nodepool delete-machines
: Add support to delete specific machines in an agent pool
App Config
az appconfig
: Add premium SKU support
App Service
az functionapp config set
: Map parameters explicitly for the internal update_site_configs function call
Compute
az vm/vmss create
: Add--ssh-key-type
parameter to support generating Ed25519 SSH keysaz vm image list
: Expose ImageDeprecationStatus property in output
Container app
- Fix #29849:
az containerapp job stop
: Fix stop execution response - Fix #29166:
az containerapp compose create
: Support image with tag and support get ACR from image
Cosmos DB
az cosmosdb restore
: Add--disable-ttl
to support for Restore with Time-To-Live Disabled
DataLake
az dla
: Deprecate datalake analytics
HDInsight
az hdinsight update
: Add parameter--assign-identity-type
to allow to update toSystemAssigned
identity.
Monitor
az monitor action-group create
: Adjust formatting of--actions
help messageaz monitor action-group update
: Adjust formatting of--add-actions
help messageaz monitor action-group notification create
: Adjust formatting of--add-actions
help message
MySQL
az mysql flexible-server create/update
: Add--accelerated-logs
to support configuring accelerated logs for Business Critical tier
NetAppFiles
az netappfiles volume create
: Fix subnet id as resource id
Network
az network vnet peering
: Refine command interface of subnet peering
Packaging
- Release Docker image based on Azure Linux 3.0
- Include
jq
in Azure Linux docker image - Drop Debian 10 support
- Use Azure Linux 3.0 (
mcr.microsoft.com/azurelinux/base/core:3.0
) as the base image for docker image taglatest
and2.65.0
Profile
az login
: Fall back to device code flow in GitHub Codespaces
RDBMS
az postgres flexible-server update
: Support case-insensitive input for--tier
,--performance-tier
,--sku
, and--maintenance-window
az postgres flexible-server migration create
: Add AWS_AURORA as a migration source type for PostgreSql
SQL
az sql elastic-pool create
: Setmin_capacity
toNone
for non-serverless SKUsaz sql mi create/update
: Add gpv2 parameter and iops parameter
September 03, 2024
Version 2.64.0
ACR
az acr helm
: Improve deprecation message
AKS
az aks nodepool update
: Add--enable/disable-fips-image
flags for GA mutable fipsaz aks create/update
: Support UserAssigned Managed Identity for grafana linking in managed prometheusaz aks create/update
: Update the VM SKU regex validation to include larger set of VMs for Azure Container Storage
App Service
az staticwebapp create/update
: AddDedicated
as supported SKUaz webapp config set
: Add MinTlsCipherSuite supportaz webapp config access-restriction add/remove
: Allow skipping service tag validation
ARM
az ts create
: Fix incorrect handling of whitespace in string values
ARO
az aro create
: Add feature for adding Multiple Public IPs on cluster load balanceraz aro update
: Add feature for adding/removing Multiple Public IPs on cluster load balancer
Compute
az vm update
: Add support of Gen1 VM to trusted launch upgradeaz capacity reservation
: GA command group
Container app
- Fix #28998:
az containerapp env workload-profile add/update
: FixNoneType
object is not iterable error when environment doesn't enable workload profile az containerapp create/up
: Make--target-port
optionalaz containerapp env create
: Deprecate unused argument--docker-bridge-cidr
az containerapp job stop
: Deprecate option to stop list of given job executions- Fix #29711:
az containerapp logs show
: Fix JSON escaping by default or with--format json
HDInsight
az hdinsight create
: Support setting IP tags when creating HDInsight clusteraz hdinsight update
: Support updating the managed identity of the clusteraz hdinsight azure-monitor-agent show
: Support getting the managed identity of the clusteraz hdinsight azure-monitor-agent enable
: Enable the Azure Monitor Agent logs integration on an HDInsight clusteraz hdinsight azure-monitor-agent disable
: Disable the Azure Monitor Agent logs integration on an HDInsight cluster
MySQL
az mysql flexible-server maintenance
: New command group for managing maintenance of MySQL flexible serveraz mysql flexible-server update
: Remove storage passing for server update
NetAppFiles
az netappfiles volume create/update
: Update max for--usage-threshold
Network
- Fix #29565:
az network nat gateway create
: Add--tags
parameter
Packaging
- Support Python 3.12
- Release Azure Linux 3 RPM package
- [BREAKING CHANGE] Use CBL-Mariner 2.0 (
mcr.microsoft.com/cbl-mariner/base/core:2.0
) as the base image for docker image taglatest
and2.64.0
Redis
az redis create/update
: Add--disable-access-keys
to support disabling auth through access keys
SQL
az sql mi create/update
: Add--authentication-metadata
to support auth metadata configuration
Storage
az storage account create/update
: Support account cold-tieraz storage copy/remove
: Add--auth-mode login
supportaz storage share delete
: Addinclude-leased
for--delete-snapshots
August 06, 2024
Version 2.63.0
ACR
az acr login
: Support optional resource group argument to skip subscription resource scan
AKS
az aks create
: Not set the--network-plugin
based on the default from the Python SDKaz aks create/update
: Support in place param updates for managed Prometheusaz aks create/update
: Add validations for PremiumV2 diskaz aks upgrade
: Support tier switch with AKS upgradeaz aks create/update
: Add--network-policy none
option to commandaz aks create
: Remove unsupported scenario command in help message
App Config
az appconfig import/export/restore
: Add correlation request id to bulk operations
App Service
az webapp list-runtimes
: Add parameter--show-runtime-details
to show detailed runtime stacks and update the format of java related stacks listedaz webapp create
: Add parameter--acr-identity
to allow users to choose user assigned identity for ACR image pullaz webapp config set
: Add parameter--acr-use-identity
and--acr-identity
to allow users update ACR image pull related configs
ARM
az stack group/sub/mg create
: Minor improvements to the confirmation message when updating an existing stack
CDN
- Fix #28717:
az afd secret
: Change the way to access parameter az cdn portal-migration
: Add command group for classic CDN profile migration
Compute
az sig create/update
: Hide--soft-delete
parameter in help messages- Fix #29006:
az ssh
: Fix thePermissions 0644 for '...' are too open
error az vmss update
: Add new parameter--enable-auto-os-upgrade
to support updating automatic OS upgrade policy argumentaz vmss update
: Add new parameter--upgrade-policy-mode
to support updating upgrade policy mode
Container app
- Fix #26688:
az containerapp up
: Fix logic about updating an existing containerapp az containerapp job stop
: Return custom message for stop job execution- Fix #29330:
az containerapp auth update
: Fix split logic for--set
Core
- Resolve CVE-2024-39689
- Resolve CVE-2024-6345
- Support
az config set extension.dynamic_install_allow_preview
for extension dynamic installation configuration az logout
: Remove service principal access tokens from token cache
Cosmos DB
az cosmosdb delete
: Support--no-wait
MySQL
az mysql flexible-server import stop-replication
: Stop replication between source single server and target flexible server
NetAppFiles
az netappfiles account create
: Change--key-vault-resource-id
to be optional
Network
az network custom-ip prefix create
: Add parameter--is-parent
az network network-watcher connection-monitor
: Support to create connection monitor v2az network vnet peering
: Support virtual network subnet peering
Packaging
- Drop Alpine Docker image
RDBMS
- [BREAKING CHANGE]
az postgres flexible-server create
: Update default value of PG version to be 16 - Fix #27422:
az postgres flexible-server create
: Bug fix for using existing subnet while creating pg flex server az postgres flexible-server restore
: Bug fix when using resource id as value for source-server argument
Role
az role assignment list
: Add warning for classic administrators retirement
Service Connector
az containerapp connection create containerapp
: Support ACA2ACA connection
SQL
az sql midb move/copy
: Add destination subscription Id for managed database move/copyaz sql mi create
: Add--dns-zone-partner
optional parameter
Storage
az storage fs directory upload/download
: Add back--auth-mode login
as AzCopy supports Oauth nowaz storage blob sync
: Add back--auth-mode login
as AzCopy supports Oauth now
Synapse
az synapse spark job submit
: Add optional--python-files
argument to support job submission
July 09, 2024
Version 2.62.0
ACR
az acr build/task
: Highlight the difference between arguments in the description
AKS
az aks create/update
: Update AMW resource.location to only accept alphanumeric charactersaz aks create/update
: Add Azure Managed Grafana support for managed prometheus addon in usnataz aks create/update
: Ephemeral disk additional support for Azure Container Storageaz aks create/update
: Add and fix existing validations for ephemeral disk support for Azure Container Storage
App Config
az appconfig
: Update help message for App Configuration storeaz appconfig kv import
: Update the help message for ignore-match
App Service
az webapp deploy
: Disable deploymentstatus API for deployments to app slotsaz webapp deployment source config-zip
: Disable deploymentstatus API for deployments to app slots- Fix #29041:
az webapp config access-restriction add
: Fix edge case validating service tags az functionapp create
: Avoid throwing exception when endOfLifeDate not passed from stacks API
ARM
az stack mg create
: Validate MG stacks automatically before creationaz bicep restore
: Fix typos in help messages
Backup
az backup restore restore-disks/restore-azurewl/restore-azurefiles/restore-azurefileshare
: Add--tenant-id
for cross-tenant MUA protection, otherwise allows restore when protected by a resource guardaz backup vault encryption update
: Add support for MUA for CMK operations
CDN
- Fix #28721:
az afd origin-group create
: Add parameter to support session affinity state - Fix #28824:
az cdn profile
: Add default location - Fix #28733:
az cdn endpoint update
: Add support to update an existing endpoint
Compute
az vmss update
: Add new parameter--zones
to support setting vmss zonal expansionaz vm install-patches
: Add new parameter--max-patch-publish-date
to support setting max patch publish dateaz vmss reimage
: Add new parameter--force-update-os-disk-for-ephemeral
to support updating the base OS diskaz vmss create/update
: Add new parameter--scheduled-event-additional-publishing-target-event-grid-and-resource-graph
to support setting scheduled event policyaz vmss create/update
: Add new parameter--enable-user-reboot-scheduled-events
to support setting policy for rebooting scheduled eventaz vmss create/update
: Add new parameter--enable-user-redeploy-scheduled-events
to support setting policy for redeploying scheduled eventaz vmss update
: Add an optionStandard
to--security-type
parameteraz vmss create
: Support set upgrade policy mode to automatic during flexible VMSS creationaz sig image-definition create
: Fix default value of security type
Container app
az containerapp env create/update
: Support peer-to-peer traffic encryption with--enable-peer-to-peer-encryption
az containerapp job update
: Fix poll logic and--no-wait
az containerapp show-custom-domain-verification-id
: Show verification id used for binding custom domainaz containerapp env update
: Fix logs configuration about removing destination with--logs-destination none
az containerapp list-usages
: Support list-usages in subscription- Fix #28983:
az containerapp job registry
: Support commands for modifying the job's registries az containerapp auth
: Support Token Store with--token-store
,--sas-url-secret
,--sas-url-secret-name
,--yes
- Fix #29128:
az containerapp env certificate
: Support managed certificate - Fix #29172:
az containerapp secret set
: Remove the limit of length for secret name
Core
- Fix #28997: Fix error "User cancelled the Accounts Control Operation" when logging in with WAM as Administrator
- Resolve CVE-2024-37891
- Resolve CVE-2024-35195
aaz
: Add argument completer support
Cosmos DB
az service create
: Add--gateway-type
to support multiple dedicated gateway types
MySQL
az mysql flexible-server update
: Support replica resource group different with primary serveraz mysql flexible-server detach-vnet
: New command to support converting a vnet azure mysql server to a non-vnet serveraz mysql flexible-server deploy/update
: Add warning message for HA enabled and input validator
Network
az network application-gateway waf-policy custom-rule update
: Add parameter--js-cookie-exp-time
az network cross-region-lb address-pool
: Add parameter-- admin-state
az network application-gateway rewrite-rule
: Add--request-header-configurations
and--response-header-configurations
az network virtual-appliance restart
: Allow restart of virtual machines associated with a network virtual applianceaz network virtual-appliance inbound-security-rule
: Support of GET operation for NVA Inbound Security Ruleaz network vnet subnet
: Add parameter--endpoints
RDBMS
az postgres flexible-server restore
: Add capability to restore to new server using Premium SSD v2 Disks by setting Storage Type to "PremiumV2_LRS"az postgres flexible-server migration create
: Fix bugs while passing in MigrationRuntimeResourceId to Migration Parameters, now need to be provided within properties json fileaz postgres flexible-server firewall-rule create
: Correct firewall rule name and ip range validatorsaz postgres flexible-server update
: Add argument to enable or disable public-accessaz postgres flexible-server create
: Add argument--create-default-database
to support disabling default database creationaz postgres flexible-server upgrade
: Unblock MVU for Burstable from CLIaz postgres flexible-server update
: Correct setting--maintenance-window
to be disabled
SignalR
az signalr upstream update
: Remove the empty location string when updating resource
SQL
az sql db update
: Add--manual-cutover
and--perform-cutover
arguments
Storage
az storage container policy
: Fix cases where permission and expiry are both nullaz storage account create/update
: Support TLS 1.3, update recommended--min-tls-version
to be 1.2
May 21, 2024
Version 2.61.0
AKS
- [BREAKING CHANGE]
az aks create
: Specifying--enable-managed-identity
and--service-principal
/--client-secret
at the same time will cause aMutuallyExclusiveArgumentError
- [BREAKING CHANGE]
az aks create
: Change the default value of option--enable-managed-identity
fromTrue
toFalse
az aks mesh upgrade rollback/complete
: Add--yes
parameter to support not prompting the users to confirm the operationaz aks create/update
: AddSecurityPatch
option to--node-os-upgrade-channel
parameteraz aks create/update
: Add new parameter--enable-cost-analysis
to enable exporting Kubernetes namespace and deployment details to the Cost Analysis viewsaz aks create
: Backfill the value of--enable-managed-identity
toTrue
when options--service-principal
and--client-secret
are not specified at the same timeaz aks nodepool update
: Add option--os-sku
to support updating os sku in placeaz aks create
: Add--ampls-resource-id
and--enable-high-log-scale-mode
optional parameters for Monitoring Addonaz aks enable-addons
: Add--ampls-resource-id
and--enable-high-log-scale-mode
optional parameters
App Service
- [BREAKING CHANGE]
az webapp deploy
: Use deployment status API for deployment output for Linux Web Apps - [BREAKING CHANGE]
az webapp up
: Use deployment status API for deployment output for Linux Web Apps - [BREAKING CHANGE]
az webapp deployment source config-zip
: Use deployment status API for deployment output for Linux Web Apps az functionapp scale config always-ready
: Set alwaysReady property to empty array if it is nullaz functionapp
: Update messaging for flex function appsaz functionapp deployment source config-zip
: Allow users with no Microsoft.Web/serverFarm read privileges to deploy function appsaz webapp list
: Fix the bug--show-details
fails while resource group name is not specifiedaz webapp list-runtimes/create/up
: Add Java 21 supportaz functionapp create
: Use stacks API netFrameworkVersion value instead of the default value from the Python SDKaz functionapp create
: The linuxFxVersion for dotnet-isolated linux consumption apps will no longer be left emptyaz functionapp
: Not block execution of command when runtime cannot be detected, and omit showing warning for runtime when not applicable (e.g. centauri apps, apps running a docker image)az appservice plan create/update
: Add IsolatedV2 memory intensive SKU supportaz functionapp create
: If customers do not provide an image when creating a Centauri function app, we use the updated default Centauri image
ARM
- [BREAKING CHANGE]
az stack group/sub/mg create/delete
: Remove the deprecated--delete-all
,--delete-resources
, and--delete-resource-groups
flags. Use the--action-on-unmanage
/--aou
parameter instead az group delete
: Add new optionMicrosoft.Databricks/workspaces
for--force-deletion-types
parameteraz deployment
: Support inline parameters with.bicepparam
in single--parameters
argumentaz stack group/sub/mg validate
: Add newvalidate
command to preform preflight validation on a stack deploymentaz stack group/sub create
: Validation of a stack will now occur before a stack is created or updatedaz stack group/sub/mg create/delete
: Action on unmanage behavior for stack managed management groups can now be configuredaz stack group/sub/mg create
: The correlation ID of the create operation is now returned as a property of the stackaz stack group/sub/mg create/delete
: Add new flag--bypass-stack-out-of-sync-error
/--bse
that will bypass errors related to the resource list of a stack being out of sync
Compute
- [BREAKING CHANGE]
az sig image-definition create
: Set the default values for Hyper-V generation and Security Type az vmss create/update
: Add new parameters--enable-resilient-creation
and--enable-resilient-deletion
to support Resiliency Policy on VMSSaz vm create/update
: Add new optionNvmeDisk
for--ephemeral-os-disk-placement
parameteraz vmss create/update
: Add new optionNvmeDisk
for--ephemeral-os-disk-placement
parameteraz vm create
: Add new parameters--source-snapshots-or-disks
and--source-snapshots-or-disks-size-gb
to support implicit disk creation from snapshot and diskaz vm create
: Add new parameters--source-disk-restore-point
and--source-disk-restore-point-size-gb
to support implicit disk creation from disk restore pointaz vmss update
: Add new parameter--ephemeral-os-disk
to support in-place mutual migration of VMSS from ephemeral to non-ephemeral OS diskaz vmss update
: Add new parameter--ephemeral-option
to support setting ephemeral disk setting
Compute Diagnostic
az compute-recommender spot-placement-recommender
: Add new command to support generating placement scores for Spot VM SKU
Container app
az containerapp create/update
: Fix--scale-rule-tcp-concurrency
for TCP scale ruleaz containerapp compose create
: Fix issue where the environment's location is not resolved from--location
- Fix #28864:
az containerapp ingress update
: Fix updating transport from http to tcp with--transport tcp
az containerapp compose create
: Fix variable mixing issue when--compose-file-path
contains multiple services- Fix #28380:
az containerapp ingress access-restriction set
: FixKeyError
whenname
not exists
Core
- Resolve CVE-2024-34064
- [BREAKING CHANGE]
az login
: Use WAM as the default authentication method on Windows. For more details, see https://go.microsoft.com/fwlink/?linkid=2271136 aaz
: Support extended values inAAZArgEnum
- Add
tenantDefaultDomain
andtenantDisplayName
properties to login contexts (shown byaz account list
) - Prompt for interactive authentication for all silent authentication failures
Key Vault
- [BREAKING CHANGE]
az keyvault create
: Default--enable-rbac-authorization
to true az keyvault key create
: Update the release policy used for--default-cvm-policy
NetAppFiles
- [BREAKING CHANGE]
az account backup
: Replace backup commands with backup-vault commands - [BREAKING CHANGE]
az volume backup status
: Removevolume backup status
command, replace withaz netappfiles volume latest-backup-status show
az netappfiles account backup-vault
: Add backup vault command groupaz netappfiles volume latest-backup-status show
: Add command to get latest backup statusaz netappfiles volume latest-restore-status show
: Add command to get latest backup statusaz netappfiles resource region-info list
: Add command to list region specific informationaz netappfiles resource region-info default show
: Add command to get storage to network proximity and logical zone mapping information
Network
- [BREAKING CHANGE]
az network dns zone
: Deprecate--zone-type
,registration-vnets
andresolution-vnets
az network vnet subnet
: Add parameter--sharing-scope
az network private-endpoint-connnection
: AddMicrosoft.App/managedEnvironment
for private endpoint connections- Fix #28615:
az network application-gateway address-pool update
: Race condition in concurrent scenario - Fix #28705:
az network lb rule
: Authentication token not being generated
Packaging
- Add Ubuntu 24.04 Noble Numbat support
- [BREAKING CHANGE] Drop Ubuntu 18.04 support
Profile
az login
: Introduce login experience v2. For more details, see https://go.microsoft.com/fwlink/?linkid=2271236
RDBMS
az postgres flexible-server migration create
: Add private endpoint support for migrations by providing migration runtime resource ID as command line argument
Security
- [BREAKING CHANGE]
az security contact create
: Deprecate--alerts-admins
and--email
- [BREAKING CHANGE]
az security setting update
: Deprecate--enabled
Service Connector
az aks connection list/show
: Add kubernetes resource nameaz source connection create cognitiveservices
: Support OpenAI/AIServices/CognitiveServices as targetaz webapp connection list
: Fix interactive input
Storage
- [BREAKING CHANGE]
az storage account update
: Prompt user for possible charge increases when changing--access-tier
, add--upgrade-to-storagev2
- [BREAKING CHANGE]
az storage container set-permission/get-permission
andaz storage container policy
: Remove--auth-mode login
and--sas-token
for container access policy commands as only shared key authorization is supported on server side
April 30, 2024
Version 2.60.0
ACR
- [BREAKING CHANGE]
az acr connected-registry create
: Mode default value change from ReadWrite to ReadOnly az acr connected-registry create
: If data-endpoint disabled ask for confirmation to enable it instead of throwing an error
AKS
az aks create/update
: Prompt warning during disablement about CR deletionaz aks create/update
: Udpate RP registration code to work on azure monitor subscriptionaz aks create/update
: Update to add default region for workspace creation in air gapped cloudaz aks nodepool add
: Add parameter--disable-windows-outbound-nat
to add a Windows agent pool which the Windows OutboundNAT is disabled
App Service
az webapp config container set
: Remove docker prefix and rename container related parametersaz webapp create
andaz webapp deployment slot create
: Rename--docker-registry-server-user
and--docker-registry-server-password
to--container-registry-user
and--container-registry-password
az webapp create
andaz webapp deployment slot create
: Add parameters--container-image-name
andcontainer-registry-url
to deprecate--deployment-container-image-name
az webapp create
andaz logicapp create
: Update help messageaz webapp config set
: Add new parameter--runtime
to allow users to update their stack by using single parameteraz functionapp create
: Remove unnecessary app settings for flex function apps- Fix #28588:
az webapp config access-restriction add
: Check for null before getting values az webapp config access-restriction set
: Add new parameter--default-action
to configure default action for main siteaz webapp config access-restriction set
: Add new parameter--scm-default-action
to configure default action for scm siteaz webapp list
: Add parameter--show-details
to include detailed site configuration of listed webapps in outputaz functionapp create
: Will validate that the provided runtime is supported by flex when creating a flex function appaz functionapp list-flexconsumption-runtimes
: Add support for this new command so that it provides the list of supported flex runtimes when provided the--location
and--runtime
ARM
az bicep install
: Support additional process architectures with Bicep CLIaz deployment
: Return better message on incorrect bicepparam file pathaz bicep format
: Replace--newline
with--newline-kind
az bicep publish
: Replace--documentationUri
with--documentation-uri
Backup
az backup vault update
: Take--tenant-id
as input for resolving cross-tenant resource guard scenarios. Vault Immutability feature also has resource guard protection now, and support for the same has been added.az backup protection disable
: Take--tenant-id
as input for resolving cross-tenant resource guard scenarios. Stop protection feature also has resource guard protection now, and support for the same has been added.
Batch
az batch pool create
: Add--upgrade-policy-mode
argument to support automatic OS upgradeaz batch pool create
: Add--enable-auto-os-upgrade
argument to enable automatic OS upgradeaz batch pool create
: Add--disable-auto-rollback
argument to disable OS image rollback featureaz batch pool create
: Add--defer-os-rolling-upgrade
argument to defer OS upgrades on the TVMs if they are running tasksaz batch pool create
: Add--use-rolling-upgrade-policy
argument to support OS rolling upgrade policyaz batch pool create
: Add--enable-cross-zone-upgrade
argument to support cross zone OS upgradeaz batch pool create
: Add--max-batch-instance-percent
argument to set the maximum percent of total VMs that will be upgraded in one batchaz batch pool create
: Add--max-unhealthy-instance-percent
argument to set the maximum percentage of the total VMs can be simultaneously unhealthyaz batch pool create
: Add--max-unhealthy-upgraded-instance-percent
argument to set the maximum percentage of upgraded VMs that can be found to be in an unhealthy stateaz batch pool create
: Add--pause-time-between-batches
argument to set the wait time between batches in rolling OS upgradeaz batch pool create
: Add--prioritize-unhealthy-instances
argument to support upgrade all unhealthy VMs firstaz batch pool create
: Add--rollback-failed-instances-on-policy-breach
argument to enable rollback failed instances to previous model if the Rolling Upgrade policy is violated
Compute
az vmss create
: Add support of configure the rolling mode upgrade policy during VMSS creationaz vmss update
: Add new parameter--max-surge
to support updating rolling upgrade policy max surgeaz capacity reservation group list
: Add new parameter--resource-ids-only
to support retrieving the capacity reservation group resource idsaz capacity reservation group create
: Change--sharing profile
to support unsharing subscriptions by passing nothing
Containerapp
az containerapp env create
: Support--dapr-connection-string
to set application insights connection string used by Dapr to export service to service communication telemetry- Fix #28553:
az containerapp exec
: Fix the error ofinappropriate ioctl for device
Core
- Fix #28737: Fix token cache for service principal authentication
- Resolve CVE-2023-3651
Monitor
az monitor log-analytics workspace update
: Add parameter--sku-name
NetAppFiles
az netappfiles volume-group create
: Add--zones
argument to set Availability Zone for volume group volumesaz netappfiles volume create/update
: Update maximum value for--usage-threshold
to support large volumes
Network
az network virtual-appliance inbound-security-rule
: Support for Permanent Inbound Security Rule
RDBMS
az postgres flexible-server upgrade
: Add capability to perform major version upgrade to PG16
Service Connector
az aks connection
: AKS support for Service Connectoraz webapp/containerapp/spring connection create/update
: Store configurations in App Configaz source connection create
: Support auth opt out
Service Fabric
az sf managed-cluster network-security-rule
: Add new network security rule commands
SQL
az sql server create/update
: Add 1.3 to minTLSEnum and make TLS 1.2 as default
April 02, 2024
Version 2.59.0
ACR
- Fix #14768:
az acr login
: Add environment variable for docker command
ACS
az aks create
: Add flag--enable-app-routing
to enable app routingaz aks approuting
: Add command group to handle enable/disable/update of the app routing addonaz aks approuting zone
: Add command group to handle add/delete/update/list actions of DNS zone resources associated to the approuting addonaz aks create/update
: Introduce changes for Azure container storage in ACS CLI
AD
az ad
: Rename Azure Active Directory to Microsoft Entra ID
AKS
az aks create
: Add optional parameter--revision
to set revision for the Azure Service Mesh addon while creating AKS clusteraz aks mesh get-upgrades
: Fix command failure with a traceback if ASM addon is disabledaz aks create/update
: Enable mooncake support for managed prometheus addonaz aks create/update
: Block Azure Managed Grafana for managed prometheus addon in air gapped cloudaz aks create
: Correct use of "comma-separated" in help
App Config
az appconfig feature filter update
: GA commandaz appconfig kv export
: GA parameter--export-as-reference
App Service
az functionapp create
: Add support for Node 20 for Flex function appsaz functionapp create
: Make Node 20 the default for node flex function apps and Python 3.11 the default for python flex function appsaz functionapp create
: Add support for SystemAssignedIdentity and UserAssignedIdentity as the deployment storage authentication typeaz webapp update
: Add new parameter--elastic-web-app-scale-limit
and scaling parameter optionsaz appservice plan update
: Add new parameter--elastic-web-app-scale-limit
and scaling parameter optionsaz webapp deployment source config-zip
: Mark this command as deprecated, recommend using theaz webapp deploy
command instead of it
ARM
az stack group create
: Deprecate the--delete-resources
,--delete-resource-groups
and--delete-all
options and redirect to the new--action-on-unmanage
argumentaz stack group delete
: Deprecate the--delete-resources
,--delete-resource-groups
and--delete-all
options and redirect to the new--action-on-unmanage
argumentaz stack sub create
: Deprecate the--delete-resources
,--delete-resource-groups
and--delete-all
options and redirect to the new--action-on-unmanage
argumentaz stack sub delete
: Deprecate the--delete-resources
,--delete-resource-groups
and--delete-all
options and redirect to the new--action-on-unmanage
argumentaz stack mg create
: Deprecate the--delete-resources
,--delete-resource-groups
and--delete-all
options and redirect to the new--action-on-unmanage
argumentaz stack mg delete
: Deprecate the--delete-resources
,--delete-resource-groups
and--delete-all
options and redirect to the new--action-on-unmanage
argumentaz deployment
: Treat nullable parameters as non-required for Bicep deployment
ARO
az aro create/validate
: Fix bug in permissions validation that was preventing cluster creation in cases where the invoking user had the necessary permissions
CDN
az afd profile
: Add parameter--identity
Compute
az snapshot grant-access
: Add parameter--file-format
to support specifying file format when making request for SAS on a VHDX file format snapshotaz vmss create
: Add--enable-auto-os-upgrade
parameter to support automatic OS Upgrade while creating VMSSaz sig image-definition create
: Add warning message for Hyper-V generation and Security Typeaz vmss create/update
: Add parameters to specify the security posture to be used for all virtual machines in the scale setaz capacity reservation group create/update
: Add new parameter--sharing-profile
to support sharing capacity reservation group across subscriptionsaz snapshot create
: Add parameter--bandwidth-copy-speed
to allow a snapshot to be copied at a quicker speed
DataBoxEdge
az databoxedge device
: Add command groupshare
to support managing device shareaz databoxedge device
: Add command groupuser
to support managing device useraz databoxedge device
: Add command groupstorage-account
to support managing device storage accountaz databoxedge device
: Add command groupstorage-account-credential
to support managing device storage account credentialaz databoxedge device
: Add commandget-extended-information
to support getting extended information
MySQL
az mysql flexible-server advanced-threat-protection-setting show
: Show server's advanced threat protection settingaz mysql flexible-server advanced-threat-protection-setting update
: Update server's advanced threat protection setting using--state
as Enabled/Disabledaz mysql flexible-server import create
: Add support for online migration for single to flex
NetAppFiles
az netappfiles check-file-path-availability
: Add new command to check if a file path is availableaz netappfiles check-name-availability
: Add new command to check if a resource name is availableaz netappfiles check-quota-availability
: Add new command to check if a quota is availableaz netappfiles query-network-sibling-set
: Add new command to describe a network sibling setaz netappfiles update-network-sibling-set
: Add new command to update the network features of a network sibling setaz netappfiles quota-limit
: Add new command group to manage quota limitsaz netappfiles volume populate-availability-zone
: Add new command to populate availability zone information for a volumeaz netappfiles volume replication re-initialize
: Add new command to re-establish a previously deleted replication between 2 volumes that have a common ad-hoc or policy-based snapshots
Network
az network virtual-appliance connection
: Add update command for NVA connectionaz network dns record-set
: Add--traffic-management-profile
for TMLink recordset featureaz network application-gateway waf-policy
: Change default rule set from CRS3.0 to DRS2.1az network virtual-appliance
: Add--internet-ingress-ips
and--network-profile
March 05, 2024
Version 2.58.0
ACR
az acr
: Update registry and webhook example names to be lowercaseaz acr create/update
: Add new argument--allow-metadata-search
to enable the metadata-search feature for the registry
AKS
- Add monitoring addon to support default workspace in AGC
az aks get-versions
: Show extra column on supportPlanaz aks create/update
: Update region map for default region creation with new Azure Monitor Workspace regionsaz aks update
: Zero can be set to outbound-ports,outbound-ip-count in loadbalancer profile and outbound-ip-count in natgateway profile in AKS
API Management
az apim api export
: Add command to export an API Management API
App Service
az webapp up/create/update
: Add new parameter--basic-auth
to allow users to enable and disable basic auth
ARM
- Fix #27855:
az bicep generate-params
: Bicep install messages sent to stdout
Backup
- [BREAKING CHANGE]
az backup item set-policy
: Add warning prompt for migration from Standard to Enhanced Policy
Batch
az batch pool create
: Add new parameter--resource-tags
to support specifying resource tags for the pool. Any resource created for the pool will then also be tagged by the same resource tagsaz batch pool create
: Add new parameters--security-type
,--encryption-at-host
,--secure-boot-enabled
, and--v-tpm-enabled
to support Trusted Launch Security Type for VMs/VMSS deploymentsaz batch pool create
: Add new parameters--caching
,--disk-size-gb
,--write-accelerator-enabled
, and--storage-account-type
to support Batch Node Agent temp disk-less SKUs
CDN
- Fix #28240:
az afd rule create
: Cannot create without condition - Fix #28223:
az afd route create
: Cannot create without--content-types-to-compress
- Fix #27744:
az afd origin-group
: Add parameter--enable-health-probe
Compute
az vmss nic
: Update help messages to guild users to specific commands for Flexible VMSSaz vm host redeploy
: Add command to redeploy the dedicated host- Fix #28397:
az vm create
: Fix creating VM with--security-type Standard
az vmss application set
: Fix updates to the purchase plan are not supported when updating VMSSaz vmss update-domain-walk
: Add new command to support updating vm in a service fabric vmss
Containerapp
az containerapp revision copy
: Fix--from-revision
bug for inheriting a specific revision contains scale rulesaz containerapp update
: Fix TypeError: Argument of type 'NoneType' is not iterable- Fix #28226:
az containerapp job update
: Update existing scale rules if--scale-rule-name
is passed
Core
- [BREAKING CHANGE]
az login
: Replaceallow_broker
withenable_broker_on_windows
(#27726)
Cosmos DB
az cosmosdb sql database/container restore
: Fix support for restore of deleted database resource in the same SQL accountaz cosmosdb mongodb database/collection restore
: Fix support for restore of deleted database resource in the same MongoDB accountaz cosmosdb gremlin database/graph restore
: Fix support for restore of deleted database resource in the same gremlin accountaz cosmosdb table restore
: Fix support for restore of deleted table resource in the same account
MySQL
az mysql flexible-server import create
: Change the default progress message from starting to running
Network
az network virtual-appliance connection
: Add show and list commands for NVA connectionaz network vnet-gateway
: Add parameters--allow-remote-vnet-traffic
and--allow-vwan-traffic
az network express-route gateway
: Add parameter--allow-non-vwan-traffic
RDBMS
- Fix #27713:
az postgres flexible-server list-skus -o table
: Fix table output from list-skus command
Security
az security api-collection
: Manage Azure API Management API connections to Microsoft Defender for APIsaz security security-connector
: Manage cloud security posture management (CSPM) and cloud workload protection (CWP) across multicloud resources
SQL VM
- Fix #27300:
az sql vm group create
:--cluster-subnet-type
should only be passed intoWsfcDomainProfile
Storage
- Fix #28356:
az storage account or-policy update
: Fix-p @policy.json
to allow passing in json files az storage blob upload-batch
: Support--tags
, make--overwrite
non-preview
February 06, 2024
Version 2.57.0
AKS
az aks upgrade
: Add forceupgrade settings to aks stable cliaz aks mesh
: Addaz aks mesh
commands to manage Azure Service Mesh in given clusteraz aks nodepool add/update/upgrade
: Add new parameter--node-soak-duration
to wait after draining a node and before reimaging it and moving on to next node
App Service
az functionapp create
: Use app insights connection string instead of instrumentation keyaz webapp create
: Add new parameter--acr-use-identity
to configure pull image from ACR using MSI when creating a container web appaz webapp up
: Add--track-status
arg to use deploymentstatus APIaz webapp deployment source config-zip
: Add--track-status
arg to use deploymentstatus APIaz functionapp create
: Only allow apps with functions version 4
Backup
az backup restore restore-disks
: Add support for disk restore in edge-zone backupsaz backup restore restore-disks
: Support for Taiwan North and Taiwan North-West Cross region restore
Billing
az billing account
: Add new commandlist-invoice-section
to support listing invoice sectionaz billing account
: Add new command groupinvoice-section
to support managing account invoice sectionaz billing
: Add new commandenrollment-account
to support managing enrollment accountaz billing invoice section
: Add new commandinitiate-transfer
to support intiating transferaz billing profile
: Add new commandreservation list
to support managing reservationaz billing
: Add new command grouptransfer
to support managing transfer
Compute
az image builder error-handler
: Add group to manage error handling options upon a build failureaz sshkey create
: Add parameter--encryption-type
to specify the encryption type of SSH keys to be generatedaz vm monitor log show
: Deprecateazure-loganalytics
and applyazure-monitor-query
az vm/vmss create
: Support Trusted Launch as default deployment option
Consumption
- Fix #20995 #23825: Update
az consumption
API version
Containerapp
az containerapp update
: Fix issue for minReplicas in--yaml
or--min-replicas
is not set when the value is 0az containerapp up
: Fix issue when registry creds are provided for ACRs usingcontainerapp up
command
Key Vault
az keyvault create
: Add warning for upcoming breaking change that--enable-rbac-authorization
will default totrue
az keyvault secret set-attributes
: Fix 'Datetime with no tzinfo will be considered UTC' warning
Monitor
az monitor metrics
: Addlist-sub
andlist-sub-definition
az monitor metrics list
: Fix--top
help message
MySQL
az mysql flexible-server import create
: Add support for operation progress estimated completion time for import from physical backup from azure blob to flexible server
Network
az network vnet-gateway create/update
: Add parameter--enable-private-ip
- Fix #28131:
az network vnet-gateway list
: Conflict key when apply client flatten az network express-route port authorization
: Support to manage authorization with express route portaz network private-link-service list-auto-approved
: Support to list all auto-approved private link servicesaz network public-ip ddos-protection-statu show
: Support to get the DDoS protection status of public IP addressaz network vnet-gateway
: Support ExpressRoute SKUaz network lb create
: Support cross-subscription resource ID
Packaging
- Support Windows ZIP package (Preview)
RDBMS
az postgres flexible-server private-endpoint-connection
: Add support for private endpoint connection commands like list, show, approve, reject, delete for PostgreSQL flexible serveraz postgres flexible-server private-link-resource
: Add support for private link resource commands like list, show for PostgreSQL flexible serveraz postgres flexible-server replica stop-replication
: Stop replication to a read replica and make it a read/write server. This command is deprecated. Useaz postgres flexible-server replica promote
instead.
Redis
az redis flush
: Add support for flush operationaz redis create
: Add support for Microsoft Entra Authenticationaz redis access-policy/access-policy-assignment
: New command groups to manage access policy
Service Connector
az webapp/containerapp/spring connection create/update app-insights
: Support App Insights as target serviceaz webapp connection create sql
: Support auto install for serviceconnector-passwordless extensionaz webapp/functionapp/containerapp/springapp connection
: Support Microsoft Entra ID auth types for table storageaz webapp/containerapp/spring connection create/update
: Support opt out action for configurationInfo and publicNetwork
SQL
az sql db ltr-policy/ltr-backup
: Add support for backup storage access tieraz sql db ltr-policy set
: Add the make-backups-immutable parameter to ltr policyaz mi create/update
: Add optional parameter--database-format
and--pricing-model
for SQL Managed Server resourceaz sql mi refresh-external-governance-status
: Add a new command for Azure SQL Managed Instance refresh external governance status
Storage
az storage file copy start
: Fix when copying between two storage accounts and source file has no parent directory- Fix #28202:
az storage container policy create
: Fix creating an access policy would delete public access permission az storage container set-permission
: Fix failing when updating public access permission with an existing access policy- Fix #21876:
az storage blob upload-batch/download-batch/delete-batch
: Add double quotes to--pattern
value for unix shell
January 09, 2024
Version 2.56.0
AKS
az aks create/update
: Add new parameter--load-balancer-backend-pool-type
to define the Load Balancer backend pool type of managed inbound backend poolaz aks create
: Add parameter--node-public-ip-tags
to specify the ipTags of the node public IPsaz aks nodepool
: Add parameter--node-public-ip-tags
to specify the ipTags of the node public IPsaz aks create
andaz aks nodepool add
: Add crg-id option to create nodepool with Capacity Reservation Groupaz aks stop
: Add warning when private link cluster is stoppedaz aks trustedaccess role
: Add new command group to manage trusted access rolesaz aks trustedaccess rolebinding
: Add new command group to manage trusted access role bindingsaz aks trustedaccess rolebinding list
: Add new command to list all the trusted access role bindingsaz aks trustedaccess rolebinding show
: Add new command to get the specific trusted access role binding according to binding nameaz aks trustedaccess rolebinding create
: Add new command to create a new trusted access role bindingaz aks trustedaccess rolebinding update
: Add new command to update an existing trusted access role bindingaz aks trustedaccess rolebinding delete
: Add new command to delete a trusted access role binding according to nameaz aks update
: Add parameter--network-plugin
to update the network plugin of the AKS cluster
App Config
az appconfig feature set
: Add requirement type to feature command
App Service
az functionapp create
: Add DAPR support for Centauri appsaz functionapp create
: Remove workarounds for Centauriaz webapp deploy
: Add--track-status
arg to use deploymentstatus APIaz functionapp create
: Add workload profile support for Centauri apps
ARM
az bicep publish
: Add optional parameter--with-source
to publish source code with the module (experimental)az lock delete
: Fix the case sensitive comparison issue for resource group name
Compute
az vmss create
: Change--orchestration-mode
to support onlyuniform
for old profileaz vm/vmss create/update
: Add new parameters--enable-proxy-agent
and--proxy-agent-mode
to support azure metadata security protocolaz vm/vmss create
: Add new optionNonPersistedTPM
for parameter--os-disk-security-encryption-type
to support creating Intel TDX based Confidential VM
Containerapp
az containerapp job update
: Fix bug for minExecutions in--yaml
is not set when the value is0
az containerapp hostname bind
: Fix an issue about parsing the environment's resource group when the--environment
is a resource id
Cosmos DB
az cosmosdb sql database restore
: Add support for restore of deleted database resource in the same SQL accountaz cosmosdb sql container restore
: Add support for restore of deleted container resource in the same SQL accountaz cosmosdb mongodb database restore
: Add support for restore of deleted database resource in the same MongoDB accountaz cosmosdb mongodb collection restore
: Add support for restore of deleted collection resource in the same MongoDB accountaz cosmosdb gremlin database restore
: Add support for restore of deleted database resource in the same gremlin accountaz cosmosdb gremlin graph restore
: Add support for restore of deleted graph resource in the same gremlin accountaz cosmosdb table restore
: Add support for restore of deleted table resource in the same account
Eventhub
az eventhubs georecovery-alias create
: Name parameter is required
Extension
az extension
: Enable extension semantic versioning and joinexperimental
intopreview
az extension add/update
: Add--allow-preview
to distinguish stable-only installation with preview-included installation
Key Vault
az keyvault create/update-hsm
: GA--mi-user-assigned
az keyvault backup/restore start
: GA--use-managed-identity
Monitor
az monitor log-analytics workspace
: Addlist-link-target
andlist-available-service-tier
Network
az network application-gateway waf-config list-dynamic-rule-sets
: Support to get the WAF dynamic manifestaz network nsg rule list
: Fix ranges and prefixes disappeared with-o table
optionaz network vnet subnet
: Add--private-endpoint-network-policies
and--private-link-service-network-policies
RDBMS
az postgres flexible-server virtual-endpoint
: Add support for virtual endpoints for PostgreSQL flexible serveraz postgres flexible-server replica promote
: Add capability to stop replication and promote to primary or standalone server with the selection of planned/force data syncs.az postgres flexible-server server-logs list
: List server log files for PostgreSQL flexible serveraz postgres flexible-server server-logs download
: Download server log files for PostgreSQL flexible serveraz postgres flexible-server create
: Add capability to set storage type to PremiumV2_LRS and provide values for IOPS and Throughput during creationaz postgres flexible-server update
: Add capability to update the values of IOPS and Throughput during updateaz postgres flexible-server migration create
: Add migration option like Migrate, Validate and ValidateAndMigrate using parameter--migration-option
and json file for Migration configuration to support additional properties like sourceType and sslMode
Redis
az redis import/export
: Add--storage-subscription-id
support while importing/exporting data
Service Bus
az servicebus georecovery-alias create
: Name parameter is required
Storage
- [BREAKING CHANGE]
az storage account create
: Server change default value for--allow-blob-public-access
and--allow-cross-tenant-replication
toFalse
for security concerns
Upgrade
az upgrade
: Add--allow-preview
to distinguish stable-only extension installation with preview-included extension installation
December 05, 2023
Version 2.55.0
ACR
az acr login
: Allow registry names with hyphen- Fix #27487:
az acr check-health
: Fix DOCKER_PULL_ERROR when acr check-health for Mac OS
AKS
az aks update
: Update outbound ip description and remove limitationaz aks create
: Add arguments--asg-ids
and--allowed-host-ports
az aks nodepool add/update
: Add arguments--asg-ids
and--allowed-host-ports
App Service
- Fix #27189:
az webapp log tail
: Catch exception when scm connection is lost
Billing
az billing period list
: Fix--top
does not work as expectedaz billing invoice download
: Fix command does not workaz billing invoice list
: Fix--period-end-date
and--period-start-date
help message error
Compute
az disk create
: Add new parameter--optimized-for-frequent-attach
to improve reliability and performance of data disks that are frequently attachedaz disk/snapshot create
: Add new parameter--elastic-san-resource-id
to support creating through the ARM id of elastic san volume snapshot
Containerapp
az containerapp ingress cors enable
: Only update arguments--allow-headers
,--allow-credentials
,--allow-methods
,--expose-methods
,--max-age
when the value is notNone
az containerapp
: Change the container-app name and container-app job name in the example to legal names
Key Vault
az keyvault backup start
: Addstatus
in output
Monitor
az monitor activity-log alert
: Upgrade api-version to2020-10-01
to includeany-of
query conditionaz monitor activity-log alert
: Expose parameterall-of
to enable user modifying query condition specifically
Network
az network private-endpoint-connection
: Add providerMicrosoft.DBforPostgreSQL/flexibleServers
az network public-ip prefix
: Add parameter--tier
RDBMS
az postgres flexible-server replica create
: Add support for parameters like--tier
,--sku-name
,--storage-size
during replica creationaz postgres flexible-server update
: Add support for custom IOPS update for flexible server using--performance-tier
az postgres flexible-server advanced-threat-protection-setting show
: Show advanced threat protection settingaz postgres flexible-server advanced-threat-protection-setting update
: Update advanced threat protection setting using--state
as Enabled/Disabled
Service Connector
az containerapp connection create
: Enable Key Vault Reference in Container Apps
SQL
az instance-pool create/update
: Add optional parameter--maintenance-configuration-id
for SQL Instance Pool resourceaz mi create/update
: Add optional parameter--instance-pool-name
for SQL Managed Server resource
Storage
az storage blob upload
: Increasemax_block_size
for append/block blobs of size >= 8mb to 8mb instead of 4mbaz storage blob upload
: Change defaultmax_connections
for append blob to 1az storage file upload/upload-batch
: Fix--allow-trailing-dot
breaking--connection-string
usage- Fix #27899:
az storage account create
: Runcheck_name_availability()
first and throw a warning when an existing account with the name is found
November 14, 2023
Version 2.54.0
ACR
az acr artifact-streaming
: Add new group to include a subgroup operation and the commands create/show/updateaz acr artifact-streaming operation
: Add new group to help the user manage the artifact streaming creation with the commands cancel/showaz acr login
: Add additional parameter validation to check registry name is validaz acr cache
: Add optional--resource-group
parameteraz acr credential-set
: Add optional--resource-group
parameter
AKS
- [BREAKING CHANGE]
az aks create
: Make container log V2 as default and remove region dependency az aks create/update
: Support custom ips/ipprefixes and managed ips being assigned to aks cluster outbound resources togetheraz aks nodepool add/update/upgrade
: Add new parameter--drain-timout
to slow down the upgradeaz aks update
: Fix bug where supportPlan can be reset to Noneaz aks nodepool add
: Fix incorrectly specified property name for option--drain-timeout
az aks create/update
: Enable Grafana support in US Government cloudsaz aks create/update
: Update region map for default region creation with new Azure Monitor Workspace regionsaz aks create/update
: Add cluster scope to recording rule groups created during Managed Prometheus onboardingaz aks update
: Add--network-policy
to support updating the mode of a network policy
APIM
az apim api create
: Make--authorization-scope
parameter optional for setting auth server
App Config
- [BREAKING CHANGE]
az appconfig kv export
: Add validations to snapshot kv export to App Service - [BREAKING CHANGE]
az appconfig kv import/export
: Add skip-features and skip-keyvault restriction for snapshots az appconfig snapshot
: GA snapshot related features
App Service
- [BREAKING CHANGE]
az functionapp
: Redact key value output on keys set - [BREAKING CHANGE] Redact output on deployment source config
- [BREAKING CHANGE]
az webapp config
: Redact webapp config connection-string and storage-account values - [BREAKING CHANGE]
az functionapp/webapp deployment source update-token
: Redact tokens output on deployment source update-token - [BREAKING CHANGE]
az appservice ase create
: Update the default App Service Environment to V3 az appservice list-locations
: Add--hyperv-workers-enabled
parameter to get regions which support hosting web apps on windows container workersaz functionapp deployment source config-zip
: Add the deployer information to improve telemetryaz webapp up
: Fix--logs
arg fails with an exceptionaz functionapp create
: Add new parameter--workspace
to support creating workspace-based app insights components
ARM
- [BREAKING CHANGE]
az stack mg create
: Not supplying--deployment-scope
will no longer default the underlying deployment to the current subscription scope, but to the mg scope of the deployment stack. az stack sub create
: Add no wait supportaz stack mg create
: Add no wait supportaz stack group create
: Add no wait supportaz bicep lint
: Add new command to lint a bicep fileaz deployment group create
: Support supplemental parameters when used with.bicepparam
parameter fileaz deployment
: Add support for determining type of parameters whose definition uses a $ref
ARO
az aro create
: Add new--enable-preconfigured-nsg
parameter, allowing users to enable or disable preconfigured NSGsaz aro create
: Add network contributor to the NSG resource for the cluster SP and FP SPaz aro update
: Add network contributor to the NSG resource for the cluster SP and FP SP, if not already when preconfigured NSG is enabled
Backup
az backup vault create
: Allow updates to immutability for vaults with Managed Identity setaz backup vault update
: Add new command to support updating vault properties without the--location
parameter
Batch
az batch keys renew
: Update help with security warningaz batch keys list
: Update help with security warningaz batch account identity show
: Update help with security warning
Compute
- [BREAKING CHANGE] Remove unversioned image aliases
- [BREAKING CHANGE]
az vm/vmss identity assign
: Remove the default valueContributor
of parameter--role
- [BREAKING CHANGE]
az disk create
: Support creating disk with Gen2 and TLVM as default - [BREAKING CHANGE]
az vm/vmss create
: Disable integrity monitoring by default - [BREAKING CHANGE]
az disk/snapshot create
: Change the default value of--hyper-v-generation
fromV1
toNone
- [BREAKING CHANGE]
az vm create
: Change default value toStandard
for LB options - [BREAKING CHANGE]
az vmss create
: Change default value toStandard
for LB options - [BREAKING CHANGE]
az vmss create
: Change the default value of--orchestration-mode
fromuniform
toflexible
- [BREAKING CHANGE]
az vm/vmss create
: Support Trusted Launch as default deployment option when creating vm/vmss with marketplace image - [BREAKING CHANGE]
az vm/vmss create
: Support Trusted Launch as default deployment option when creating vm/vmss from existing disk or image - [BREAKING CHANGE]
az vm/vmss create
: Support Trusted Launch as default deployment option when creating vm/vmss with minimal inputs - Fix #27446:
az vm encryption enable
: Fix using incorrect client when--key-encryption-key
is specified - Fix #27451:
az vmss list-instances
: Fix API profile to resolve no registered resource provider found error az vm create
: Format the notification message of recommendation regionaz restore-point create
: Add new parameters--source-os-resource
,--os-restore-point-encryption-set
and--os-restore-point-encryption-type
to support encryption OS diskaz restore-point create
: Add new parameters--source-data-disk-resource
,--data-disk-restore-point-encryption-set
and--data-disk-restore-point-encryption-type
to support encryption data diskaz disk create
: Add new parameter--optimized-for-frequent-attach
to improve reliability and performance of data disks that are frequently attachedaz disk/snapshot create
: Add new parameter--elastic-san-resource-id
to support creating through the ARM id of elastic san volume snapshotaz disk create
: Revert new parameter--optimized-for-frequent-attach
az disk/snapshot create
: Revert new parameter--elastic-san-resource-id
Containerapp
- [BREAKING CHANGE]
az containerapp env workload-profile update
: Remove--workload-profile-type
as it does not work in server side - [BREAKING CHANGE]
az containerapp env create
: Update the default value of--enable-workload-profiles
toTrue
az containerapp job create
: Fix AttributeError when--trigger-type
is Noneaz containerapp compose create
: Fix bug where environment's resource group is not resolved from--environment
when the input value is a resource idaz containerapp env workload-profile delete
: Fix issue when deleting wp for env with custom domainaz containerapp update
: Fix appending to NoneType object bug for--secret-volume-mount
az containerapp create/update
: Hide environment variables, scale rules metadataaz containerapp job create/update
: Hide environment variables, scale rules metadataaz containerapp compose create
: Fix containerapp invalid memory resourceaz containerapp job create
: Fix problem of parsing parametersminExecutions
andmaxExecutions
from--yaml
Cosmos DB
az cosmosdb create/update
: Add support for minimum allowed TLS version and burst capacity configuration
Eventhub
- [BREAKING CHANGE]
az eventhubs georecovery-alias update
: This command is removed.
Key Vault
- [BREAKING CHANGE]
az keyvault storage
: Remove this command group since service doesn't maintain anymore az keyvault create/update-hsm
: Add--mi-user-assigned
to support MHSM managed identityaz keyvault backup/restore start
: Add--use-managed-identity
to exempt SAS tokenaz keyvault key
: Add hsm platform info in response
Monitor
- [BREAKING CHANGE]
az monitor activity-log alert create
: Change default value from resourceGroupId to subscriptionId for parameter--scope
- [BREAKING CHANGE]
az monitor metrics alert
: Change datetime output to be consistent with native response - [BREAKING CHANGE]
az monitor log-analytics workspace table search-job create
: Removeschema
wrapper forsearchResults
in api response az monitor log-analytics workspace create
: Add--identity-type
and--user-assigned
argumentsaz monitor log-analytics workspace update
: Add--identity-type
and--user-assigned
argumentsaz monitor log-analytics workspace table
: Enable--retention-time
to be workspace retention when setting as-1
az monitor log-analytics workspace table
: Enable--total-retention-time
to be workspace retention when setting as-1
az monitor log-analytics workspace table search-job
: Add new commandcancel
az monitor autoscale update
: Fix update failure with empty notification
MySQL
az mysql flexible-server gtid reset
: Remove geo-backup check
Network
- [BREAKING CHANGE]
az network public-ip create
: Change default value of--sku
to standard - [BREAKING CHANGE]
az network lb create
: Change default value of--sku
to standard az network private-dns record-set a add-record
: Fix record cannot be added when record set is emptyaz network lb address-pool
: Add parameter--sync-mode
az network application-gateway listener
: Add parameter--host-names
az network private-endpoint-connection
: Add providerMicrosoft.DocumentDB/mongoClusters
- Fix #27508:
az network private-dns zone import
: Import fails when zone already exists az network virtual-appliance
: Add parameter--identity
- Fix #27735:
az network vnet-gateway show
: Conflict key when apply client flatten
Packaging
- [BREAKING CHANGE] Remove unnecessary packages in docker image
- Support Python 3.11
- Bump embedded Python version to 3.11.5
- Add Azure Linux docker image
- Fix #22741:
az upgrade
: This command becomes non-blocking on Windows
Profile
az account get-access-token
: Returnexpires_on
as POSIX timestamp
RDBMS
az postgres flexible-server geo-restore
: Add cross subscription geo-restore support for PostgreSQL flexible serveraz postgres flexible-server restore
: Add cross subscription restore support for PostgreSQL flexible serveraz postgres flexible-server upgrade
: Add MVU support for PG version 15
Role
- [BREAKING CHANGE]
az role assignment create
:--scope
is now a required argument. - [BREAKING CHANGE]
az role assignment create
: Remove--resource-group
argument.
Search
az search service create
: Add--semantic-search
argument.
Security
az security pricing create
: Support subplan and extensions parametersaz security pricing get
: Support extensions in the return result
Service Bus
- [BREAKING CHANGE]
az servicebus georecovery-alias update
: This command is removed. - [BREAKING CHANGE]
az servicebus migration update
: This command is removed.
Service Connector
- [BREAKING CHANGE]
az spring connection
: Remove default value of--deployment
to support spring app connection
SignalR
az signalr replica create/list/show/delete
: Add replica command group foraz signalr
SQL
az sql db create/update
: Add--use-free-limit
and--free-limit-exhaustion-behavior
to support free limit database
Storage
az storage file/directory
: Add--disallow-trailing-dot
az storage share list-handle/close-handle
: Add--disallow-trailing-dot
az storage file copy start/start-batch
: Add--disallow-source-trailing-dot
- Fix #27590:
az storage fs directory download
: Check user sytem PATH for azcopy and use CLI config directory for new install az storage account blob-inventory-policy create
: Add support for new filtercreationTime.lastNDays
in jsonaz storage account migration start/show
: Support customer inititated migration between replication options- [BREAKING CHANGE]
az storage container-rm update
: Remove--default-encryption-scope
and--deny-encryption-scope-override
as they should only be specified during create
October 24, 2023
Version 2.53.1
AKS
- Hotfix:
az aks update
: Fix bug where supportPlan can be reset to None
App Service
- [BREAKING CHANGE] Redact appsettings output on set/delete commands
September 26, 2023
Version 2.53.0
ACR
az acr token create
: Fix random order of repo valid actions and gateway valid actions in the help message
AKS
az aks update
: Add new parameter--private-dns-zone
to support private DNS zone for AKS private clusteraz aks update
: Add new parameter--disable-windows-gmsa
to support disabling Windows gMSA in an AKS clusteraz aks update
: Add forceupgrade settings to aks stable cli
App Config
az appconfig kv import/export
: Removeskip-features
andskip-keyvault
restriction for snapshots
App Service
az functionapp create
: Enable distributed tracing for non consumption apps
ARM
az deployment group create
: Make--template-file
parameter optional when used with.bicepparam
parameter fileaz account list-locations
: Add new parameter--include-extended-locations
to support listing extended locations
Backup
az backup backup-properties
: Add option for setting--soft-delete-feature-state
to "AlwaysOn", and--soft-delete-duration
with values between 14 to 180 (inclusive)az backup vault list-soft-deleted-containers
: List all soft-deleted containers in a backup vault
Compute
az vm/vmss extension set
: Enable auto upgrade by default for CodeIntegrityAgent extensionaz vm create
: Add warning message for Basic option removalaz vmss create
: Add warning message for Basic option removal
Containerapp
az containerapp
: Movecontainerapp
from CLI extension to core CLIaz containerapp env create
: Add--enable-workload-profiles
to specify if the environment is enabled to have workload profilesaz containerapp env dapr-component create
: Fix the sample link for--yaml
parameter
Cosmos DB
az cosmosdb postgres
: GA Cosmos DB for PostgreSQL
MySQL
az mysql flexible-server replica create
: Add new parameters to support replica creation
NetAppFiles
az netappfiles volume
: Add new commandget-groupid-list-for-ldapuser
to Get Group Id List for LDAP Useraz netappfiles account update
: Add parameter--identity-type
az netappfiles volume update
: Add parameter--snapshot-dir-visible
. If enabled (true) the volume will contain a read-only snapshot directory which provides access to each of the volume's snapshots (defaults to true)
Network
az network virtual-appliance
: Add parameter--additional-nics
az network vnet subnet
: Add parameter--default-outbound-access
az network public-ip create
: Add warning message for Basic option removalaz network lb create
: Add warning message for Basic option removal
RDBMS
az postgres flexible-server create/update
: Add capability to enable/disable storage auto-grow during creation and update
Service Connector
az spring connection
: Add deprecated message for--deployment
breaking changeaz webapp connection
: Add new parameter--slot
to support webapp slot connection
SQL
az sql failover-group set-primary
: Add parameter--try-planned-before-forced-failover
to support hybrid geo-failover
Storage
- Fix #26732:
az storage blob copy start-batch
: Add--rehydrate-priority
to batch copy - Fix #27052:
az storage blob delete-batch
: Use utc as default timezone to remove "Datetime with no tzinfo will be considered UTC." warning
September 05, 2023
Version 2.52.0
AKS
az aks create/update
: Add new parameter--enable-vpa
to support enabling vertical pod autoscaler for clusteraz aks update
: Add new parameter--network-dataplane
to specify the network dataplane used in the Kubernetes clusteraz aks create/update
: Add new parameter--node-os-upgrade-channel
to specify which OS on your nodes is updatedaz aks update
: Retain value in network profile in mc object only when decorator is in update modeaz aks update
: Outbound ip/outbound ipprefix and managed outbound ip should be mutually exclusive
App Config
az apponfig kv import
: Add new parameter--import-mode
to specify whether to overwrite already existing key-values or ignore matching keysaz appconfig kv export
: Add new parameter--snapshot
to support exporting all key values from a snapshot of the source configurationaz appconfig kv import
: Add new parameter--src-snapshot
to support importing all key values from a snapshot of the source configuration
App Service
- Fix #26736:
az logicapp create
: Add--runtime-version
and--functions-version
optional parameters az webapp config connection-string set
: Allow users to use json file to set the connection string
ARM
- Fix #26112:
az deployment group create
: Fix the warning logmode is not a known attribute of class TemplateLink
az bicep build-params
: Support generatingparameters.json
file from the givenbicepparam
file with the--file
argumentaz bicep decompile-params
: Support generatingparameters.bicepparam
file from the givenparameters.json
file with the--file
argumentaz bicep generate-params
: Support generatingmain.parameters.json
with the parameters that doesn't have default values in the given.bicep
fileaz bicep generate-params
: Add new parameter--output-format
to support generating parameter file inbicepparam
andjson
formatsaz bicep generate-params
: Add new parameter--include-params
to support generating parameter file with all the parameters in the givenbicep
file, or with only parameters that doesn't have default values in the givenbicep
file
ARO
az aro create
: Add new--outbound-type
parameter, allowing users to select "Loadbalancer" (default) or "UserDefinedRouting"az aro create
: Perform pre-flight validation of prerequisite permissions before creationaz aro validate
: New command to perform explicit validation of prerequisite permissions
Backup
az backup restore restore-azurefileshare
: Add--target-rg-name
parameter to specify the resource group of the destination storage account
Batch
az batch
: Fix batch cloud console authentication issue
Cognitive Services
az cognitiveservices account deployment create
: Add--model-source
parameter
Compute
az vmss create/update
: Add--enable-hibernation
parameter to enable hibernation capability on VMSSaz vmss update
: Add--security-type
parameter to enable Trusted Launch on existing VMSSaz vmss deallocate
: Add--hibernate
parameter to support hibernating a VM while deallocatingaz ppg update
: Add new parameter--type
to support setting proximity placement group type
Cosmos DB
az cosmosdb restore
: Support enabling/disabling public network access
Key Vault
- Fix #27220:
az keyvault certificate import
: Fix invalid policy issue when nocontent_type
provided az keyvault storage
: Announce deprecation since keyvault service doesn't maintain this since long ago
MySQL
az mysql flexible-server parameter set-batch
: Add new command to support updating multiple parametersaz mysql flexible-server export create
: Add Export Backup CLI implementation
Network
az network private-endpoint-connection
: Add providerMicrosoft.EventGrid/namespaces
andMicrosoft.EventGrid/partnerNamespaces
- Fix #27066:
az network vnet list
: Fix -o table cannot be used az network express-route port delete
: Add confirmation while deletingaz network application-gateway waf-policy custom-rule
: Add an example of using--group-by-user-session
az network express-route update
: Fixproperties.SeriveProviderProperties
unexpected null- Fix #26730:
az network public-ip update
:--ip-tags
cannot be correctly parsed az network application-gateway waf-policy managed-rule rule-set
: Support Microsoft_BotManagerRuleSet version 1.0az network vnet peering create
: Mark--remote-vnet
as required
Redis
az redis update
: Fix public network access default value issue
Storage
az storage file upload-batch
: Allow uploading files in parallel to improve performance- Fix #27202:
az storage entity insert
: Fix case when using sas token with onlyadd
permission
Upgrade
az upgrade
: Support upgrading with 64-bit MSI
August 01, 2023
Version 2.51.0
AKS
az aks nodepool snapshot update
: Add aks nodepool snapshot update commandaz aks create
: Add new parameter--k8s-support-plan
to support LTS onboarding, also add new tier enumpremium
az aks update
: Support enabling/disabling LTS via new parameter--k8s-support-plan
az aks create
: Add node taint support when create cluster useaz aks
commandaz aks update
: Add update node taint support on cluster level useaz aks
commandaz aks enable-addons
: Fix the default value of option--enable-msi-auth-for-monitoring
being overwritten toFalse
when specifiedaz aks update
: Add new parameter--outbound-type
to support cluster outbound type.az aks maintenanceconfiguration list
: Add new command to list all maintenance windows in a clusteraz aks maintenanceconfiguration show
: Add new command to display a specific maintenance window of a clusteraz aks maintenanceconfiguration add
: Add new command to add a new maintenance window configuration for a clusteraz aks maintenanceconfiguration update
: Add new command to update an existing maintenance window configuration of a clusteraz aks maintenanceconfiguration delete
: Add new command to delete an existing maintenance window configuration of a clusteraz aks update
: Fix aks network profile update error
App Config
az appconfig kv delete/set/set-keyvault
: Add key validations for null or empty space keysaz appconfig kv export/import/restore
: Update key-value diffing and previewaz appconfig snapshot
: Remove status code property from snapshot objectaz appconfig snapshot list
: Use enums for status parameter
App Service
- Fix #26214:
az webapp show
: Fix the bug caused by missing leading slash causes web app and plan commands to fail for s-clouds - Fix #26214:
az appservice plan show
: Fix the bug caused by missing leading slash causes web app and plan commands to fail for s-clouds - Fix #26601:
az functionapp create
: Throw error for consumption function app created with vnet - Fix #21133:
az webapp/functionapp config ssl bind/unbind
: Search for matching certificates in the subscription by App Service Plan Id
ARM
az stack
: Fix the bug that the required--deny-settings-mode
parameter should not return None (should be a string)az stack
: Fix the bug that the--deny-settings-excluded-principals
parameter was accidentally reset
Batch
az batch job/pool all-statistics
: Remove no longer worked commandsaz batch pool create
: Add new parameter--enable-accelerated-networking
to determine whether this pool should enable accelerated networking
Cognitive Services
az cognitiveservices account deployment create
: Add--sku-name
and--sku-capacity
parametersaz cognitiveservices usage
: Add new commandlist
az cognitiveservices model
: Add new commandlist
Compute
az vm/vmss create
: Enable auto upgrading of guest attestation extension by default for Trusted Launch enabled VMs and VMSSaz vm/vmss create
: Add new parameter--disable-integrity-monitoring-autoupgrade
to support disabling auto upgrading of guest attestation extension for Trusted Launch enabled VMs and VMSSaz sig image-version undelete
: Add new command to support softdeleted image recoveryaz vm/vmss/disk create
: Add new optionStandard
for--security-type
for backward compatibilityaz sig image-definition create
: Add new optionStandard
for--security-type
for backward compatibility
Cosmos DB
az cosmosdb restore
: Add--assign-identity
and--default-identity
to allow PITR restoring with identityaz cosmosdb postgres
: Add new command groups to support Cosmos DB for PostgreSQL
Key Vault
az keyvault restore start
: Add--key-name
to support selective key restoringaz keyvault key sign/verify
: Add new commands to support signing with keyvault key and verify the signature
MySQL
az mysql flexible-server ad-admin set
: Enable AAD for replica
Network
az network nic create/update
: Add parameters--auxiliary-mode
and--auxiliary-sku
to support setting auxiliary mode and skuaz network public-ip
: Add parameter--dns-name-scope
to specify different optionsaz network private-endpoint-connection
: Add providerMicrosoft.ElasticSan/elasticSans
Packaging
- Drop Python 3.7 support
- Support x86 and x64 MSI builds
Resource
az resource invoke-action
: Add new parameter--no-wait
to support not waiting the long-running operation to finish
Role
az ad sp create-for-rbac
: Add alias--json-auth
for--sdk-auth
Service Connector
az functionapp connection
: Add new command group to support service connector on Function Appaz spring connection
: Enable new auth types for Spring Boot and Cosmos SQL connection
SQL
az sql mi start/stop/start-stop-schedule
: Add SQL MI manual and scheduled start stop
Storage
az storage container-rm update
:--default-encryption-scope
and--deny-encryption-scope-override
should not be specified during updating- Fix #22704:
az storage account create
:--encryption-key-type-for-queue
and--encryption-key-type-for-table
no longer remove other settings - Fix #26587:
az storage file upload
: Add--file-url
to support supplying the url instead of share/file name
July 04, 2023
Version 2.50.0
AKS
az aks get-versions
: Both json payload and table format changedaz aks create
: Add condition to disable--enable-msi-auth-for-monitoring
for service principle
APIM
az apim graphqlapi resolver create
: Add new command to create gql api resolveraz apim graphqlapi resolver show
: Add new command to show gql api resolveraz apim graphqlapi resolver list
: Add new command to show gql api resolver listaz apim graphqlapi resolver delete
: Add new command to delete gql api resolveraz apim graphqlapi resolver policy create
: Add new command to create resolver policyaz apim graphqlapi resolver policy show
: Add new command to show resolver policyaz apim graphqlapi resolver policy list
: Add new command to list resolver policiesaz apim graphqlapi resolver policy delete
: Add new command to delete a policy
App Config
az appconfig feature
: Improve error handling for invalid feature flagsaz appconfig snapshot create
: Add new command to support creating a snapshotaz appconfig snapshot show
: Add new command to support showing the properties of an app configuration snapshotaz appconfig snapshot list
: Add new command to support listing snapshots of a given app configurationaz appconfig snapshot archive
: Add new command to support archiving a snapshotaz appconfig snapshot recover
: Add new command to support recovering an archived snapshot
App Service
- Fix #21168:
az webapp deploy
: Call OneDeploy through ARM proxy if--src-url
is provided - Fix #26647:
az webapp show
: Remove duplicate IPs from outbound addresses - Fix #25497:
az webapp deploy
: Fix extension parsing ifsrc-path
has multiple '.'s
ARM
az managedapp definition create/update
: Add new parameter--deployment-mode
to support setting deployment policyaz resource move
: Add help example for moving multiple resourcesaz stack
: Add new command group to support deployment stacksaz stack mg
: Add new command group to manage deployment stack at management group scopeaz stack sub
: Add new command group to manage deployment stack at subscription scopeaz stack group
: Add new command group to manage deployment stack at resource group scope
ARO
az aro get-admin-kubeconfig
: Add new command to download an admin kubeconfig for a created ARO cluster
Backup
az backup vault create
: Add parameter--cross-subscription-restore-state
to set the CSR state of the vault at the time of creation as well as updatingaz backup recoveryconfig show
: Add parameter--target-subscription-id
to provide the target subscription as the input while triggering cross subscription restore for SQL or HANA workloadsaz backup protection backup-now
: Allow--enable-compression
to be set totrue
for SAPHANA Workloadsaz backup recoveryconfig show
: Add new parameter--target-instance-name
to specify the target instance name for the restore operation
Compute
az vmss update
: Add new parameter--custom-data
to support updating custom dataaz image builder optimizer
: Add subgroup to manage image template optimizeraz image builder create
: Add parameter--validator
to specify the type of validation to be used on the Imageaz vm update
: Add parameter--security-type
to support VM Gen2 to Trusted Launch conversionaz sig image-definition create
: Add examples for TrustedLaunchSupported and TrustedLaunchAndConfidentialVmSupportedaz capacity
: Fix short summaries for groups- Fix #26516:
az vm create
: Fix warning log for public IP even when no public IP is being created
Eventhub
az eventhubs eventhub
: Enum value forcleanup_policy
change tocompact
fromcompaction
az eventhubs namespace list
: Support list command without mandatoryresource_group
parameteraz eventhubs eventhub create/update
: Event Hubs Capture MSI feature added to eventhub entity
IoT
az iot hub route
: Hide the deprecated command, please useaz iot hub message-route
instead of it.az iot hub routing-endpoint
: Hide the deprecated command, please useaz iot hub message-endpoint
instead of it.
Key Vault
- Fix #26527:
az keyvault certificate show
: Show policy.x509CertificateProperties.subjectAlternativeNames correctly
Monitor
az monitor metrics alert create
: Add()
into--condition
grammar
MySQL
az mysql flexible-server import create
: Add new command to facilitate migrations from mysql single to flexible serversaz mysql flexible-server restore/geo-restore/replica cerate
: Support--tags
NetAppFiles
az netappfiles volume replication resume
: Add warning on action to re-sync replication volumes that if destination volume has quota rules they will be overwritten by the source volumes quota rules.
Network
az network dns zone import
: Fix alias records cannot be imported- Fix #26438:
az network vnet peering sync
: Doesn't work in cross-tenant scenario az network application-gateway waf-policy policy-setting update
: Add support for log scrubbingaz network application-gateway waf-policy policy-setting update
: Add support for inspection limitaz network application-gateway waf-policy custom-rule
: Support rate limit in WAF policy- Fix #24695:
az network traffic-manager
: Add command context - Fix #26638:
az network traffic-manager endpoint
: Declare--min-child-endpoints
,--min-child-ipv4
and--min-child-ipv6
as integer type az network dns
: Support DNSSEC configuration and DS/TLSA record set
Packaging
- Add Debian Bookworm support
RDBMS
az postgres flexible-server migration update
: Remove unsupported update parameters--db-names
and--overwrite-dbs
az postgres flexible-server migration create
: Add support for tags and location using--tags
and--location
az postgres flexible-server revive-dropped
: Add support to revive a dropped PostgreSQL flexible serveraz postgres flexible-server create
: Add support to create PostgreSQL flexible server with data encryption enabled for geo-backup enabled server by pasing parameters--geo-redundant-backup
,--backup-key
and--backup-identity
az postgres flexible-server show-connection-string
: Add support to pass--pg-bouncer
in connection strings for cmd and programming languages with PgBouncer enabled for PostgreSQL flexible server. Updated connection strings to show port as well as databaseaz postgres flexible-server update
: Add support for parameter--private-dns-zone
during update operation, to update private DNS zone for a VNET enabled PostgreSQL flexible server
Service Bus
az servicebus namespace list
: Support list command without mandatoryresource_group
parameter
Service Fabric
az sf managed-cluster network-security-rule add
: Add network security rule to managed cluster
SQL
az sql midb move/copy
: Add new commands for Managed Database Move/Copy feature
SQL VM
- Fix #2442969:
az sql vm enable-azure-ad-auth/validate-azure-ad-auth
: Workaround Graph API bug by using client side filtering upon failure az sql vm update
: Add configuration options for new SQL Assessment pre-requisites MMA->AMA migration
Storage
az storage blob upload(-batch)/set-tier/copy start(-batch)
: Cold Tier GA, add new tier type--tier cold
az storage blob download-batch
: When matching pattern, list blobs with prefix to reduce the number of list calls- Fix #26673:
az storage account or-policy create
: Now throw server error that was previous silently ignored.
Synapse
az synapse workspace create/update
: Support workspace encryption and user-assignment management identity
May 23, 2023
Version 2.49.0
ACR
az acr create
: RemoveClassic
fromsku
option
AKS
- [BREAKING CHANGE]
az aks create
: Specify--pod-cidr
with Azure CNI will return an error instead of logging a warning when not useoverlay
mode - [BREAKING CHANGE]
az aks create
: Change the default value of--enable-msi-auth-for-monitoring
to true and add check for airgap clouds az aks update
: Support updating user assigned control plane identity for parameter--assign-identity
az aks install-cli
: Add validation for installation path and update help message for parameters--install-location
and--kubelogin-install-location
- Fix #26353:
az aks install-cli
: Fix incorrect architecture detection on Darwin/arm64 az aks create/update
: Add parameter--enable-azure-monitor-metrics
to enable managed prometheus (Azure Monitor Metrics Addon)az aks create/update
: Add parameter--azure-monitor-workspace-resource-id
to store metrics for the managed prometheus addonaz aks create/update
: Add parameter--grafana-resource-id
to link the Azure Monitor Workspace with a Grafana instance for viewing metrics and dashboardsaz aks create/update
: Add parameter--enable-windows-recording-rules
to enable windows recording rule groups on the Azure Monitor Workspace (by default they get created but are disabled)az aks create/update
: Add parameter--ksm-metric-labels-allow-list
to support the additional Kubernetes label keys that will be used in the resource's labels metricaz aks create/update
: Add parameter--ksm-metric-annotations-allow-list
to support the Kubernetes annotations keys that will be used in the resource's labels metricaz aks update
: Add parameter--disable-azure-monitor-metrics
to disable the Azure Monitor Metrics addonaz aks create
andaz aks nodepool add
: Add warning message when specifying--os-sku
toMariner
orCBLMariner
App Config
- [BREAKING CHANGE]
az appconfig feature
: Update feature name validation to disallow the colon character - [BREAKING CHANGE]
az appconfig kv import
: Update feature name validation. Invalid feature flags will be skipped during import - [BREAKING CHANGE]
az appconfig
: Update default connection string resolution logic
App Service
az functionapp create
: Add new parameter--min-replicas
and--max-replicas
to support minimum and maximum replicasaz functionapp create
: Add new parameter--registry-server
to support Centauri function appaz functionapp create
: Update the default image tomcr.microsoft.com
for Centauri- Fix #26445:
az webapp deploy
: Fix deployment failing with HTTP 400
ARM
- Fix #26216:
az bicep format
: Fix the TypeErrorexpected str, bytes or os.PathLike object, not bool
- Fix #26256:
az bicep publish/restore/generate-params
: Fix version checks without bicep installed az bicep publish
: Add new parameter--force
to allow overwriting existing module- Fix #26352:
az ts create
: Fix for the TypeErrorstring indices must be integers
Backup
az backup
: Add support for HANA HSR workload
Compute
az vm create
: Support new license typeUBUNTU_PRO
andUBUNTU
az vm extension set
: Enable auto-upgrade by default for GuestAttestation extensionaz image builder trigger
: Add subgroup to manage image builder template triggeraz image builder output versioning
: Add subgroup to manage image builder template output versioningaz image builder output add
: Add parameter--versioning
to support describing how to generate new x.y.z version number for distributionaz image builder output add
: Add parameter--vhd-uri
to support specifying storage uri for the distributed VHD blob
Container
az container create
: Add new parameters for container security context for confidential ContainerGroupSku
Cosmos DB
- [BREAKING CHANGE]
az cosmosdb create/update
: Rename--enable-public-network true/false
to--public-network-access ENABLED/DISABLED/SECUREDBYPERIMETER
az cosmosdb create/update
: Add--continuous-tier
to support continuous backup tieraz cosmosdb create/update
: Enable Partition Merge feature for CosmosDB
Eventhub
- [BREAKING CHANGE]
az eventhubs namespace network-rule
: This command group is removed and replaced byaz eventhubs namespace network-rule-set
- [BREAKING CHANGE]
az eventhubs namespace network-rule add
: This command is removed and replaced byaz eventhubs namespace network-rule-set ip-rule/virtual-network-rule add
- [BREAKING CHANGE]
az eventhubs namespace network-rule remove
: This command is removed and replaced byaz eventhubs namespace network-rule-set ip-rule/virtual-network-rule remove
- [BREAKING CHANGE]
az eventhubs eventhub create/update
: Remove--message-retention
parameter, it is replaced by--retention-time-in-hours
- [BREAKING CHANGE]
az eventhubs namespace application-group policy remove
: Rename--throttling-policy-config
to--policy
and removemetric-id
andrate-limit-threshold
properties in it az eventhubs eventhub create/update
: Add--cleanup-policy
,--retention-time-in-hours
and--tombstone-retention-time-in-hours
to supportRetention-Description
feature
IoT
az iot hub create/update/delete
: Fix poller issues
Key Vault
- [BREAKING CHANGE]
az keyvault create
:--retention-days
becomes required for MHSM creation - [BREAKING CHANGE]
az keyvault backup start
: The output will only containfolderUrl
- [BREAKING CHANGE]
az keyvault restore start
: Nothing will return for successful run - [BREAKING CHANGE]
az keyvault role assignment delete
: Nothing will return for successful run - [BREAKING CHANGE]
az keyvault certificate show/set-attributes/import
: No longer returnx509CertificateProperties.basicConstraints
,pending
- [BREAKING CHANGE]
az keyvault certificate contact delete
: Return an empty list instead of the deleted contact for consistency if the operation would remove the last contact - [BREAKING CHANGE]
az keyvault certificate issuer create
:organizationDetails.zip
is no longer returned by serivce, use 0 as the default az keyvault security-domain upload
: Fix sd warpping keys with passwordsaz keyvault setting
: New command group to manage MHSM settings
Monitor
az monitor
: Add new subgroupaccount
to support managing monitor workspaceaz monitor log-analytics workspace table create/update
: Max--total-retention-time
changed from 2555 to 2556
NetAppFiles
- [BREAKING CHANGE]
az netappfiles volume create
: Remove optional parameter--vault-id
as this is not longer needed - [BREAKING CHANGE]
az netappfiles vault list
: Remove commandvault list
as this is not longer needed az netappfiles account create
: Add optional parameter--identity-type
az netappfiles account ad add
: Add optional parameter--preferred-servers-for-ldap-client
az netappfiles volume create
: Add optional parameter--is-large-volume
az netappfiles volume account create
: Add optional parameter--identity-type
az netappfiles volume quota-rule update
: Add optional parameter--tags
az netappfiles volume
: Add new commandbreak-file-locks
to break all the file locks on a volume
Network
- [BREAKING CHANGE]
az network cross-region-lb rule
: Remove parameters--enable-tcp-reset
and--idle-timeout
- [BREAKING CHANGE]
az network application-gateway http-settings update
: Usenull
instead of""
to detach - [BREAKING CHANGE]
az network application-gateway settings update
: Usenull
instead of""
to detach - [BREAKING CHANGE]
az network application-gateway url-path-map update
: Usenull
instead of""
to detach - [BREAKING CHANGE]
az network nic update
: Usenull
instead of""
to detach - [BREAKING CHANGE]
az network nic ip-config update
: Usenull
instead of""
to detach - [BREAKING CHANGE]
az network nsg rule update
: Usenull
instead of""
to detach - [BREAKING CHANGE]
az network vnet update
: Usenull
instead of""
to detach - [BREAKING CHANGE]
az network vnet subnet update
: Usenull
instead of""
to detach - [BREAKING CHANGE]
az network application-gateway client-cert remove
: Deprecate the output of command - [BREAKING CHANGE]
az network application-gateway ssl-profile remove
: Deprecate the output of command - [BREAKING CHANGE]
az network private-endpoint dns-zone-group remove
: Deprecate the output of command - [BREAKING CHANGE]
az network private-endpoint ip-config remove
: Deprecate the output of command - [BREAKING CHANGE]
az network private-endpoint asg remove
: Deprecate the output of command - [BREAKING CHANGE]
az network nic ip-config address-pool remove
: Deprecate the output of command - [BREAKING CHANGE]
az network nic ip-config inbound-nat-rule remove
: Deprecate the output of command - [BREAKING CHANGE]
az network lb address-pool tunnel-interface remove
: Deprecate the output of command - [BREAKING CHANGE]
az network cross-region-lb address-pool address remove
: Deprecate the output of command az network private-endpoint-connection
: Add providerMicrosoft.HardwareSecurityModules/cloudHsmClusters
- Fix #26248:
az network dns record-set cname set-record
: Declare TTL as integer type - Fix #26326:
az network vnet subnet update
:--nat-gateway
cannot be set to null - Fix #26318:
az network vnet subnet create
:--nsg
and--route-table
cannot be used as name from Azure Stack
RDBMS
- [BREAKING CHANGE]
az mysql/postgres flexible-server create/update
: DeprecateEnabled
for--high-availability
argument az mysql flexible-server restore/georestore/replica create
: Add--public-access
parameter for restore, replication and georestore
Service Bus
- [BREAKING CHANGE]
az servicebus georecovery-alias fail-over
: Remove--parameters
argument - [BREAKING CHANGE]
az servicebus namespace network-rule
: This command group is removed and replaced byaz servicebus namespace network-rule-set
- [BREAKING CHANGE]
az servicebus namespace network-rule add
: This command is removed and replaced byaz servicebus namespace network-rule-set ip-rule/virtual-network-rule add
- [BREAKING CHANGE]
az servicebus namespace network-rule remove
: This is removed and replaced by byaz servicebus namespace network-rule-set ip-rule/virtual-network-rule remove
- [BREAKING CHANGE]
az servicebus queue update
: Remove deprecated parameters--enable-partitioning
,--enable-session
and--duplicate-detection
Service Connector
az spring connection create
: Enable user-assigned managed identity for spring apps and deprecate Postgresql single server
SQL
- [BREAKING CHANGE]
az sql mi link create
: Remove--replication-mode
argument az sql elastic-pool
: Add--preferred-enclave-type
argumentaz sql mi link update
: Fix update command to use PATCH api
Storage
az storage account blob-service-properties cors-rule
: Add new command group to manage blob cors rules
April 25, 2023
Version 2.48.1
App Service
- Hotfix: Use basic auth with SCM sites if supported, else use AAD auth
April 25, 2023
Version 2.48.0
App Service
- Fix #25642:
az functionapp deployment user show
: Fix the AttributeError'function' object has no attribute 'metadata'
az staticwebapp appsettings
: Add--environment-name
parameter to allow app setting operation on preview environmentsaz functionapp create
: Update 'kind' attribute for Centauri function apps
Compute
- Fix #26118:
az vm list-ip-addresses
: Fix the KeyError when attributes missing in public IP address - Fix #26164:
az vmss update
: Fix unexpected error while running the update instance protection command on VMSS flex instances - Fix #26185:
az sig update
: Fix issues thatis_soft_delete_enabled
may not exist az vm host resize
: Add new command to support resizing dedicated hostaz vm host list-resize-options
: Add new command to support getting possible resize options
DMS
az dms project tack create
: Add support for database schema migration
Eventhub
az eventhubs namespace application-group policy remove
: Add upcoming breaking change notification
Network
az network nic update
: Add--ip-configurations
to support shorthand syntaxaz network public-ip prefix create
: Add parameter--ip-tags
az network cross-region-lb rule create
: Set default value for--enable-tcp-reset
and--idle-timeout
RDBMS
az mysql flexible-server create/update/gtid reset
: Add GTID reset and fix public-access
SQL
az sql midb ledger-digest-uploads
: Support SQL Ledgeraz sql mi server-configuration-option
: New command group to manage server configuration options
SQL VM
az sql vm enable-azure-ad-auth/validate-azure-ad-auth
: Single mode improvement
Storage
az storage file/directory
: Add--auth-mode login
and--backup-intent
to support OAuthaz storage blob sync
: Add positional argumentextra_options
to pass through options toazcopy
April 04, 2023
Version 2.47.0
AKS
az aks create/update
: Add--tier
argument will specify the sku tier that customer wantsaz aks nodepool operation-abort
: Add new command to support aborting last running operation on nodepoolaz aks operation-abort
: Add new command to support aborting last running operation on managed clusteraz aks create
: Raise a ClientRequestError when creating the same cluster againaz aks create/update
: Add new parameter--enable-image-cleaner
to enable Image Cleaner serviceaz aks create/update
: Add new parameter--image-cleaner-interval-hours
to set Image Cleaner scanning intervalaz aks create
: Add new parameter--network-plugin-mode
to support creating Azure CNI Overlay clustersaz aks create/update
: Add new parameter--enable-workload-identity
to support enabling workload identity addonaz aks create
: Add new parameter--network-dataplane
to support creating Cilium clustersaz aks update
: Add prameter--network-plugin-mode
to update the mode of a network pluginaz aks update
: Add prameter--pod-cidr
to update the pod CIDR for a cluster
App Config
az appconfig import/export
: Add warning log info to output even when--yes
flag is setaz appconfig kv import
: Ensure the case of imported boolean values does not change for string conversion from file
App Service
- Fix #25375:
az functionapp deployment source config-zip
: Fix theCould not find a 'AzureWebJobsStorage' application setting
error - Fix #25876:
az webapp config ssl import
: Fix the UnboundLocalErrorlocal variable 'cert_name' referenced before assignment
az functionapp create
: Support container app deploymentsaz functionapp delete
: Add a validation to check whether Azure Functions is not in the Azure Container app environments
ARM
az deployment group create
: Support deployment with bicepparam filesaz resource patch
: Add new command to support updating resource by PATCH request- Fix #25706:
az bicep format
: Fix the TypeErrorensure_bicep_installation() missing 1 required positional argument 'cli_ctx'
- Fix #25715:
az bicep install/upgrade
: Fix theconfigparser.NoSectionError: No section: 'bicep'
Compute
az vm reimage
: Add new command to support reimaging a virtual machineaz vm/vmss create
: Deprecate image aliasUbuntuLTS
andWin2008R2SP1
. Please use the image alias including the version of the distribution you want to use. For example: Please useUbuntu2204
instead ofUbuntuLTS
Cosmos DB
az cosmosdb identity assign
: Allow refreshing user assigned identities if they're reassigned to an account
Extension
az extension add
: Add actionable message for extension not found error
Key Vault
az keyvault region
: GA MHSM region commands
Monitor
az monitor activity-log alert
: Adjust help message
NetAppFiles
az netappfiles volume update
: Patch assign snapshotpolicyID
Network
- [BREAKING CHANGE]
az network
: Clean up irrelevant commands in azure-stack profiles. - [BREAKING CHANGE]
az network application-gateway waf-policy custom-rule
: Rename output propertyapplicationGatewayIpConfigurations
toapplicationGatewayIPConfigurations
to keep consistent with the name in API az network routeserver create/update
: Add parameter--hub-routing-preference
- Drop
azure-mgmt-network
SDK - Fix #25784:
az network private-link-service update
:--lb-frontend-ip-configs
cannot be used
RDBMS
- [BREAKING CHANGE]
az postgres flexible-server replica create
: Fix the behavior of AZ selection in case zone is not passed as parameter - Fix #368903181: Fix zone selection during creation of replica
az mysql flexible-server restore/geo-restore
: Add parameters to enhance PITRaz mysql flexible-server replica create
: Add parameters to support cross region paired vnet
Service Bus
az servicebus namespace/topic/queue authorization-rule keys renew/list
: Add-n
option for--authorization-rule-name
to create auth rule
SQL
az sql server refresh-external-governance-status
: New command for refreshing external governance statusaz sql db geo/ltr-backup restore
: Add more parameters to geo restore and ltr restore
Storage
az storage blob copy start
: Fix auth issue when providing source uri containing sas tokenaz storage container/blob list
: Fix MemoryError when service returns less num than requestedaz storage account create
: GA partition DNS account support
Synapse
az synapse spark pool create/update
: Update--node-size-family
and--node-size
allowed values
March 07, 2023
Version 2.46.0
ACR
az acr token\scope-map
: Tokens and Scope-Maps are Generally Availableaz acr manifest
: Support oci image indexaz acr cache
: Add new command group to manage cache rulesaz acr credential-set
: Add new command group to manage credential sets- Fix #24886:
az acr
: Improve the 429 error handling for CONNECTIVITY_REFRESH_TOKEN_ERROR
AKS
az aks check-acr
: Fix mariner node missing cert- Fix #25521:
az aks nodepool upgrade
: Fix the crashes when the version passed in through the parameter--kubernetes-version
is the same as the cluster version - Fix #25530:
az aks nodepool upgrade
: Fix agent pool property name used for fetching current k8s version az aks create
: Add new parameter--pod-cidrs
for setting the IP ranges used to allocate IPs to podsaz aks create
: Add new parameter--service-cidrs
for setting the K8s service IPsaz aks create
: Add new parameter--ip-families
for setting the IP types that should be used in a cluster (IPv4 or IPv6)az aks create
: Add new parameter--load-balanacer-managed-outbound-ipv6-count
for setting the number of IPv6 outbound IPs that AKS should managed for a cluster with IPv6 enabledaz aks update
: Support changing the load balancer managed outbound IPv6 count property- Fix #22321:
az aks get-credentials
: Fix path separator for Windows when findingkubeconfig_path
APIM
- Fix #25168:
az apim update
: Fix the bug that--public-network-access
doesn't work to disable public network access
App Service
az webapp deleted restore
: Add new parameter--target-app-svc-plan
to support setting app service plan for new azure web app- Fix #14729:
az webapp config ssl upload
: Refine error handling forOpenSSL.crypto.Error
when obtaining the certificate's thrumbprint failed az functionapp create
: Add new parameter--environment
to support setting the name of container app environmentaz webapp config ssl bind/unbind
: Allow user to specify hostname to (un)bind with--hostname
az webapp config ssl create/upload/import
: Allow user to specify certificate name with--certificate-name
az functionapp create
: Add new parameter--environment
to support setting the name of container app environment
ARM
az bicep publish
: Update command to support new optional parameter--documentationUri
- Fix #25510:
az bicep
: Set bicep.use_binary_from_path to false when installed using Azure CLI az bicep format
: Add new command to support formatting a Bicep file
ARO
az aro create
: Rename the createinstall-version
parameter toversion
Compute
az vmss reimage
: Fix the bug that all instances will be reimaged after using--instance-id
and add new parameter--instance-ids
to replace--instance-id
az vm create
: Support recommending more suitable regions through warning log when creating VMaz vm/vmss identity assign
: Add warning and modify help message for--role
: Please note that the default value of--role
will be removed in the breaking change release of the fall of 2023, so please specify--role
and--scope
at the same time when assigning a role to the managed identity.
Container
az container create
: Add new parameters--priority
,--sku
and--cce-policy
for container group
Cosmos DB
az cosmosdb container create
: GA Client Side Encryption featureaz cosmosdb container update
: Fix updates failure for containers with client encryption policyaz cosmosdb restore
: Add--gremlin-databases-to-restore
,--tables-to-restore
parameters to support restore of gremlin and table accountsaz cosmosdb gremlin restorable-resource list
: New command that list restorable gremlin resourcesaz cosmosdb gremlin restorable-database list
: New command that list restorable gremlin databasesaz cosmosdb gremlin restorable-graph list
: New command that list restorable graphs under a gremlin databaseaz cosmosdb gremlin retrieve-latest-backup-time
: New command that retrieve latest backup time for a graph under a databaseaz cosmosdb table restorable-resource list
: New command that list restorable table resourcesaz cosmosdb table restorable-table list
: New command that list restorable tablesaz cosmosdb table retrieve-latest-backup-time
: New command that retrieve latest backup time for a table
Deployment Manager
- [BREAKING CHANGE]
az deploymentmanager
: Remove command module since it is no longer maintained by service
Key Vault
az keyvault create/update-hsm
: Add--public-network-access
for MHSM creating or updating
Network
- [BREAKING CHANGE]
az network lb address-pool create/update
: Replace preview argument--backend-addresses-config-file
and--config-file
by--backend-addresses
which supports Json, files and shorthand syntax formats - [BREAKING CHANGE]
az network lb address-pool
: Output propertiesprivateIpAddress
,privateIpAddressVersion
,privateIpAllocationMethod
,publicIpAddress
andpublicIpPrefix
are renamed byprivateIPAddress
,privateIPAddressVersion
,privateIPAllocationMethod
,publicIPAddress
andpublicIPPrefix
to keep consistent with the name in API - [BREAKING CHANGE]
az network cross-region-lb probe
: Deprecate command group as probes are not supported for global load balancer - [BREAKING CHANGE]
az network nic create/update
: Rename output propertyenableIpForwarding
toenableIPForwarding
to keep consistent with the name in API - [BREAKING CHANGE]
az network nic create/update
: Rename output propertyprivateIpAllocationMethod
toprivateIPAllocationMethod
to keep consistent with the name in API - [BREAKING CHANGE]
az network nic create/update
: Rename output propertypublicIpAddress
topublicIPAddress
to keep consistent with the name in API - [BREAKING CHANGE]
az network lb
: Update output property names in2017-03-09-profile
,2018-03-01-hybrid
,2019-03-01-hybrid
and2019-03-01-hybrid
profiles to keep consist with thelatest
profile. - [BREAKING CHANGE]
az network cross-region-lb
: Remove in2017-03-09-profile
,2018-03-01-hybrid
,2019-03-01-hybrid
and2019-03-01-hybrid
profiles. - [BREAKING CHANGE]
az network nic ip-config
: Rename output propertyprivateIpAddress
toprivateIPAddress
to keep consistent with the name in API - [BREAKING CHANGE]
az network nic ip-config
: Rename output propertyprivateIpAllocationMethod
toprivateIPAllocationMethod
to keep consistent with the name in API - [BREAKING CHANGE]
az network local-gateway
: Update output property names in2017-03-09-profile
,2018-03-01-hybrid
,2019-03-01-hybrid
and2019-03-01-hybrid
profiles to keep consist with thelatest
profile. - [BREAKING CHANGE]
az network vpn-connection
: Update output property names in2017-03-09-profile
,2018-03-01-hybrid
,2019-03-01-hybrid
and2019-03-01-hybrid
profiles to keep consist with thelatest
profile. - [BREAKING CHANGE]
az network vnet-gateway
: Update output property names in2017-03-09-profile
,2018-03-01-hybrid
,2019-03-01-hybrid
and2019-03-01-hybrid
profiles to keep consist with thelatest
profile. - [BREAKING CHANGE]
az network nic
: Update output property names in2017-03-09-profile
,2018-03-01-hybrid
,2019-03-01-hybrid
and2019-03-01-hybrid
profiles to keep consist with thelatest
profile - [BREAKING CHANGE]
az network watcher flow-log
: Remove the deprecated commandconfigure
- [BREAKING CHANGE]
az network vrouter
: Deprecatevrouter
and userouteserver
instead - [BREAKING CHANGE]
az network watcher connection-monitor endpoint add
: Remove deprecated parametersfilter-item
andfilter-type
az network nsg rule list
: Fix-o table
cannot be usedaz network private-endpoint-connection
: Add providerMicrosoft.Monitor/Accounts
az network express-route gateway connection create/update
: Add parameters--inbound-route-map
and--outbound-route-map
to support route map- Fix #25408:
az network application-gateway rule create
: Creation fails with--redirect-config
when there are multiple pools az network private-endpoint-connection
: Add providerMicrosoft.DBforMySQL/flexibleServers
Packaging
- Remove openssl1.1-compat and use openssl-dev in docker image
- Support ARM64 on Linux
PolicyInsights
- Fix #25538:
az policy remediation create
: Fix theRequired property 'policyAssignmentId' not found in JSON
error
RDBMS
az postgres flexible-server migration
: Use Cloud supplied URL's rather than hardcoded management URL'saz mysql flexible-server replica create
: Add--location
to support specifying replica locationaz mysql flexible-server update
: Fix--storage-auto-grow
parameter unable to be set
Role
az role assignment create
: Show warning if--scope
argument is not specified:--scope
argument will become required for creating a role assignment in the breaking change release of the fall of 2023. Please explicitly specify--scope
.- Migrate
azure-mgmt-authorization
SDK to Track 2 and bump API version to 2022-04-01
Service Bus
az servicebus namespace
: Add--premium-messaging-partitions
to support ServiceBus Namespace ScaleSet
Service Connector
az connection create
: Add new param--customized-keys
SQL
az sql instance-failover-group
: Add--secondary-type
parameter to create and update commandsaz sql midb restore
: Add tags parameteraz sql mi create/update
: Add--zone-redundant
to support zone redundancyaz sql db tde-key revalidate/revert
: New commands to revert and revalidate the TDE protector key for the database and SQL serveraz sql db create/update/show
: Add--keys
,--encryption-protector
,--assign-identity
,--user-assigned-identity-id
parameters to support Per DB CMK
SQL VM
az sql vm create/update
: Deprecate--sql-mgmt-type
argumentaz sql vm update
: Update no longer requires the mode to be sent as fullaz sql vm enable-azure-ad-auth/validate-azure-ad-auth
: New commands for Sqlvm Azure AD authentication
Storage
az storage blob copy start-batch
: Add--destination-blob-type
and--tier
- Fix #25402:
az storage account network-rule
: Support adding and removing multiple IPs
February 07, 2023
Version 2.45.0
ACR
- [BREAKING CHANGE]
acr manifest list-referrers
: Support OCI reference types and remove ORAS artifact reference types az acr check-name
: Make command work with different profile
AKS
- Make ContainerInsights DataCollectionRuleName consistent with Portal and other onboarding clients
az aks upgrade
: Show warning if the Kubernetes version isn't suppliedaz aks create
: Deprecate parameters--aad-client-app-id
,--aad-server-app-id
and--aad-server-app-secret
az aks update-credentials
: Deprecate parameters--reset-aad
,--aad-client-app-id
,--aad-server-app-id
and--aad-server-app-secret
App Service
az webapp create-remote-connection
: Update the host address of SSH tunnel from 0.0.0.0 to 127.0.0.1- Add support to create ASPs with Memory Optimized Workers
- Fix #17720:
az functionapp function
: Add new command to list functions in a function app - Fix #24285:
az webapp config access-restriction add
: Fix the bug that it does not support more than one Front Door ID in X-Azure-FDID - Fix #23603:
az functionapp config set
: Add new parameter to set PowerShell version az webapp config appsettings
: Register settings as deployment slot setting anytime when using--slot-settings
az webapp config backup delete
: Add new command to delete a backup of the webapp
ARM
az bicep
: Add configurationbicep.use_binary_from_path
. Possible values includeif_running_in_ci
(default) and Booleansaz bicep
: Add configurationbicep.check_version
that accepts Boolean values. If set toFalse
, version checks for Bicep CLI will be disabledaz deployment what-if
: Fix an issue where formatting nested array changes throws an exception- Fix #25022:
az resource tag
: Fix the issue ofthe serializedData field is missing or null
when updating tag for Microsoft.insights/workbooks
ARO
az aro create/update
: Add NetworkContributor role to NAT Gateways in Cluster Resource Group when creating or updating clustersaz aro create
: Change--pull-secret
parameter to no longer require@
prefix on filenames
Backup
az backup vault
: Add new parameter--public-network-access
to support enabling public network access for the backup vaultaz backup vault create
: Add new parameter--immutability-state
to support configuring immutability settings for the backup vault
Batch
- Fix #24007:
az batch pool create
: Fix bug that caused 'MissingRequiredProperty' error when parameter--encryption-key-identifier
is used
Compute
az image builder identity assign
: Add this command to add managed identity to an existing image builder templateaz image builder identity remove
: Add this command to remove managed identity from an existing image builder templateaz image builder identity show
: Add this command to display managed identity of an existing image builder templateaz vmss reimage
: Let--instance-id
support multiple ids- Fix #25308:
az disk create
: Fix help message for creating a standard disk for uploading blobs az vmss create/update
: Add new parameter--enable-osimage-notification
to support enabling OS image scheduled eventaz vmss create
: Add new parameter--max-surge
to support enabling rolling upgrade policy max surge
Cosmos DB
az managed-cassandra datacenter update
: Add support to update--sku
DMS
az dms project task create
: Update DMS MySQL API to support new migration types
Feedback
- Stop including error messages in the feedback body
IoT
az iot hub wait
: Add wait commandsaz iot hub delete
: Fix functionality issue for parameter--no-wait
Key Vault
az keyvault security-domain restore-blob
: Support restoring blob offlineaz keyvault security-domain upload
: Add--restore-blob
to prevent exposing keys in online environment
NetAppFiles
az netappfiles volume update
: Fix volume patch dataprotection props
Network
- [BREAKING CHANGE]
az network application-gateway ssl-profile
: Rename output propertyverifyClientCertIssuerDn
toverifyClientCertIssuerDN
to keep consistent with the name in API - [BREAKING CHANGE]
az network cross-region-lb frontended-ip
: Rename output properties withpublicIp
prefix topublicIP
prefix to keep consistent with the names in API response - [BREAKING CHANGE]
az network lb frontended-ip
: Rename output properties withpublicIp
prefix topublicIP
prefix to keep consistent with the names in API response - [BREAKING CHANGE]
az network lb frontended-ip
: Rename output properties withprivateIp
prefix toprivateIP
prefix to keep consistent with the names in API response - [BREAKING CHANGE]
az network lb inbound-nat-pool
: Rename output propertyenableFloatingIp
toenableFloatingIP
to keep consistent with the name in API - [BREAKING CHANGE]
az network lb inbound-nat-pool
: Rename output propertyfrontendIpConfiguration
tofrontendIPConfiguration
to keep consistent with the name in API - [BREAKING CHANGE]
az network lb inbound-nat-rule
: Rename output propertyenableFloatingIp
toenableFloatingIP
to keep consistent with the name in API - [BREAKING CHANGE]
az network lb inbound-nat-rule
: Rename output propertyfrontendIpConfiguration
tofrontendIPConfiguration
to keep consistent with the name in API - [BREAKING CHANGE]
az network lb rule
: Rename output propertyenableFloatingIp
toenableFloatingIP
to keep consistent with the name in API - [BREAKING CHANGE]
az network lb rule
: Rename output propertyfrontendIpConfiguration
tofrontendIPConfiguration
to keep consistent with the name in API - [BREAKING CHANGE]
az network cross-region-lb rule
: Rename output propertyenableFloatingIp
toenableFloatingIP
to keep consistent with the name in API - [BREAKING CHANGE]
az network cross-region-lb rule
: Rename output propertyfrontendIpConfiguration
tofrontendIPConfiguration
to keep consistent with the name in API - [BREAKING CHANGE]
az network lb outbound-rule
: Rename output propertyfrontendIpConfigurations
tofrontendIPConfigurations
to keep consistent with the name in API - [BREAKING CHANGE]
az network cross-region-lb address-pool
: Rename output propertyloadBalancerFrontendIpConfiguration
toloadBalancerFrontendIPConfiguration
to keep consistent with the name in API - [BREAKING CHANGE]
az network cross-region-lb address-pool create
: Replace preview argument--backend-addresses-config-file --config-file
by--backend-addresses
which supports Json, files and shorthand syntax formats - [BREAKING CHANGE]
az network bastion
: Move Azure Bastion to Azure CLI Extensionbastion
- Fix #25130:
az network list-usages
:-o table
cannot be used - Fix #25124:
az network vnet-gateway create
: Active-Active gateway fails with insufficient IP configurations az network dns zone export
: Fix the export to emit all ALIAS records for a particular record set nameaz network public-ip create
: Add parameter--ddos-protection-plan
to link a DDoS protection plan to public IP- Fix #25181:
az network nsg rule create
: Use*
as default value for protocol az network cross-region-lb address-pool update
: Add new command to update an address-pool
PolicyInsights
az policy attestation
: Add new command groups to manage resource policy attestation
RDBMS
az mysql flexible-server create/update
: Add--auto-scale-iops
to enable or disable autoscale of iopsaz mysql flexible-server start/stop
: Add no-wait supportaz postgres flexible-server start/stop
: Add no-wait supportaz postgres flexible-server migration
: Change behavior of cancel/cutover and added Offline Flag for FMS based migrations
Service Bus
az servicebus topic subscription rule create/update
: Add--correlation-filter
to support custom filters
SQL
az sql midb recover
: Add support for managed database recover creation optionaz sql recoverable-midb show
: Add support for getting geo replicated backupaz sql recoverable-midb list
: Add support for listing geo replicated backupsaz sql db geo-backup restore/show/list
: New commands to manage geo redundant backupsaz sql db threat-policy
: Change expiration version for cmd group to 2.49.0az sql mi dtc
: Add managed instance DTC commandsaz sql midb restore
: Add support for cross-subscription restoreaz sql db geo/ltr-backup restore
: Add service objective parameter to ltr restore and geo restore
Storage
az storage account create
: Ongoing breaking change warning for disallowing blob public access by defaultaz storage container immutability-policy create
: Allow user to not specify--resource-group
January 11, 2023
Version 2.44.1
Network
- Hotfix: Fix #25086:
az network lb probe
: Expose parameter--probes
January 10, 2023
Version 2.44.0
ACR
az acr manifest
: Support oci artifact manifest
AKS
az aks create
: Add new parameter--data-collection-settings
to support for AKS Monitoring Addon in MSI auth modeaz aks install-cli
: Automatically add the installation directories to system path on windowsaz aks create/update
: Add support for KEDA workload auto-scaler
APIM
az apim api create
: Parse URL to detect Protocol and API type
App Service
- Fix #23488:
az appservice plan create
: Fix zone redundant ASP creation fails for ASEv3 - Fix #24858: Support for new isolated v2 (I4v2, I5v2, I6v2) SKUs
az appservice ase upgrade/send-test-notification
: Add new commands for ASE to support ASE upgrade and sending test notificationsaz appservice ase update
: Add--allow-incoming-ftp-connections
to allow incoming FTP connectionsaz appservice ase update
: Add--allow-remote-debugging
to allow remote debugging- Fix #19893:
az appservice plan create
: Fix the bug that cannot create app plan in a different subscription for ASEv3 - Fix #16478:
az functionapp cors credentials
: Add enable/disable CORS creds commands - Fix #22934:
az functionapp delete
: Add new parameter--keep-empty-plan
to support keeping empty app service plan - Fix #19469:
az functionapp vnet-integration add
: Add consumption plan validation az staticwebapp functions link
: Add new parameter--environment-name
to support setting the environment name of static site
ARM
- Fix #24810: Support ARM64 architecture for Bicep installation
Batch
az batch pool create/set
: Add new parameter--target-communication
to support setting the desired node communication mode for the pool
Compute
- Fix #24896:
az vm create
: Fix the bug that the VM cannot be created from ACG image to other resource group az disk create
: Add new parameter--performance-plus
to support boosting the performance targetaz vm list
: Add new paramter--vmss
to support querying VM instances in a specific VMSSaz sig image-version create/update
: Add parameters--target-edge-zone-encryption
and--target-edge-zones
to support edge zones
Container
az container export
: Fix export when identity is set
Key Vault
az keyvault key create
: Support OKP key and Ed25519 curve
Monitor
- [BREAKING CHANGE]
az monitor action-group test-notifications create
: Remove notification in resource group and subscription level az monitor diagnostic-settings create
: Create with resource id and export without workspace
NetAppFiles
az volumes qouta-rule create
: Add volume quota rule create commandaz volumes qouta-rule show
: Add volume quota rule show commandaz volumes qouta-rule list
: Add volume quota rule list commandaz volumes qouta-rule update
: Add volume quota rule update commandaz volumes qouta-rule delete
: Add volume quota rule delete command
Network
az network vnet-gateway create
: Add parameter--edge-zone-vnet-id
for local gateway- Fix #24853:
az network nsg rule create
:--destination-asgs
and--source-asgs
cannot be used - Fix #24883:
az network application-gateway stop/start
: Add missed parameter--ids
az network watcher packet-capture create
: Resolve local path issue for Linux VMaz network lb update
: Expose parameter--tags
Redis
az redis import/export
: Add new optional parameter--preferred-data-archive-method
az redis server-link
: Linked server has two new properties:geoReplicatedPrimaryHostName
andprimaryHostName
Security
az security alert update
:--status
now supportresolve
andinprogress
Service Connector
az connection
: Support local connection which allows local environment to connect Azure resource- Fix #24806:
az webapp connection create mysql-flexible
: Fix mysql connection command with--system-identity
SQL
az sql server/db/mi/midb advanced-threat-protection-setting show/update
: Supportadvanced-threat-protection-setting
commandsaz sql db threat-policy
: Declare deprecation of this command group in version 2.45.0az sql db
: Add--preferred-enclave-type
argument
Storage
az storage blob copy start
: Fix--tier
to support setting blob tier when copying
December 06, 2022
Version 2.43.0
Core
aaz
: Fixhas_value
function for list, dict and object arg types (#24625)aaz
: Support argument preview and experimental (#24637)aaz
: Add registered property forAAZBaseArg
(#24640)aaz
: Add aazlist and aazdict args transform help functions (#24690)aaz
: Support camel case key inAAZObjectType
(#24771)- Disable removing and updating system extension in Cloud Shell (#24361)
AKS
az aks enable-addons
: Add--enable-syslog
parameter to monitoring addonaz aks nodepool
: Unify the option names used to specify the nodepool name and cluster name. For nodepool name, option names are--nodepool-name
,--name
and-n
. For cluster name, option name is--cluster-name
az aks nodepool add
: Support the new SKU Mariner for parameter--os-sku
App Config
az appconfig
: Update raised errors in app config command module
App Service
az staticwebapp backends link
: Link an backend to a static webapp. Also known as "Bring your own Backend."az staticwebapp backends unlink
: Unlink backend from a static webappaz staticwebapp backends show
: Show details on the backend linked to a static webappaz staticwebapp backends validate
: Validate an backend for a static webappaz webapp config snapshot restore
: Fix the AttributeErrorstr object has no attribute get
az appservice plan create/update
: Add new environment SKU for parameter--sku
az staticwebapp create
: Add new parameter--login-with-ado
to create azure dev ops token automatically- Fix #24506:
az functionapp keys set/delete
: Update the wrong accepted parameter valuesystemKey
tosystemKeys
for--key-type
az webapp create
: Add--public-network-access
parameter to support enabling public accessaz staticwebapp hostname show
: Fix dns-txt-token validation command to show command- Fix #24620:
az webapp create
: Improve the error message to show that theaz webapp list-runtimes
command depends on the specified runtime
ARM
az deployment mg create
: Add new parameter--mode
to support setting the mode for deploying resourcesaz group lock list
: Mark the--resource-group
as required in help messageaz bicep install
: Address issue installing bicep on non-musl default systems with musl
Backup
az backup restore restore-disks
: Allow--disk-encryption-set-id
for cross region restore
Compute
- Fix #24624:
az sig image-version create
: Fix the error that the--os-vhd-storage-account
must be a managed disk or snapshot
IoT
- Fix #22257:
az iot dps linked-hub create
: Improve error handling for linked hubs az iot hub create/delete
: Add--no-wait
parameter to support no wait operation
Key Vault
az keyvault
: Add check-name command, support Security Domain Properties
Monitor
az monitor diagnostic-settings
: Add--marketplace-partner-id
parameter
Network
az network bastion rdp
: Allow rdp session customizationaz network private-endpoint-connection
: Enable private link support for providerMicrosoft.DesktopVirtualization/hostpools
andMicrosoft.DesktopVirtualization/workspaces
az network application-gateway
: Support OCSP revocation check on client certificateaz network traffic-manager endpoint
: Add--always-serve
to manage the health check on endpointsaz network public-ip create
: Fix--ip-tags
cannot be usedaz network private-endpoint-connection
: Add ProviderMicrosoft.MachineLearningServices/registries
RDBMS
az postgres flexible-server geo-restore/replica
: Introduce read replicas and geo-restoreaz postgres flexible-server upgrade
: Add major version upgrade for PostgreSQL flexible serveraz postgres flexible-server create/update/restore/replica
: Postgres flex byokaz postgres flexible-server identity
: Add user managed identity operations for PostgreSQL flexible serveraz postgres flexible-server create/update/ad-admin
: Add Azure Active Directory Administrator operations for PostgreSQL flexible server
Service Connector
az webapp/spring/containerapp connection create mysql
: Deprecate mysql single server connection command
SQL
az sql server ipv6-firewall-rule
: Add new command group for AZ SQL server IPv6 firewall rule
SQL VM
az sql vm update
: Deprecate the--yes
prompt to upgrade SqlIaaSAgent extension to full modeaz sql vm create/update
: Add--least-privilege-mode
to take minimal permissions on their SQL Serveraz sql vm group create/update
: Add--cluster-subnet-type
to support High Availability configuration
Storage
- Fix #23893, #24528:
az storage account show-connection-string/keys renew
: Fix resource group auto completion - Fix #23216:
az storage file upload-batch
: Fix--dryrun
to show correct file paths az storage blob copy start
: Add--destination-blob-type
to allow switching between blob types when copyingaz storage account encryption-scope list
: Add--filter
,--include
,--maxpagesize
to support advanced listaz storage account failover
: Add--failover-type
to support planned failover
November 01, 2022
Version 2.42.0
ACR
az acr task update
: Fix logic issue for updating encoded task
AKS
- Fix #24188:
az aks list
: Fix pagination handling errorContainerServiceClientConfiguration object has no attribute api_version
when there are many list results - Fix #24188:
az aks nodepool list
: Fix pagination handling errorContainerServiceClientConfiguration object has no attribute api_version
when there are many list results az aks create/update
: Add new parameters--enable-blob-driver
and--disable-blob-driver
to enable/disable Blob CSI Driveraz aks create/update
: Add new parameter--enable-oidc-issuer
to support enabling oidc issuer featureaz aks oidc-issuer rotate-signing-keys
: Add new command to support rotating oidc issuer service account signing keys
APIM
az apim create/update
: Add--public-network-access
to support specifying whether or not public endpoint access is allowed for this API management serviceaz apim create/update
: Add--disable-gateway
to support disabling gateway in the master region
App Config
az appconfig
: Update raised errors in app config command module
App Service
- Fix #23050:
az functionapp deployment source config-zip
: Fix the bug that zip deployment will fail if app settings contain any values of null
Backup
az backup restore restore-disks
: Update Cross Zonal Restore behaviour for ZRS vaults and primary region CRR scenariosaz backup job show
: Change subtask start/end time from minimum value to null for ongoing or yet-to-start operation
Compute
az vm run-command create/update
: Change help messages and add examples for--output-blob-uri
parameter to illustrate that--output-blob-uri
must be SAS URI- Fix #24187:
az vm list
: Fix the AttributeError 'ComputeManagementClientConfiguration' object has no attribute 'api_version' az vm extension list
: Add new parameter--ids
to support listing extensions by VM idaz sig image-version create/update
: Add--allow-replicated-location-deletion
to support removing gallery image version from replicated regions- Fix #24263:
az snapshot create
: Fix the KeyError 'IMPORT_ENUM' when creating snapshot from source blob uri az sig image-version update
: SupportexcludeFromLatest
for--add
parameter to exclude this image version when using the latest version of image definitionaz sig image-version update
: SupportsafetyProfile.allowDeletionOfReplicatedLocations
for--set
parameter to allow users to remove the gallery image version from replicated regions
HDInsight
- [BREAKING CHANGE]
az hdinsight create
: Remove the enum value 1.0 and 1.1 from the--minimal-tls-version
, HDInsight doesn't support TLS version which is less than 1.2 now.
IoT
az iot hub create
: Enforce data residency property on hubs created inqatarcentral
NetAppFiles
az netappfiles account renew-credentials
: Addrenew-credentials
command to renew identity credentials that are used to authenticate to key vault, for customer-managed key encryption
Network
az network public-ip
: Add alias--ddos-protection-mode
to--protection-mode
az network custom-ip prefix
: Add parameters--asn
,--geo
,--no-internet-advertise
and so on- Fix #21551:
az network nic ip-config update
: ASGs update with multiple IP configurations - Fix #24169:
az network application-gateway waf-policy managed-rule exclusion rule-set remove
: Remove exclusion with different matchers - Fix #24377:
az network public-ip create
: Derive Public IPs in different resource group from Public IP Prefix az network lb probe
: Support probe threshold via--probe-threshold
RDBMS
- [BREAKING CHANGE]
az postgres flexible-server migration show
: Remove--level
parameter - [BREAKING CHANGE]
az postgres flexible-server migration delete
: Remove this command. Deleting a migration is not supported for now. - [BREAKING CHANGE] Change
az postgres flexible-server migration update --cutover
toaz postgres flexible-server migration update --cutover db1 db2 db3
az postgres flexible-server migration create
: Add--migration-mode
to support offline and online(with CDC) migrations. Default mode when--migration-mode
not passed will be offline.- Add
az postgres flexible-server migration update --cancel db1 db2 db3
to cancel a migration.
Resource
az resource delete
: Add new parameter--no-wait
to support not waiting the long-running operation to finish
Role
az role assignment create
: Support bring-your-own role assignment nameaz role assignment delete
: If--ids
is provided, ignore other arguments, instead of raising error
SQL
az sql midb log-replay start
: Add--storage-identity
parameter
Storage
az storage account show-connection-string/keys renew
: Update options for--key
parameteraz storage account create/update
: GA--key-vault-federated-client-id
Synapse
az synapse workspace create
: Add parameter--managed-resource-group-name
az synapse spark pool
: Add parameter--enable-dynamic-executor-allocation
October 11, 2022
Version 2.41.0
Core
- Support Continuous Access Evaluation
- PREVIEW: Support Web Account Manager (WAM) login on Windows. To opt in, run
az config set core.allow_broker=true
- Revert #23514: Rename entry script
az.ps1
toazps.ps1
aaz
: Supportyaml
file as value for compound argumentsaaz
: Fix recursion depth exceeded for to_serialized_data of AAZObjectaaz
: Support customized life cycle callback functions forAAZCommand
aaz
: Fix two AAZObjects or AAZDicts comparison
ACS
- [BREAKING CHANGE]
az acs
: Remove the deprecated command group
AD
- Support special characters in user principal name
AKS
- Fix #23779:
az aks install-cli
: Support determining the arch of binaries based on system information
APIM
- Fix #20863:
az apim api import
: Fix the issue to import GraphQL API's using graphqllink
App Config
- [BREAKING CHANGE]
az appconfig kv import
: Add validation to JSON file import to ensure that only valid JSON objects are imports - [BREAKING CHANGE]
az appconfig kv export
: Update the array conversion logic to prevent dropping keys during export az appconfig kv export
: Fix MemoryError while exporting large storesaz appconfig replica
: New command group to support geo-replicationaz appconfig kv export
: Support exporting app configuration settings as references to App Serviceaz appconfig kv import
: Ensure app configuration references are not imported from App Serviceaz appconfig feature filter update
: Add new command to support updating functionality for feature filters
App Service
az functionapp deployment github-actions
: Add support for linux powershell runtimesaz functionapp deployment github-actions
: Fix issue where publish profile would not be populated before the github action was runaz webapp up
: No longer show status during linux deploymentsaz webapp deployment source config-zip
: No longer show status during linux deployments
ARM
az deployment group what-if
: Fix an issue wherecomplete
deployment mode does not work
Backup
az backup policy
: Add support for Smart Tiering policy
Compute
- [BREAKING CHANGE]
az vmss create
: Update NAT pool to NAT rule V2 for Standard LB SKU when creating VMSS az vm/vmss create
:--enable-secure-boot
is set to True by default when the--security-type
used by the VM/VMSS creation isTrustedLaunch
az restore-point create
: Add new parameter--consistency-mode
to support setting consistency modeaz vmss create/update
: Add new parameters--priority-count
and--priority-percentage
to support setting priority mix policyaz vm/vmss create/update
: Add new parameter--disk-controller-type
to support setting disk controller typeaz disk create
: Add warning log in three scenarios to later support creating disk with Gen2 and TLVM as defaultaz vmss create
: Add new parameter--nat-rule-name
to specify the name of NAT rule V2 when creating a new load balancer (NAT rule V2 is used to replace NAT pool)
Cosmos DB
az cosmosdb mongodb role/user definition
: New command groups for enforcing RBAC on Cosmos DB Mongo accountsaz cosmosdb create/update
: GA mongo server version
Event Hubs
- [BREAKING CHANGE]
az eventhubs namespace update
: Remove--key-source
,--key-name
,--key-vault-uri
and--key-version
. Please useaz eventhubs namespace encryption
to manage keys - [BREAKING CHANGE]
az eventhubs namespace create/update
: Remove--identity
. Please use--mi-user-assigned
and--mi-system-assigned
parameters andaz eventhubs namespace identity
commands - [BREAKING CHANGE]
az eventhubs namespace create/update
: Remove--default-action
and--enable-trusted-service-access
. Please useaz eventhubs namespace network-rule update
command instead
Key Vault
- [BREAKING CHANGE]
az keyvault create/update
: Finally remove--enable-soft-delete
parameter - Fix #23527:
az keyvault secret set
: Add alias--content-type
for--description
Monitor
- [BREAKING CHANGE]
az monitor diagnostic-settings list
: Dropvalue
property in output, return a list instead of a dict az monitor autoscale
: Upgrade monitor autoscale api versionaz monitor autoscale
: Add predictive metric show cmd
NetAppFiles
az netappfiles account create
: Add optional parameters--key-name
,--key-source
,--keyvault-resource-id
,--user-assigned-identity
az netappfiles account update
: Add optional parameters--key-name
,--key-source
,--keyvault-resource-id
,--user-assigned-identity
az netappfiles volume create
: Add optional parameters--smb-access-based-enumeration
,--smb-non-browsable
,--delete-base-snapshot
az netappfiles resource
: Add new commandquery-region-info
Network
- [BREAKING CHANGE]
az network watcher connection-monitor create
: Deprecate classic connection monitor creation - [BREAKING CHANGE]
az network application-gateway waf-policy managed-rule rule-set
: Change parameter--rules
to--rule
and support multi-properties - [BREAKING CHANGE]
az network vnet
: Deprecate parameter--defer
- [BREAKING CHANGE]
az network public-ip
: ChangepublicIpAllocationMethod
topublicIPAllocationMethod
- [BREAKING CHANGE]
az network public-ip
: ChangepublicIp.publicIpPrefix
topublicIp.publicIPPrefix
- [BREAKING CHANGE]
az network public-ip
: ChangepublicIpAddressVersion
topublicIPAddressVersion
- Fix #23884:
az network application-gateway rule create
: Compatible with v1 SKU az network private-endpoint-connection
: Add ProviderMicrosoft.AgFoodPlatform/farmBeats
az network application-gateway waf-policy managed-rule rule-set
: Support per rule actions in web application firewallaz network public-ip
: Support ddos protection mode via--protection-mode
Packaging
- Drop Mariner 1.0 RPM package
RDBMS
az mysql flexible-server update
: Expose--geo-redundant-backup
argumentaz mysql/postgres flexible-server create/update
: DeprecateEnabled
for--high-availability
argumentaz mysql flexible-server stop
: Change stopped time logging messageaz mysql flexible-server ad-admin delete
: Disableaad_auth_only
when dropping AAD adminaz mysql flexible-server identity remove
: Allow removing all identities in a MySQL server
Reservations
- Move commands from azure-cli to
reservation
extension
Service Bus
- [BREAKING CHANGE]
az servicebus namespace create/update
: Remove--default-action
. Please useaz servicebus namespace network-rule update
command instead az servicebus queue/topic create/update
: Support setting max message sizeaz servicebus topic subscription create
: Support client affine
Service Connector
az spring-cloud connection create postgres
: Add--system-identity
for springcloud-postgres connection
SQL
az sql server audit-policy show
: AddisManagedIdentityInUse
info in output
Storage
az storage blob/container
: Support--account-name
for non-standard account URLaz storage account update
: Fix ADProperties wipe out issue when updating--default-share-permission
- Fix #19311:
az storage remove
: Add support for connection-string
September 06, 2022
Version 2.40.0
ACR
az acr config authentication-as-arm show
: Add new command to support showing the configured 'Azure AD authenticate as ARM' policyaz acr config authentication-as-arm update
: Add new command to support updating 'Azure AD authenticate as ARM' policyaz acr config soft-delete show
: Add new command to show soft-delete policyaz acr config soft-delete update
: Add new command to update soft-delete policyaz acr repository list-deleted
: Add new command to list deleted repositoriesaz acr manifest list-deleted
: Add new command to list deleted manifestsaz acr manifest list-deleted-tags
: Add new command to list deleted tagsaz acr manifest restore
: Add new command to restore deleted manifests and tagsaz acr network-rule
: Deprecate params--subnet
and--vnet-name
acr config
: Fix bug in some commands that would in certain circumstances attempt to pull a nonexistent model from SDK
AKS
- Fix #23468:
az aks nodepool wait
crashes with error "'Namespace' object has no attribute 'nodepool_name'" az aks check-acr
: Append acr suffix to option--acr
acording to cloud envaz aks
: Add--gpu-instance-profile
for Nvidia multi-instan…az aks update
: Update without args prompts to reconcileaz aks create/update
: Add new parameters--enable-disk-driver
and--disable-disk-driver
to enable/disable AzureDisk CSI Driver. When creating new cluster, AzureDisk CSI Driver is enabled by default.az aks create/update
: Add new parameters--enable-file-driver
and--disable-file-driver
to enable/disable AzureFile CSI Driver. When creating new cluster, AzureFile CSI Driver is enabled by default.az aks create/update
: Add new parameters--enable-snapshot-controller
and--disable-snapshot-controller
to enable/disable CSI Snapshot Controller. When creating new cluster, CSI Snapshot Controller is enabled by default.az aks nodepool add
: Add optionWindows2019
,Windows2022
to--os-sku
parameter- Fix #23653:
az aks create
: Fix the CrashLoopBackOff issue when set--network-policy
to 'Calico'
App Service
- Fix #23417:
az functionapp github-actions add
: Fix the functionapp github actions on java az functionapp list-runtimes
: Add linuxFxVersion to outputaz webapp up
: Show status during deployment for linux appsaz webapp deployment source config-zip
: Show status during deployment for linux appsaz logicapp deployment
: Add a new command group to support managing logic app deploymentsaz logicapp scale
: Add a new command to support scaling a logic appaz logicapp config
: Add a new command group to support configuring a logic appaz logicapp update
: Add a new command to support updating a logic app
ARM
az bicep
: UseAZURE_CLI_DISABLE_CONNECTION_VERIFICATION
when checking Bicep CLI versions
Backup
az backup vault create/backup-properties set
: Add support for Alert Settings- Fix #23655:
az backup restore restore-disks
: Support storage account being in a different resource group
Batch
- Fix #23445:
az batch pool supported-images list
: Fix theNoneType object has no attribute startswith
bug for getting supported images list
Compute
az vm run-command invoke
: Add new parameters--no-wait
to support not waiting for the long running operation to finish- Fix #23194:
sig image-version create
: Fix theParameter tags must be of type dict
error when--tags
parameter is passed askey=value
pairs - Fix #23540:
az ppg create
: Fix theParameter tags must be of type dict
error when--tags
parameter is passed askey=value
pairs az sig update
: Add parameters to support updating gallery from private to communityaz sig share reset
: Update gallery from community to privateaz vm/vmss create
:--enable-vtpm
is set toTrue
by default when the--security-type
used by the VM/VMSS creation isTrustedLaunch
- Fix #23341:
az vm list-skus
: Fix filtering out VM sizes that are available regionally when they are restricted in all zones az vm run-command show/list
: Add validation and refine help message for parameter combinationaz identity federated-credential
: Add subgroup to support managing federated identity credentials of existing user assigned identities
Cosmos DB
az cosmos db service
: Add service support for cosmosDBaz cosmosdb gremlin graph
: Add analyticalStorageTTL property to sql containers
Feedback
az survey
: New command for CLI survey
Monitor
az monitor action-group test-notifications create
: Add new commandaz monitor metric alert
: Support metric namespace with dashaz monitor action-group create
: Add optional parameter--location
NetAppFiles
az netappfiles volume create
: Add optional parameter--kv-private-endpoint-id
az netappfiles volume-group create
: Add optional parameter--kv-private-endpoint-id
az netappfiles volume update
: Add optional parameter--cool-access
az netappfiles volume update
: Add optional parameter--coolness-period
az netappfiles pool update
: Add optional parameter--cool-access
Network
az network application-gateway create
: Support rule priority field provided as part of configurationaz network private-endpoint-connection
: AddMicrosoft.OpenEnergyPlatform/energyServices
provider- Fix #22594:
az network bastion create
: Add no wait support for bastion create - Fix #23525:
az network bastion create/update
: Add missing arguments and update command az network watcher packet-capture create
: Add VMSS support in packet capture
Packaging
- Build RPM for RHEL 9 and CentOS Stream 9
RDBMS
az mysql flexible-server upgrade
: Add major version upgrade for MySQL flexible serveraz mysql/postgres flexible-server backup
: Add backup commands for flexible serversaz postgres flexible-server create/update
: AddSameZone
for HA in PostgreSQL flexible serveraz mysql flexible-server create/update/restore/geo-restore/replica
: Add BYOK for MySQL Flexible Serveraz mysql flexible-server identity/ad-admin
: User Identity and AAD Admin for MySQL flexible server
Security
az security security-solutions-reference-data
: Add new command groupaz security security-solutions
: Add new command group
Service Bus
az servicebus namespace create/update
: Support specifying--min-tls
az servicebus namespace network-rule update
: Support updating network rules for given namespace
Service Connector
az spring connection
: Update description after spring app renames
SignalR
az signalr custom-domain
: Support custom domainaz signalr custom-certificate
: Support custom certificate
SQL
az sql mi endpoint-cert
: New command group to manage endpoint certificatesaz sql mi partner-cert
: New command group to manage partner certificatesaz sql mi link
: New command group to manage instance link
Storage
az storage fs file set-expiry
: New command to support setting expiry for files in ADLS Gen2 file systemaz storage account create/update
: Add--enable-files-aadkerb
to support AAD Kerberos authentication for Azure Filesaz storage account local-user
: New command group to manage identities when using SFTPaz storage account create/update
: Add--enable-sftp
and--enable-local-user
to support SSH File Transfer Protocolaz storage fs create
: Support encryption scopeaz storage fs directory/fs generate-sas
: Support generating SAS token with specified encryption scope
August 02, 2022
Version 2.39.0
ACR
- [BREAKING CHANGE] Update manifest list-referrers to comply with RC1 ORAS spec
az acr update
: Update networkRuleSet.defaultAction to deny when--public-network-enabled
is disabled- Fix #23340:
az acr task credential add
: Fix crashes when given a password but no username
AD
az ad app federated-credential
: Federated identity credential GA
Advisor
- Fix #11070:
az advisor recommendation disable
: Fix NoneType error
AKS
- Fix snapshot not resolved according to the subscriptions field in the
--snapshot-id
option az aks check-acr
: Bump canipull to v0.1.0 to add 5s wait to avoid attach race conditionaz aks update
: Fix the issue ofNoneType
error when updating the config of keyvault secret provider- Remove warning message when using "BYO vnet + system MSI"
- Fix the bug related to AKS Monitoring MSI auth when the location value with spaces
- Fix #2457: Clarify subnet id description to resource id
az aks create
: Add new parameter--host-group-id
to support Azure dedicated hostaz aks nodepool add
: Add new parameter--host-group-id
to support Azure dedicated hostaz aks create/update
: Add new parameters--enable-azure-keyvault-kms
,--azure-keyvault-kms-key-id
,--azure-keyvault-kms-key-vault-network-access
,--azure-keyvault-kms-key-vault-resource-id
and--disable-azure-keyvault-kms
to support Key Management Service feature with Azure Key Vaultaz aks create
: Add--network-plugin=none
support for BYO CNIaz aks create/update
: Add parameter--http-proxy-config
to support setting HTTP Proxy configuration
App Service
- Fix #23135:
az functionapp plan create
: Add validation for the valid value of--number-of-workers
option az functionapp/logicapp create
: Add new--https-only
parameteraz functionapp/webapp create
: Allow vnet integration for basic and elastic premium SKUsaz webapp list-runtimes
: Add Java 17 Supportaz webapp create
: Add Java 17 Supportaz webapp up
: Add Java 17 Supportaz functionapp deployment github-actions add
: Add command to create GitHub actions to deploy to a Function Appaz functionapp deployment github-actions remove
: Add command to remove Function App GitHub actionsaz webapp deployment github-actions
: Add validation to ensure app is Web App
ARM
- Fix #23246: Fix interchanged policy samples
Backup
az backup protection backup-now
: Fix bug for SQL/HANA backup retention
Batch
az batch account network-profile show
: Add show network profile command for batch accountaz batch account network-profile set
: Add set network profile command for batch accountaz batch account network-profile network-rule list
: Add rule list command for batch account networkaz batch account network-profile network-rule add
: Add rule add command for batch account networkaz batch account network-profile network-rule delete
: Add rule delete command for batch account networkaz batch account create
: Add managed identity support with--mi-user-assigned
parameteraz batch account identity assign
: Add command to add identity to existing batch accountsaz batch account identity remove
: Add remove identity for existing batch accountsaz batch account identity show
: Add show identity for batch accountsaz batch pool create
: Update help text for--json-file
to point to json schema
Compute
az ppg create/update
: Add parameter--intentvmsizes
to specify possible sizes of VM that can be created in the proximity placement groupaz ppg create
: Add parameter--zone
to support specifying availability zone where the ppg should be created- Fix #22995:
az image-version create
: Unbind the usage of--target-region-encryption
and--target-region-cvm-encryption
- Fix #22654:
az vm run-command create/update
: Parameter--protected-parameters
does not achieve the desired effect az vmss run-command create/update
: Parameter--protected-parameters
does not achieve the desired effectaz vmss create
: Add new parameter--os-disk-delete-option
to support configuring whether the VM OS disks of Flex VMSS will be deleted or detached upon VM deletionaz vmss create
: Add new parameter--data-disk-delete-option
to support configuring whether the VM data disks of Flex VMSS will be deleted or detached upon VM deletionaz image builder create
: Add parameter--staging-resource-group
to support custom resource group namingaz image builder validator
: Add subgroup to manage validate information of templateaz vm disk detach
: Add parameter--force-detach
to support force-detaching managed data disks from a VM
Container
az container create
: Add environment variable interpolation in container group yaml
Event Grid
- Add commands for partner and event-subscription customer facing features
Eventhub
az eventhubs namespace
: Add--minimum-tls-version
az eventhubs cluster
: Add--supports-scaling
IoT
- Change certificate loading to encode to b64 strings by default
Key Vault
az keyvault security-domain upload
: Fixpassword must be bytes-like
for--passwords
Monitor
az monitor autoscale rule create
: Suppress warning from antlraz monitor metrics alert create/update
: Suppress warning from antlr
Network
az network vnet subnet list-available-ips
: Get list of available IPs for subnetaz network private-endpoint-connection
: Enable private link support for providerMicrosoft.KubernetesConfiguration/privateLinkScopes
az network private-endpoint-connection
: Enable private link support for providerMicrosoft.Dashboard/grafana
az network dns zone export
: Add support for ALIAS recordaz network dns zone import
: Add support for ALIAS recordaz network application-gateway waf-policy custom-rule match-condition add
: Add validation for WAF custom rule conditionaz network watcher flow-log
: Add support for--vnet
,--subnet
,--nic
as target IDaz network private-endpoint create
: Add an example for creating with ASGs
Packaging
- Drop CentOS 7 RPM package
- Drop Python 3.6 support
- Build RPM for Fedora
- Drop Ubuntu 21.10 Impish Indri DEB package
Profile
az account list
: AddTenantId
column to table output
RDBMS
az mysql flexible-server server-logs
: Add server logs for MySQL Flexible Server
Service Connector
az spring connection create eventhubs
: Add new parameter--client-type kafka-springBoot
az webapp connection create
: Add--config-connstr
to support webapp connection stringsaz webapp connection create
: Use webapp name and resource group from config
SQL
az sql log-replay stop
: Drop DB only if it was created with LRS
Storage
az storage fs undelete-path
: Encode--deleted-path-name
automatically- Fix #23179:
az storage file upload/upload-batch
: Fix--content-md5
for upload, ignore--content-md5
for upload-batch az storage file show
: Fix JSON error when content-md5 is not Noneaz storage blob/file update
: Fix--content-md5
TypeErroraz storage container policy create
: No longer use default value for start and expiry timeaz storage blob upload
: Add back--socket-timeout
which has been renamed by SDK- Fix #23262:
az storage blob metadata
: Add--lease-id
back az storage blob download/download-batch
: Add--overwrite
Synapse
az synapse workspace
: Add--last-commit-id
for git repo configaz synapse ad-only-auth
: New command group for supporting synapse azure ad only authentication
June 21, 2024
Version 2.38.2
This version is only released for CentOS 7 and RHEL 7. CVE-2023-36052 is fixed in this version.
App Service
- [BREAKING CHANGE] Redact appsettings output on set/delete commands
- [BREAKING CHANGE]
az webapp config
: Redact webapp config connection-string and storage-account values - [BREAKING CHANGE]
az functionapp
: Redact key value output on keys set - [BREAKING CHANGE]
az functionapp/webapp deployment source update-token
: Redact tokens output on deployment source update-token - [BREAKING CHANGE] Redact output on deployment source config
September 01, 2023
Version 2.38.1
This version is only available on CentOS 7 and RHEL 7.
App Service
az webapp ssh
: Backport #25141 to 2.38
July 05, 2022
Version 2.38.0
ACR
az acr
: Show replication region endpoint status in table outputaz acr task run
: Add Dockerfile to source upload if context is local directory
AD
az ad app/sp update
: Support generic update--set
on root level- Support special characters in object names
az ad app federated-credential
: Support federated identity credentials
AKS
az aks get-credentials
: Fix permission prompt when saving config file to symlinkaz aks command invoke
: Add support for--no-wait
az aks get-credentials
: Fix the command error when KUBECONFIG is emptyaz aks nodepool stop/start
: Add nodepool stop/start bindings
APIM
az apim
: Update experimental flag to get out of experimental stateaz apim deletedservice
: Add command group to support managing soft-deleted azure API Management services
App Config
az appconfig
: GA features - soft-delete, feature-filter, strict-import and disable-local-auth
App Service
- [BREAKING CHANGE]
az webapp up
: Remove premium container SKUs (PC2, PC3, PC4) - [BREAKING CHANGE]
az appservice plan create/update
: Remove premium container SKUs (PC2, PC3, PC4) - [BREAKING CHANGE]
az functionapp plan create
: Remove premium container SKUs (PC2, PC3, PC4) - Fix #22722:
az webapp config ssl import
fixes to support new GraphAPI for SP queries az webapp up
: Fix bug where runtime is detected even when--runtime
is providedaz staticwebapp enterprise-edge
: Move command group from extension to official CLIaz appservice plan create
: Allow creating Hyper-V App Service Plans hosted on App Service Environmentsaz webapp/functionapp deployment slot create
: Allow using--configuration-source
for apps with storage accounts addedaz webapp up
: Fix bug when deploying to an App Service Environment (ASE) where the ASE is incorrectly categorized as an internal load balancing (ILB) ASE and fails validation- Fix #20901:
az functionapp update
: Update--slot
logic to work correctly
ARM
- Fix #22621:
az bicep build
:--stdout
does not work - Fix #22930:
az bicep generate-params
: Add support for bicep generate-params command az deployment
: Fix the error message of ARM deployment to the correct JSON format
Backup
az backup restore restore-disks
: Add Cross Subscription Restore for IaasVM ALRaz backup protection enable-for-vm
: Add a linux specific exampleaz backup protectable-item list
: SQLAG container fetch failure bug fix
Bot Service
- [BREAKING CHANGE]
az bot create
: Remove--kind
,--password
,--lang
arguments. Add--app-type
,--tenant-id
,--msi-resource-id
arguments
Cognitive Services
az cognitiveservices account deployment create
: Support standard scale type
Compute
az disk create
: Fix the issue that specifying encryption type asEncryptionAtRestWithPlatformKey
does not take effect when creating a diskaz disk update
: Fix the(InvalidParameter) Resource xxx encrypted with platform key has disk encryption set id specified
error when updating the encryption type to platform managed keysaz sig image-version create
: Add new parameters--virtual-machine
and--image-version
to support creating image version from different sourceaz vm
: Support a new disk storage SKU Premiumv2_LRSaz sig show-community
: Add new command to support listing image versions in community galleryaz sig image-definition show-community
: Add new command to support getting an image in a gallery communityaz sig image-definition list-community
: Add new command to support listing VM Image definitions in a gallery communityaz sig image-version show-community
: Add new command to support getting an image version in a gallery communityaz sig image-version list-community
: Add new command to support listing VM image versions in a gallery communityaz sig share enable-community
: Add new command to support sharing gallery to communityaz sig gallery-application version
: Add new parameter--package-file-name
to specify the downloaded package file on the VMaz sig gallery-application version
: Add new parameter--config-file-name
to specify the downloaded config file on the VMaz disk create
: Add support for--gallery-image-reference
to allow creating disk from shared gallery image version or community gallery image versionaz disk create
: Add support for--source
to allow creating a disk from disk restore pointaz vm/vmss application set
: Add new parameter--treat-deployment-as-failure
to treat any failure in the gallery application version as deployment failureaz vm image list
: Add parameter--architecture
to filter image with its architectureaz disk-encryption-set create
: The--encryption-type
parameter supports new valueConfidentialVmEncryptedWithCustomerKey
for confidential VMaz disk create
: The--security-type
parameter supports new valueConfidentialVM_DiskEncryptedWithCustomerKey
for confidential VMaz disk create
: Add new parameter--secure-vm-disk-encryption-set
to provide ID or name of disk encryption set created withConfidentialVmEncryptedWithCustomerKey
encryption typeaz disk-encryption-set create/update
: Add new parameter--federated-client-id
to access key vault in a different tenantaz disk-encryption-set create
: Add new parameters--mi-system-assigned
and--mi-user-assigned
to support assigning system and user assigned identities during disk encryption set creationaz disk-encryption-set identity
: Add new command groups with parameters--system-assigned
and--user-assigned
to support managing system and user assigned identities on existing disk encryption setsig list-community
: Add new command to support listing community gallerysig list-community
: GA shared/community image gallery related featureaz vm/vmss create
: The--security-type
parameter supports new valueConfidentialVM
for Confidential VMaz vm/vmss create
: Add new parameter--os-disk-security-encryption-type
to support setting the encryption type of the OS managed disk for Confidential VMaz vm/vmss create
: Add new parameter--os-disk-secure-vm-disk-encryption-set
to allows users to provide ID or name for disk encryption set created withConfidentialVmEncryptedWithCustomerKey
encryption typeaz disk create
: Add new parameter--security-data-uri
to specify the blob URI of VHD to be imported into VM guest stateaz disk create
: Add new parameter--upload-type
to extend and replace--for-upload
which supports standard disk only upload and OS Disk upload along with VM guest stateaz disk grant-access
: Add new parameter--secure-vm-guest-state-sas
to support getting security data access SAS on managed disk with VM guest state
Cosmos DB
az cosmosdb sql container create
: Add support to create containers with client encryption policy
Event Hubs
az eventhubs namespace application-group
: New command group to support management operations on EventHubs application groupsaz eventhubs namespace network-rule update
: New command to update Network Rule Sets
IoT
az iot hub/dps certificate list
: Add table transform to certificate list commands
Key Vault
az keyvault role assignment
: Fix'dict' object has no attribute 'object_id'
error- Fix #16390:
az keyvault set-policy
: Allow clearing permissions
Monitor
az monitor log-analytics query-pack
: Add query pack commands.az monitor log-analytics update
: Support empty string for--key-version
NetAppFiles
az netappfiles account create
: Change--location
to an optional parameteraz netappfiles pool create
: Change--location
to an optional parameteraz netappfiles volume create
: Change--location
to an optional parameteraz netappfiles snapshot create
: Change--location
to an optional parameteraz netappfiles snapshot policy create
: Change--location
to an optional parameteraz netappfiles snapshot policy update
: Change--location
to an optional parameteraz netappfiles backup create
: Change--location
to an optional parameteraz netappfiles backup-policy create
: Change--location
to an optional parameteraz netappfiles volume-group create --help
: Fix typo in option global-placement-rulesaz netappfiles volume create
: Add optional parameter--zones
az netappfiles volume replication list
: Add operation to list volume replicationsaz netappfiles volume reset-cifs-pw
: Add operation to reset CIFS passwordaz netappfiles volume relocate
: Add operation to relocate volume to a new stampaz netappfiles volume finalize-relocation
: Add operation to finalize volume relocationaz netappfiles volume revert-relocation
: Add operation to revert volume relocation
Network
- [BREAKING CHANGE]
az network vnet subnet create
: DisablePrivateEndpointNetworkPolicies
by default az network application-gateway ssl-policy
: Support new SSL policyCustomV2
az network private-endpoint-connection
: Enable Private link support for provider Microsoft.Authorization/resourceManagementPrivateLinks- Fix #22097:
az network dns zone import
: Fix importing zone files starting with space az network public-ip prefix create
: Support cross-subscription association for Custom IP Prefixaz network public-ip create
: Reuse prefix info when creating Public IP
Packaging
- Use Python 3.9 in RHEL 8's RPM
RDBMS
- Fix #22926:
az mysql server create/update
: Update default value for mysql storage size
REST
az rest
: Support Unicode characters in JSON request body
Search
az search service create
: Add--hosting-mode
argument to support S3HD SKU
Security
az security atp cosmosdb
: Add CLI support for ATP settings (Defender) on Cosmos DB
Service Connector
az webapp connection create
: Add--private-endpoint
to support private endpoint connectionaz spring connection create
: Remove client-type limitation
Service Fabric
az sf managed-cluster create
: Fix tag parsing for cluster command
SQL
az sql elastic-pool create
: Add support for HighAvailabilityReplica count for HS Elastic poolsaz sql midb update
: Add update command
SQL VM
az sql vm update
: Add configuration options for SQL Assessment pre-requisites
Storage
- [BREAKING CHANGE]
az storage share close-handle
: Remove--marker
which is not supported by sdk - [BREAKING CHANGE]
az storage share snapshot
: Now only returns version, etag and last_modified info instead of all share properties az storage account generate-sas
: Fix output sas random ordering forsrt
segment- Fix #22563:
az storage blob upload
: Fix storage blob upload to a through pipe encode error - Fix #20452:
az storage container policy create\update\list\show\delete
: Add new permissions, currently supportracwdxyltmei
- Fix #22679:
az storage account file-service-properties update
: FixAttributeError: 'NoneType' object has no attribute 'smb'
- Fix #22845:
az storage account genarete-sas
: Fix the flag--auth-mode login
cause AttributeError
Synapse
az synapse sql pool create
: Add parameter--collation
az synapse link-connection
: New command group to support synapse link connections
May 24, 2022
Version 2.37.0
ACR
- Fix some
az acr manifest
commands do not correctly handle-u/-p
credentials resulting in auth failure when not logged in toaz cli
- Fix some
az acr
commands do not handle certain next-link tokens correctly resulting in exceptions when paging - Fix some
az acr manifest
commands do not correctly parse some FQDNs resulting in exceptions
AKS
- [BREAKING CHANGE]
az openshift
: Remove the deprecated command group az aks create
: Add new option--node-resource-group
to specify the name of the resource group where user resources are storedaz aks get-credentials
: Raise exception when existing config file is invalidaz aks check-acr
: Add new option--node-name
to specify the name of a specific node to perform acr pull test checks- Fix #22032:
az aks nodepool add/update
: Fix autoscaler parameters for user node pools az aks create/update
: Add Microsoft Defender security profile support- GA Kubernetes version alias
az aks update
: Add support for updating kubelet identity with--assign-kubelet-identity
API Management
- Fix apim's
apply-network-updates
command
App Service
- Fix #18151:
az webapp config backup restore
: Fix the bug that 'WebAppsOperations' object has no attribute 'restore_slot'
ARM
az resourcemanagement private-link create
: Create Resource management private linkaz resourcemanagement private-link delete
: Delete Resource management private linkaz resourcemanagement private-link show
: Get Resource management private linkaz resourcemanagement private-link list
: List Resource management private linkaz private-link association create
: Create private link associationaz private-link association delete
: Delete private link associationaz private-link association show
: Get private link associationaz private-link association list
: List private link associationaz group delete
: Add new parameter--force-deletion-types
to support force deletionaz bicep restore
: Add new command to restore external modulesaz bicep build
: Add new parameter--no-restore
to allow compilation without restoring external modulesaz bicep decompile
: Add new parameter--force
to allow overwriting existing Bicep filesaz resource wait
: Fix--created
keeps waiting even whenaz resource show
returns "provisioningState": "Succeeded"
ARO
az aro create
: Add support for FIPS modules, host encryption, and disk encryption for master and worker nodes
Backup
az backup vault resource-guard-mapping
: Add support for updating, showing, and deleting ResourceGuardProxy- Add multiple user authentication (MUA) support for critical operations:
az backup vault backup-properties set
/az backup item set-policy
/az backup policy set
/az backup protection disable
- Add
--tenant-id
parameter in critical commands:az backup vault backup-properties set
/az backup item set-policy
/az backup policy set
/az backup protection disable
/az backup vault resource-guard-mapping
for cross-tenant scenario
Compute
az vm image list
: Add new server version aliasesWin2022AzureEditionCore
for offline listaz vm update
: Add additional license type SLES for--license-type
az vmss create
: Support enabling single placement group for Flexible VMSSaz disk create/update
: Add new parameter--data-access-auth-mode
to support data access authentication modeaz sig show
: Add new parameter--sharing-groups
to support query shared gallery groupaz vm host group create
: Add new parameter--ultra-ssd-enabled
to support Ultra SSD
Cosmos DB
az cosmosdb sql container update
: Fix bug to accept analyticalStorageTTL arg
Event Hubs
az eventhubs namespace schema-registry
: Add cmdlets for schema registry
Identity
az identity list-resources
: Add new command to support list the associated resources for identity
IoT
az iot dps policy
andaz iot dps linked-hub
: Fix DPS state updatingaz iot central app private-link-resource list
: Add a new command to support listing private link resourcesaz iot central app private-endpoint-connection show
: Add a new command to support showing details of a private endpoint connection of the IoT Central appaz iot central app private-endpoint-connection approve
: Add a new command to support approving a private endpoint connection for the IoT Central appaz iot central app private-endpoint-connection reject
: Add a new command to support rejecting a private endpoint connection for the IoT Central appaz iot central app private-endpoint-connection delete
: Add a new command to support deleting a private endpoint connection for the IoT Central app
Key Vault
- Fix #22457:
az keyvault key decrypt/encrypt
: Fix returning bytes for--output tsv
Monitor
- [BREAKING CHANGE]
az monitor alert
: Deprecate whole command group, please usemonitor metrics alert
- [BREAKING CHANGE]
az monitor autoscale-settings
: Deprecate whole command group, please useaz monitor autoscale
- [BREAKING CHANGE]
az monitor activity-log list
: Deprecate parameter--filters
. - [BREAKING CHANGE]
az monitor activity-log list
: Deprecate parameter flag--resource-provider
, please use--namespace
NetAppFiles
az netappfiles volumes export-policy add
: Fixrule-index
validation and parameter made non requiredaz netappfiles ad add
: Add new optional parametersite
az netappfiles ad update
: Add new optional parametersite
Network
az network watcher connection monitor create
: Change for using user-provided workspace-ids even if output-type is missingaz network dns zone export
: Support traffic manager resources- Private link add
Microsoft.Kusto/clusters
provider az network lb create
: Add warnings for default SKUaz network lb address-pool
: Support connection draining on load balanceraz network application-gateway
: Addsettings
,listener
androuting-rule
command groupsaz network application-gateway create
: Add parameter--priority
az network application-gateway probe
: Add parameter--host-name-from-settings
- [BREAKING CHANGE]
az network vnet peering
: Deprecate parameter flag--remote-vnet-id
Packaging
- Bump embedded Python to 3.10 for deb packages
- Use Mariner 2.0 GA image to build RPM
RDBMS
az mariadb server create/update
: Support--minimal-tls-version
- Change MySQL MemoryOptimized tier name to BusinessCritical
Reservations
- Update Reservation command with latest SDK
Role
- [BREAKING CHANGE]
az az/role
: Migrate the underlying API ofaz ad
andaz role
from AD Graph API to Microsoft Graph API. For more details, see Microsoft Graph migration
Security
az security alerts-suppression-rule
: Add alerts suppression rules to security module
Service Bus
az servicebus queue update
: Fix message time to liveaz servicebus queue
: Add ReceiveDisabled to--status
az servicebus namespace create/update
: Add--disable-local-auth
to enable or disable SAS authenticationaz servicebus namespace private-endpoint-connection/private-link-resource
: New command groups
Service Connector
- [BREAKING CHANGE]
az containerapp connection create
: Default client_type changed tonone
az containerapp connection
: Add new command group to support container app connectionaz containerapp connection create
: Add--container
parameter in interactive modeaz spring connection
: Add support foraz sping-cloud
renaming Add new parameter key value pair to support password from KeyVault
Service Fabric
az sf cluster node-type add
: Fix the unexpected error that 'StorageAccountsOperations' object has no attribute 'create'
SQL
- Fix #22316:
az sql server ad-admin create
: Fix Display Name and Object ID to be required
SQL VM
az sql vm update
: Add configuration options for SQL Best Practices Assessment
Storage
- [BREAKING CHANGE]
az storage share show
: Remove contentLength, hasImmutabilityPolicy and hasLegalHold from the output result - [BREAKING CHANGE]
az storage blob snapshot
: Now only returns version info instead of all blob properties - Fix #21819:
az storage fs directory
: Add new commandgenerate-sas
az storage account show-connection-string
: Append endpoints by default- Fix #22236:
az storage entity insert
: Fix--if-exists fail
not working az storage copy
: Fix--exclude-path
TypeErroraz storage blob download
: Allow downloading to stdout for pipe support- Fix #22209:
az storage entity insert
: FixEdm.Boolean
not working az storage directory/file list
: Add--exclude-extended-info
to exclude some properties info from response, default toFalse
- Fix #21781:
az storage blob upload/download
: Progress fix az stroage entity query
: Fix UUID type is not JSON serializableaz storage blob delete-batch
: No longer exits after individual delete failure
April 26, 2022
Version 2.36.0
ACR
acr task run
: Add--no-format
optionacr task logs
: Add--no-format
optionacr taskrun logs
: Add--no-format
option
AKS
az aks create
: Add--nat-gateway-managed-outbound-ip-count
and--nat-gateway-idle-timeout
to support nat gateway integrationaz aks create
: AddmanagedNATGateway
anduserAssignedNATGateway
to supported outbound typeaz aks check-acr
: Bump canipull to 0.0.4-alpha to skip location check if cname returns only privatelink
AMS
az ams asset-track create
: Add command to create an asset trackaz ams asset-track show
: Add command to show an asset trackaz ams asset-track list
: Add command to list all tracks under an assetaz ams asset-track update
: Add command to update the parameters of a trackaz ams asset-track update-data
: Add update-data command to refresh the server in case track file was updatedaz ams asset-track delete
: Add command to delete trackaz ams streaming-endpoint get-skus
: Add command to get skus under a streaming endpoint
App Config
- Fix feature flag import for missing description when using 'appconfig/kvset' profile
App Service
az staticwebapp create
: Allow creating Static Web Apps not connected to a github repo- Fix #21943:
az webapp config backup create
: Fix AttributeError 'str' object has no attribute 'get'
Backup
az backup policy create/set
: Add support for creating/updating IaaSVM MBPD policy
Bot Service
az bot directline/email/facebook/kik/msteams/skype/slack/sms/telegram create
: Add--location
argument as specified by user to channel creation for regionality/EUDB
CDN
az afd rule create
: Fix rule creation failure with action type RouteConfigurationOverrideaz afd route create
: Fix route creation issue with disabled--link-to-default-domain option
- Fix #22066:
az cdn name-exists
missing type argument
Compute
az vm create
: Fix the bug of "NoneType object has no attribute lower" when creating Flex VMSS without--vm-sku
parameteraz restore-point create
: Add a new parameter--source-restore-point
to support cross region copyaz restore-point show
: Add a new parameter--instance-view
to show the instance view of a restore point and replace the deprecated--expand
az restore-point collection show
: Add a new parameter--restore-points
to show all contained restore points in the restore point collection and replace the deprecated--expand
az sig image-version create
: Add new parameter--target-region-cvm-encryption
to support Confidential VM encrypting the OS diskaz vm/vmss create
: Install guest attestation extension and enable system managed identity by default when Trusted Launch configuration is metaz vm/vmss create
: Add new parameter--disable-integrity-monitoring
to disable the default behavior (installing guest attestation extension and turning on MSI) when creating VM/VMSS compliant with Trusted Launch
IoT
- [BREAKING CHANGE]
iot dps access-policy
: Deprecate access-policy in favor of policy
Key Vault
az keyvault key
: GA SKR and keyvault key rotation- Fix #20520:
az keyvault network-rule
: Support removing multiple IP
NetAppFiles
az netappfiles volume-group
: Add command group to manage volume group resources
Network
- Fix #21845:
az network routeserver create
required--public-ip-address
argument - Fix #21829:
az network traffic-manager endpoint update
required--type
argument - Private link add
Microsoft.Network/privateLinkServices
provider - Fix #22085:
az network nsg rule create
has no attribute "is_default"
Packaging
- Release DEB package for Ubuntu 22.04 Jammy Jellyfish
- Release RPM package for RHEL 8, CentOS Stream 8
- Release RPM package for Mariner 1.0, 2.0 preview
RDBMS
az postgres server create
: Fix error message for invalid server names
Security
- Add
az security automation
CLI commands
Service Bus
az servicebus namespace create
: Add zone redundant parameteraz servicebus namespace authorization-rule keys renew
: Add--key-value
parameter
Service Connector
az webapp connection
: Add commandcreate sql/webpubsub
to support more target resources
SQL
az sql mi create
,az sql mi update
: Add--service-principal-type
parameter to support Win Auth (Kerberos)
Storage
- Fix #21914:
az storage blob upload
: Make block size larger (100MB) for large files (>200GB) az storage account/container/blob generate-sas
: Add--encryption-scope
- Fix #21920:
az storage copy
&az storage remove
: Hide credentials in warning message - Add
--blob-endpoint/--file-endpoint/--table-endpoint/--queue-endpoint
for data service commands to support customized service endpoint - GA storage file datalake soft delete
az storage cors add
: AllowPATCH
for--methods
az storage entity
: Support specifyingEdmType
for--entity
- Fix #21966:
az storage blob download-batch
: Fix failure when--pattern
is blob name - Fix #21414:
az storage blob sync
: Fix the flag--delete-destination
default to false az storage account blob-inventory-policy create
: Add missing fields, add excludePrefix in filter
April 05, 2022
Version 2.35.0
ACR
- [BREAKING CHANGE]
az acr create
: Reject request with a name using uppercase letters - [BREAKING CHANGE]
az acr connected-registry create
: Reject request with a name using uppercase letters az acr update
: Disable public network now displays a warning message- Deprecate
az acr manifest metadata
command group az acr manifest
: Addshow-metadata
,list-metadata
andupdate-metadata
commands
AKS
az aks create/update
: Add new parameters--enable-gmsa
,--gmsa-dns-server
,--gmsa-root-domain-name
to support Windows gMSA v2aks enable-addons
: Add new parameter--enable-msi-auth-for-monitoring
to support enabling managed identity authaz aks snapshot create
: Move toaz aks nodepool snapshot create
az aks snapshot delete
: Move toaz aks nodepool snapshot delete
az aks snapshot list
: Move toaz aks nodepool snapshot list
az aks snapshot show
: Move toaz aks nodepool snapshot show
az aks create
: Add--pod-subnet-id
to support dynamically assigne pod ipaz aks nodepool add
: Add--pod-subnet-id
to support dynamically assigne pod ipaz aks create
: Add--kubelet-config
and--linux-os-config
to support custom node configurationaz aks nodepool add
: Add--kubelet-config
and--linux-os-config
to support custom node configuration
AMS
az ams account identity assign
: Add ability to assign managed identity to media services accountaz ams account identity remove
: Add ability to assign managed identity to media services accountaz ams transform create
: Add new parameterblur-type
for FaceDetector presetsaz ams account encryption set
: Add new parameterssystem-assigned
anduser-assigned
to allow users to set managed identities to their account encryptionaz ams account storage set-authentication
: Add new parameterssystem-assigned
anduser-assigned
to allow users to set managed identities for their storage account attached to Media Services
APIM
apim api schema create
: Add new command to support creating a schema for graphql APIapim api schema delete
: Add new command to support deleting the schema of an APIapim api schema list
: Add new command to support showing the list of schema's of an APIapim api schema show
: Add new command to support getting the schema of an APIapim api schema entity
: Add new command to support getting the schema entity tag- Onboard to private endpoint for API Management
App Config
az appconfig kv export
: Stop throwing error if no key-values are exported to App Serviceaz appconfig create
: Add new optionsretention-days
andenable-purge-protection
az appconfig list-deleted
: Add new command to list all deleted but not yet purged App Configurationsaz appconfig show-deleted
: Add new command to show properties of a deleted but not yet purged App Configurationaz appconfig recover
: Add new command to recover a deleted but not yet purged App Configurationaz appconfig purge
: Add new command to purge a deleted store
App Service
- Fix #21439:
az webapp deploy
: Fix--async
argument value in help message - Fix #21574:
az webapp vnet-integration add
: Fix the AttributeError that 'NoneType' object has no attribute 'server_farm_id' az staticwebapp create
: Change default output location and API location toNone
. Change default app location to "/". Remove unnecessary properties from outputaz staticwebapp show
: Remove unnecessary properties from outputaz staticwebapp list
: Remove unnecessary properties from outputaz staticwebapp update
: Remove unnecessary properties from outputaz webapp deployment slot create
: Allow overriding container settings- Fix #21080:
az webapp up
: Fix object has no attribute 'response' - Fix #19747:
az webapp up
: Fix TypeError: 'NoneType' object is not iterable az webapp up
: Validate that ASE exists, is an ASE v3, and not an ILB ASE; Validate that preexisting plan is on the ASE; Default to I1V2 SKU if using an ASE- Fix #20240:
az functionapp deployment source config-zip
: Fix the bug that the parameter--slot
doesn't work - Fix #12090:
az webapp create
: Allow plan in different resource group from web app az staticwebapp identity assign
,az staticwebapp hostname set
,az staticwebapp create
: Fix #21186: Show detailed error message instead of "bad request"az staticwebapp update
: Fix #21465: Allow specifying static web app resource group- Fix #21728:
az webapp deployment github-actions add
: Allow passing in runtime with colon delimiter az webapp config
: Fix for Web App Persistent Storage gets disabled after each deploymentaz appservice ase create-inbound-services
: Add support for Azure private DNS zone creation in ASEv3
ARM
- Fix #20842:
az bicep
: Fix to use requests environment variables for CA bundle az policy assignment create
: Support--subscription
parameter
Backup
- List commands multi-page response bug fix
az backup restore restore-disks
: Add support for Original Location Restore and Alternate Location Restoreaz backup policy create/set/list
: Add support for creating and selectively listing Enhanced policiesaz backup protection enable-for-vm
: Add support for Trusted VM configure protection with Enhanced policiesaz backup vault backup-properties
: Add new parameter--hybrid-backup-security-features
to support setting the security features for hybrid backups
CDN
- Upgrade azure-mgmt-cdn to 12.0.0 for Azure Front Door Standard/Premium GA
Cognitive Services
- Upgrade to use API 2022-03-01
- Add new command
az cognitiveservices account list-models
Compute
- [BREAKING CHANGE]
az vm/vmss create
: Remove the default valueContributor
of parameter--role
az vm host
: Add new commandrestart
to support dedicated host rebootaz vm extension show
: Add new parameters--instance-view
to support track the vm extension progress- Change help info of
--enable-bursting
to flag it is for on-demand only - Fix #20174:
az vm create
: Determine plan information when using image alias az disk/snapshot/sig definitiion create/update
: Add new parameters--architecture
to support ARM64az vm disk attach
: Add new parameter--disks
to support attaching multiple disks in one API callaz vm/vmss create
: Support creating VM/VMSS from community gallery imageaz vm/vmss create
: Add community gallery legal agreement acceptanceaz vm/vmss create
: Add the verification of whether--os-type
is correct when creating VM from community gallery image or shared gallery image
Cosmos DB
az cosmosdb update
: Support updating key vault key uriaz managed-cassandra cluster update
: Allow--external-seed-nodes
,--external-gossip-certificate
and--client-certificate
to take empty listaz managed-cassandra cluster
: Fix--repair-enabled
as of type three_state_flag
Event Grid
- Fix #21521: System topic subscription update attribute error
- Support user identity and mixed mode
Event Hubs
az eventhub namespace update
: Fix disable eventhub capture and autoinflate
Key Vault
- Fix #18319 & #21555:
az keyvault list-deleted
: List all deleted resources if no specified resource type az keyvault key create
: Support--default-cvm-policy
- Fix #21330:
az keyvault network-rule remove
: Fix ip address remove issue
NetAppFiles
az netappfiles snapshot restore-files
: New command to restore specified files from the specified snapshot to the active filesystemaz netappfiles volume create
: Add optional parameters--enable-subvolumes
az netappfiles volume delete
: Add optional parameter--force-delete
or--force
az netappfiles volume update
: Add optional parameter--unix-permissions
az netappfiles subvolume
: New command group to manage subvolume resourcesaz netappfiles subvolume create
: New command to create subvolumeaz netappfiles subvolume show
: New command to get specified subvolumeaz netappfiles subvolume update
: New command to update specified subvolumeaz netappfiles subvolume list
: New command to get all subvolume in a specified volumeaz netappfiles subvolume delete
: New command to delete specified subvolumeaz netappfiles subvolume metadata
: New command group to manage subvolume metadata resourcesaz netappfiles subvolume metadata show
: New command to get details about a specified subvolumeaz netappfiles account ad add
: New optional parameters to support ldap search scope--user-dn
,--group-dn
and--group-filter
az netappfiles account ad update
: New optional parameters to support ldap search scope--user-dn
,--group-dn
and--group-filter
Network
az network nat gateway
: Validate attaching public IPsaz network lb
: Support inbound NAT rule port mapping query- Fix #21716:
az network private-dns zone import
: Allow hyphenated SRV records az network application-gateway waf-policy managed-rule exclusion rule-set
: Support pre-rule exclusion creation without exclusion
Packaging
- Use Red Hat Universal Base Image 8 to build
el8
RPM package - Bump Python image to
3.10.3-alpine3.15
- Bump MSI embedded Python to 3.10.3
RDBMS
- Fix operations.py file installing dependencies in CloudShell
Role
- [BREAKING CHANGE]
az ad sp create-for-rbac
: Stop defaulting--scopes
to subscription - [BREAKING CHANGE]
az ad sp create-for-rbac
: When creating a self-signed certificate in keyvault,validity_months
is changed fromyears * 12 + 1
toyears * 12
Service Bus
az servicebus topic subscription rule create
: Add filter type parameter
Service Connector
az webapp/spring-cloud connection create/update
: Provide--service-endpoint
parameter to support vnet scenarioaz webapp/spring-cloud connection
: Add commandcreate redis/redis-enterprise
to support more target resources
SQL
- [BREAKING CHANGE]
az sql db tde list-activity
: Command no longer exists - [BREAKING CHANGE]
az sql mi show/create/update/list
: Instead ofbackupStorageRedundancy
,currentBackupsStorageRedundancy
andrequestedBackupStorageRedundancy
properties are returned az command sql db str-policy set
: Makediffbackup_hours
parameter optional
Storage
- [BREAKING CHANGE] Fix #21494:
az storage blob upload/upload-batch
: Fix--content-md5
for upload, ignore--content-md5
for upload-batch - [BREAKING CHANGE]
az storage table/entity
:--timeout
is removed for all sub commands - [BREAKING CHANGE]
az storage entity query/show
:--accept
is removed az storage table/entity
: Add--auth-mode login
to support RBACaz storage blob upload/upload-batch
: Make precondition workaz storage blob upload-batch
: No longer exits on the first failure- Fix #21591:
az storage blob upload
: Fix storage blob upload not auto guessing file type - Fix
az storage entity merge
: Stop automatically casting DisplayVersion to float az storage blob download
: Support downloading managed disk with both SASUri and OAuth by specifying--blob-url
with--auth-mode login
- Fix #21699:
az storage blob upload-batch
: Fix upload-batch result url truncation issue az storage account\container\blob generate-sas
: Allow new permissions
Synapse
az synapse role assignment list
: Fix showing only 100 resultsaz synapse notebook import
: Fix--folder-path
parameter problem
March 03, 2022
Version 2.34.1
App Service
- Hotfix: Fix #20489:
az webapp log tail
: Fix the AttributeError that 'NoneType' object has no attribute 'host_name_ssl_states' - Hotfix: Fix #20747:
az webapp create-remote-connection
: Fix the EOFError that ran out of input - Hotfix: Fix #20544:
az webapp config snapshot restore
: Fix the AttributeError that 'WebAppsOperations' object has no attribute 'restore_snapshot' - Hotfix: Fix #20011:
az webapp config ssl bind
: Fix the AttributeError that 'str' object has no attribute 'value' - Hotfix: Fix #19492:
az webapp config backup restore
: Fix the AttributeError that 'WebAppsOperations' object has no attribute 'restore'
Storage
- [BREAKING CHANGE]
az storage blob upload/upload-batch
: Fix--overwrite
that it no longer overwrite by default
March 01, 2022
Version 2.34.0
ACR
az acr manifest
: Add new command group to support managing artifact manifests in Azure Container Registries- Deprecate
az acr repository show-manifests
command and replace withacr manifest metadata list
command
AKS
az aks nodepool update
: Add--node-taints
to allow modify node taintsaz aks get-credentials
: Add new parameter--format
to support specifying the format of returned credentialaz aks nodepool
: Allow specifying--scale-down-mode
in nodepool create and update
APIM
az apim api import
: Update api-id description #18306- Fix #21187:
az apim api create/update/import
: Fix header and query param names being swapped
App Config
az appconfig kv import
: Add new parameter--strict
to support strict import
App Service
- [BREAKING CHANGE]
az webapp up
: Change supported runtimes - [BREAKING CHANGE]
az webapp create
: Change supported runtimes - [BREAKING CHANGE]
az webapp list-runtimes
: Add--os
/--os-type
argument, change runtimes, change default behavior to return both linux and windows stacks, and deprecate--linux
argument - [BREAKING CHANGE]
az functionapp create
: Take runtime names and versions from API instead of hardcoded list az functionapp plan
: Update the max value of--max-burst
to 100az functionapp list-runtimes
: Add new command to show function app runtimes, versions, and compatible functions versionsaz webapp create
: Provide support--https-only
flagaz webapp deployment github-actions remove
: Fix the bug that path cannot start with a slash
ARM
az account management-group entities
: Add a new command group to support entities (Management Groups and Subscriptions) operations for the authenticated useraz account management-group hierarchy-settings
: Add a new command group to support operations on hierarchy settings defined at the management group levelaz account management-group tenant-backfill
: Add a new command group to support backfilling subscriptions for the tenantaz account management-group subscription show
: Get the details of a given subscription under a given management groupaz account management-group subscription show-sub-under-mg
: Show what subscription is under a given management groupaz account management-group check-name-availability
: Check if a management group name is valid and availableaz deployment
: Fix the bug of 'bytes object has no attribute get' for error handling in retry cases
Backup
- Add private endpoints support for Microsoft.RecoveryServices/vaults
Compute
az vm create
: Fix the issue that VMCustomization is not enabledaz vm disk attach
: Modify help description to guide how to use the--ids
parameter correctlyaz restore-point
: Add new command group to support managing restore pointaz vmss create/update
: Add new parameters--security-type
,--enable-secure-boot
and--enable-vtpm
to support Trusted Launchaz vmss create/update
: Add new parameters--automatic-repairs-action
to support repair actionaz vmss create/update
: Add new parameters--v-cpus-available
and--v-cpus-per-core
to support VMSize customization
Cosmos DB
az managed-cassandra cluster update
: Fix to allow--external-seed-nodes
and--external-gossip-certificates
to be updated by the user
Eventhub
az eventhubs namespace create
: Add--user-assigned
,--system-assigned
,--encryption-config
az eventhubs namespace identity
: Cmdlets for event hubs identityaz eventhubs namespace encryption
: Cmdlets for event hubs encryptionaz servicebus namespace create
: Add--user-assigned
,--system-assigned
,--encryption-config
az servicebus namespace identity
: Cmdlets for event hubs identityaz servicebus namespace encryption
: Cmdlets for event hubs encryption
IoT
az iot hub create
: Add the--enforce-data-residency
parameter to support creating resources with data residency enforced (and cross-region disaster recovery disabled)az iot dps create
: Add the--enforce-data-residency
parameter to support creating resources with data residency enforced (and cross-region disaster recovery disabled)
Key Vault
- Fix #21341:
az keyvault update
: Support updating tags az keyvault key create/import/set-attributes
: Support--immutable
to mark release policy immutableaz keyvault key import
: Support--kty oct
to import AES key
Monitor
az monitor log-analytics workspace table
: Add new commandcreate
,delete
andsearch-job create
to support Microsoft/Custom log/Search Results table operationsaz monitor log-analytics workspace update
: Add a new parameter--data-collection-rule
to support update defaultDataCollectionRuleResourceIdaz monitor log-analytics workspace table
: Add new commandrestore create
andmigrate
to support Restored logs table/migrate operations
Network
az bastion ssh
: Provide support for Bastion SSH access on Darwin and Linuxaz network private-endpoint
: Associate IP configurations and ASGs when creating PE
Packaging
- [BREAKING CHANGE] Drop Ubuntu 14.04 Trusty Tahr and Debian 8 Jessie support
- [BREAKING CHANGE] Drop Ubuntu 21.04 Hirsute Hippo support
- Add Ubuntu 21.10 Impish Indri support
- Bump embedded Python to 3.8 for deb packages
Profile
- [BREAKING CHANGE]
az account show
: Drop--sdk-auth
RDBMS
- Fix bug for private dns zone provisioning to vnet resource group in different subscription
- Enable rdbms-connect extension in Cloud Shell
Role
- Add warning to
role
andad
commands about Microsoft Graph migration
SQL
az sql server create/update
: Add federated client id support
Storage
az storage account create/update
: Support--sam-account-name
and--account-type
az storage blob upload
: Add--tier
, migrate to track2az storage blob upload-batch
: Migrate to track2
February 14, 2022
Version 2.33.1
Compute
- Hotfix: Fix #21224: Fix the issue that VMCustomization is not enabled
Packaging
- [BREAKING CHANGE] Drop jmespath-terminal from docker image
February 01, 2022
Version 2.33.0
ACR
az acr connected-registry create
: Add--notifications
to support adding patterns for generating notification events on connected registry artifactsaz acr connected-registry update
: Add--add-notifications
and--remove-notifications
to support adding or removing patterns for generating notification events on connected registry artifacts
AKS
az aks nodepool add/update/upgrade
: Add new parameter--aks-custom-headers
to support custom headersaz aks create
: Add new parameter--snapshot-id
to support creating a nodepool from snapshot when creating a clusteraz aks nodepool add/upgrade
: Add new parameter--snapshot-id
to support creating a nodepool from snapshotaz aks snapshot create/delete/list/show
: Add new commands to support the management of snapshot related operationsaz aks update/az aks nodepool update
: Allow empty string as label value
App Config
- [BREAKING CHANGE] Support app service slots
App Service
az webapp vnet-integration add
: Fix a bug that prevented adding a vnet in a different subscription from the webappaz functionapp vnet-integration add
: Fix a bug that prevented adding a vnet in a different subscription from the functionappaz webapp create
: Support joining a vnet in a different subscriptionaz functionapp create
: Support joining a vnet in a different subscriptionaz functionapp create
: Remove preview from PowerShell runtime for linuxaz appservice plan update
: Add--elastic-scale
and--max-elastic-worker-count
parameters to support elastic scaleaz webapp update
: Add--minimum-elastic-instance-count
and--prewarmed-instance-count
parameters to support setting instance countaz webapp up
: Add help text and debug text for configuration saving and loadingaz webapp list-runtimes
: Support node 16-lts runtime for linux and windows
Batch
az batch create/activate
: Add clarify application package path help info for argument--package-file
Bot Service
az bot create
: Add location as specified by user to bot creation for regionality/EUDB
Compute
az image builder create
: Add new parameter--proxy-vm-size
to support proxy VM size customizationaz image builder create
: Add new parameter--build-vm-identities
to support user assigned identities customizationaz vmss update
: Add new parameter--force-deletion
to support force delete VMSSaz vm/vmss create
: Add warning log and modify help to inform that the default valueContributor
of--role
will be removedaz disk-encryption-set create
: Make the parameter--source-vault
un-requiredaz vm create/update
: Add new parameters--v-cpus-available
and--v-cpus-per-core
to support VMSize customization
Cosmos DB
az managed-cassandra cluster status
: Add table format support
Key Vault
az keyvault create
: Add default permissions on keyvault creation
Monitor
az monitor action-group
: Support event hub receiver
NetAppFiles
az netappfiles account ad add
: Add new optional parameter named encrypt-dc-connectionsaz netappfiles volume export-policy add
: Add missing optional parameters kerberos5_read_only, kerberos5_read_write, kerberos5i_read_only, kerberos5i_read_write, kerberos5_p_read_only, kerberos5_p_read_write, has_root_access, chown_modeaz netappfiles account ad update
: Add command
Network
- Add Microsoft.DataFactory/factories to supported Private Endpoints
- Add Microsoft.Databricks/workspaces to supported private endpoints
az network private-endpoint
: Add parameter and subgroup to support IP Configuration, ASG and NicNameaz network traffic-manager endpoint create/update
: Add new arguments--min-child-ipv4
and--min-child-ipv6
.- Add Microsoft.HybridCompute/privateLinkScopes to supported Private Endpoints
Packaging
- Update Dockerfile base image from Alpine 3.14 to 3.15
RDBMS
az postgres flexible-server create
: Change default postgres version
Redis
az redis create
: Add default value for identity and public network access asNone
ServiceConnector
- Support new target resources: servicebus, eventhub, appconfig
Storage
- Stop supporting
--auth-mode login
foraz storage blob sync
andaz storage fs directory upload/download
January 04, 2022
Version 2.32.0
AKS
az aks create
: Add new parameter--enable-fips-image
to support enabling fips imageaz aks nodepool add
: Add new parameter--enable-fips-image
to support enabling fips image
App Service
- [BREAKING CHANGE]
az webapp up
: Remove support for the python|3.6 (linux and windows), ruby|2.5 (linux), and php|7.3 (windows) runtimes. Add support for the python|3.9 runtime (linux), php|8.0 (linux), and ruby|2.7 (linux) - [BREAKING CHANGE]
az webapp create
: Remove support for the python|3.6 (linux and windows), ruby|2.5 (linux), and php|7.3 (windows) runtimes. Add support for the python|3.9 runtime (linux), php|8.0 (linux), and ruby|2.7 (linux) - [BREAKING CHANGE]
az functionapp create
: Remove python 3.6 support - Fix #19550:
az staticwebapp users update
: Allow updating static web app user roles again az logicapp create
: Autogenerate a WS1 App Service Plan when no value for--plan
or--consumption-plan-location
is providedaz appservice plan create
: Allow creating App Service Plans for Logic Apps (SKUs WS1, WS2, and WS3)- Fix #20757:
az webapp up
: Fix list index out of range when no--plan
argument passed - Fix #18652:
az webapp up
: Search for *.csproj in child directories az webapp list-runtimes
: Remove support for the python|3.6 (linux and windows), ruby|2.5 (linux), and php|7.3 (windows) runtimes. Add support for the python|3.9 runtime (linux), php|8.0 (linux), and ruby|2.7 (linux)
Backup
az backup restore restore-azurewl
: Add client side validationsaz backup container unregister
: Support MAB type for parameter--backup-management-type
az backup protectable-item list/show
: Add auto-protection policy and node-list field in the response for SQLInstance SQLAGaz backup protection auto-enable-for-azurewl/auto-disable-for-azurewl
: Add support for SQLAG
Compute
az vm/vmss create/update
: Expand validate license types for--license-type
parameteraz sig image-definition list-shared
: Add new parameters--marker
and--show-next-marker
to support pagingaz sig image-version list-shared
: Add new parameters--marker
and--show-next-marker
to support paging
IoT
az iot hub update
: Add error handling for file-upload parameters and fixes empty $default storage endpoint errorsaz iot central app create
: Add new parameter--mi-system-assigned
to support creating an app with system-assigned managed identityaz iot central app identity show/assign/remove
: Add new commands to manage the system-assigned managed identity to an existing IoT Central appaz iot dps access-policy
: Be replaced withaz iot dps policy
az iot dps linked-hub create
: Add convenience arguments for linking hubs
Network
- Fix #19482: Azure Bastion AAD fix for new CLI core changes
az network lb inbound-nat-pool create
: Add new parameter--backend-pool-name
Profile
az account show/set
: Add-n
,--name
argument
Redis
az redis identity
: Add support for assigning and modifying Identity
REST
- [BREAKING CHANGE]
az rest
: RemoveresourceGroup
,x509ThumbprintHex
transforms
Role
- [BREAKING CHANGE]
az ad sp create-for-rbac
: Dropname
property from the output. UseappId
instead - [BREAKING CHANGE]
az ad sp create-for-rbac
: No role assignment will be created by default
Storage
az storage copy
: Add positional argumentextra_options
to pass through options toazcopy
Synapse
- [BREAKING CHANGE]
az synapse managed private endpoints create
: Remove--resource-id
and--group-id
, use--file
instead az synapse sql pool create/restore
: Add parameters--storage-type
to support specifying storage account typeaz synapse kql-script
: New command group to support Kusto script
December 07, 2021
Version 2.31.0
AKS
az aks update
: Support edit nodepool label after creationaz aks nodepool update
: Support edit nodepool label after creationaz aks create
: Fix issue that--attach-acr
parameter can't work
AMS
- Remove deprecated variable 'identifier_uri' from creating sp method
- Update api version for AMS and AVA private link registration
App Service
az functionapp create
: Add support for creating a webapp joined to a vnetaz webapp up
: Fix failure to detect dotnet 6.0 web appsaz appservice ase update
: Support for allowing new private endpoint connections on ASEv3az appservice ase list-addresses
: Support ASEv3az staticwebapp identity assign
: Assign managed service identity to the static web appaz staticwebapp identity remove
: Disable static web app's managed service identityaz staticwebapp identity show
: Display static web app's managed service identity- Fix #17507:
az staticwebapp functions
: Add support for linking existing function app to static webapp (bring your own functions) az staticwebapp create
: Update help text with guidance for repos in Github organizationsaz functionapp deployment source config-zip
: Fix #12289: Allow build on zip deploy for windows function appsaz staticwebapp create
: Add better error message when attempting to create a static webapp that already existsaz appservice
: Fix AttributeError during user error handlingaz appservice plan create
: Add--zone-redundant
parameter to support enabling zone redundancy for high availabilityaz webapp ssh
: Add proxy supportaz webapp create-remote-connection
: Add proxy supportaz webapp log download/tail
: Add proxy supportaz webapp create
: Fix container registry server url parsing for--deployment-container-image-name/-i
argumentaz functionapp deployment source config-zip
: Fix returning success when the deployment did not succeedaz staticwebapp appsettings set
: Make set functionalaz staticwebapp appsettings
: Switch to the new SWA app settings SDK methodsaz functionapp plan create
: Add--zone-redundant
parameter to give the option to create a zone redundant app service plan- Support managed identity in App Service container
ARM
az resource\group list
: Support querying data only by passing the tag name to--tag
parameteraz account management-group
: Add new parameters--no-register
to skip RP registration forMicrosoft.Management
az deployment
: Prettify error output for ARM deploymentaz bicep install
: Add a new parameter--target-platform/-t
to specify the running platform of Bicep CLIaz bicep upgrade
: Add a new parameter--target-platform/-t
to specify the running platform of Bicep CLIaz deployment sub/tenant/mg create
: Fix theKeyError: 'resourceGroup'
in outputting results in table format when deploying non-resource group level resourcesaz policy assignment create
andaz policy assignment identity assign
support adding user assigned identityaz bicep install
: Work now behind a corporate proxy
Backup
- GA
az backup
and some bug fixes az backup protectable-item list/show
: Fix AttributeError for server_nameaz backup restore restore-disks
: Add support for Cross Zonal Restore
Cognitive Services
az cognitiveservices account deployment
: Add new commandsshow
,list
,create
,delete
az cognitiveservices account commitment-plan
: Add new commandsshow
,list
,create
,delete
az cognitiveservices commitment-tier
: Add new commandlist
Compute
- Fix #20182:
az snapshot create
: Fix auto-detection bug for--copy-start
- Fix #20133:
az vm create
: Fix--data-disk-delete-option
not working when no--attach-data-disks
are provided - Fix boot diagnostics decoding
az vm create/update
: Add new parameter--enable-hibernation
to support enabling hibernation capabilityaz vm/vmss run-command show
: Add new parameter--instance-view
to support tracking the progress of RunCommand- Update the help description for unmanaged disks
az disk create/update
: Add--public-network-access
argument to control the policy for export on the diskaz disk create/update
: Add--accelerated-network
argument to support the accelerated networkingaz snapshot create/update
: Add--public-network-access
argument to control the policy for export on the diskaz snapshot create/update
: Add--accelerated-network
argument support the accelerated networkingaz snapshot create
: Fix #20258: Fix creating a snapshot of a Uniform VMSS OS disk
EventGrid
- GA
az eventgrid system-topic
Key Vault
az keyvault key encrypt/decrypt
: Support AES algorithm for MHSMaz keyvault key rotation-policy update
: Support both camel case and snake case json for--value
NetAppFiles
az netappfiles volume create
: Fix volume export policy
Network
az network express-route peering connection ipv6-config
: Add new commandsset
,remove
az network application-gateway waf-policy managed-rule exclusion
: Add new subgrouprule-set
to support per rule exclusionsaz network bastion create
: Fix invalid validator when--scale-units
is Noneaz network vnet create
: Add--enable-encryption
argument to support enable encryption on virtual networkaz network vnet update
: Add--enable-encryption
argument to support enable encryption on virtual networkaz network vnet create
: Add--encryption-enforcement-policy
argument to choose If Virtual Machine without encryption is allowed in encrypted Virtual Network.az network vnet update
: Add--encryption-enforcement-policy
argument to choose If Virtual Machine without encryption is allowed in encrypted Virtual Network.
Packaging
- Support Python 3.10
- Add Dockerfile.mariner to support Mariner build
Profile
az logout
,az account clear
: Remove ADAL token cache fileaccessTokens.json
RDBMS
- Fix private DNS zone suffix bug
- Fix #20124:
az mysql/postgres flexible-server db create
: Make resource group and server name required az postgres flexible-server
: Remove preview tag
Storage
az storage share list-handle/close-handle
: New commands for share handle- GA account level and blob version level immutable storage
Synapse
- [BREAKING CHANGE]
az synapse sql/pool audit-policy
: Remove--blob-auditing-policy-name
az synapse notebook/spark-job-definition
: Add--folder-path
argumentaz synapse spark pool create/update
: Add--spark-config-file-path
az synapse spark job submit
: Fix for--main-class-name
az synapse sql-script
: New command group to support sql script management
November 02, 2021
Version 2.30.0
Core
- [BREAKING CHANGE] Migrate from ADAL to MSAL. For more details, see MSAL-based Azure CLI
ACR
- [BREAKING CHANGE]
az connected-registry
:--repository
flag short version-t
is being removed. - [BREAKING CHANGE]
az connected-registry install renew credentials
: Now it requires the user to confirm password generation. az connected-registry install
: Deprecate and redirect toaz acr connected-registry get-settings
.az connected-registry repo
: Deprecate and redirect toaz acr connected-registry permissions update
.az connected-registry permissions show
: A new command that allows the user to see the sync scope map information.az connected-registry get-settings
: A new command that retrieves the necessary information to install a connected registry and allows the generation of a new sync token password.az connected-registry create
: No longer adds a postfix to the sync token and scope map name.
AKS
az aks create/update
: Add new parameter--aks-custom-headers
to support for custom headersaz aks create
: Support setting--private-dns-zone
to none for private cluster creationaz aks create/update
: Add new parameter--enable-secret-rotation
and--rotation-poll-interval
to support secret rotationaz aks enable-addons
: Add new parameter--enable-secret-rotation
and--rotation-poll-interval
to support secret rotation
App Config
az appconfig kv import/export
: Add new parameter--profile
to support usingappconfig/kvset
profile
App Service
- Fix #19617:
az webapp ssh
: Open Web SSH on the specified instance az staticwebapp hostname
: Support adding static webapp hostname via TXT validation- Enable support for PowerShell on Linux function apps with V4
ARM
az bicep publish
: Add new command to publish bicep modules
ARO
az aro create
: Remove Identifier URIs
Compute
az disk update
: Fix the problem that updating network access policy toAllowPrivate
failedaz vm update
: Add--host
argument and--host-group
argument to support assign an existing VM to a specific ADH- Fix #19599:
az vm create
: Fix the issue that--nic-delete-option
not working when no--nics
is provided. az snapshot create
: Support copyStart as createOptionaz vmss create/update
: Support in-guest patching for VMSSaz vm application set/list
: Add new commands to support VM applicationaz vmss application set/list
: Add new commands to support VMSS applicationaz vm create
: Add--ephemeral-os-disk-placement
argument to support choosing the Ephemeral OS disk provisioning locationaz vmss create
: Add--ephemeral-os-disk-placement
argument to support choosing the Ephemeral OS disk provisioning locationaz vm update
: Add--size
argument to support the resizeaz vmss update
: Add--vm-sku
argument to support the resizeaz vm run-command
: Add new commands to support managing the running commands in VMaz vm update
: Add--ephemeral-os-disk-placement
argument to support choose the Ephemeral OS disk provisioning locationaz vmss update
: Add--ephemeral-os-disk-placement
argument to support choose the Ephemeral OS disk provisioning locationaz sig gallery-application
: Add new commands to support managing gallery applicationaz sig gallery-application version
: Add new commands to support managing gallery application version- GA the features related to Flex VMSS
Container
az container create
: Add parameter--zone
to support Availability Zone selectionaz container create
: Fix the issue that--subnet
or--vnet
cannot be used with IP address typePublic
to allowPrivate
az container create
: Add Support for--registry-login-server
to work with--acr-identity
Cosmos DB
az cosmosdb mongodb retrieve-latest-backup-time
: Add new command for fetching latest restorable timestamp for Mongo Account.az cosmosdb locations
: Add new commands for listing account locations and their properties.az managed-cassandra cluster/data-center
: GA support for managed cassandra cluster and data center
DMS
az dms project create/az dms project task create
: Add MySQL projects/tasks for offline migrations.
FunctionApp
- [BREAKING CHANGE]
az functionapp devops-pipeline
: Remove commands and move them tofunctionapp
extension
HDInsight
az hdinsight create
: Add two parameters--zones
and--private-link-configurations
to support creating cluster with availability zones feature and creating private link enabled cluster with private link configurations feature.
Key Vault
- Support Keyvault SKR
az keyvault key random
: Request some random bytes from managedHSMaz keyvault rotation-policy/key rotate
: Support rotate key and manage key rotation policyaz keyvault create/update
: Add--public-network-access
parameter
Monitor
az monitor metrics alert condition
: Add support for 'skip metric validation'
NetAppFiles
- [BREAKING CHANGE]
az netappfiles account backup-policy create/update
: Remove optional parameter--yearly-backups
. az netappfiles account list
: Add option to skip--resource-group
parameter and fetch accounts for subscription.az netappfiles pool create
: Add optional parameter named--encryption-type
az netappfiles volume create
: Add optional parameters:--network-features
,--avs-data-store
,--default-group-quota
,--default-user-quota
,--is-def-quota-enabled
az netappfiles volume update
: Add optional parameters:--default-group-quota
,--default-user-quota
,--is-def-quota-enabled
Network
az network bastion create
: Add new parameter--scale-units
and--sku
to support setting scale unitaz network vnet
: Add parameter--bgp-community
az network private-endpoint-connection
: Support "Microsoft.Cache/Redis"az network private-endpoint-connection
: Support "Microsoft.SignalRService/WebPubSub"
RDBMS
- Introduce MySQL georestore command and update validators
- GA
az mysql flexible-server
Service Bus
- Fix MU capacity to include 16 when updating namespace
ServiceConnector
az webapp/spring-cloud connection
: New command group to support service to service connection
SQL
az sql server ad-admin
: Fix breaking change made to update and delete
Synapse
az synapse kusto
: Add Kusto pool(mgmt) support
October 29, 2021
Version 2.29.2
ARO
- Hotfix:
az aro create
: Remove Identifier URIs
October 21, 2021
Version 2.29.1
Compute
- Hotfix: Fix static webapp commands that are broken due to the upgrade of
azure-mgmt-web
to 4.0.0
October 12, 2021
Version 2.29.0
AKS
az aks check-acr
: Bump canipull to 0.0.3 alpha to support sovereign cloudaz aks create/update
: Add new parameter--disable-local-accounts
to support disable local accountsaz aks enable-addons
: Support open-service-mesh addonaz aks create/update
: Add support for updating tags
App Config
- Fix dependencies for multiple installations of
jsondiff
andjavaproperties
App Service
az webapp create/up
: Correct the typo of wrong java version in helpaz logicapp create/delete/show/list
: Add new commands to support logicapp related operationsaz staticwebapp environment delete
: Add command to support deleting static app environmentaz functionapp show
: Add kind validation for show operationaz webapp config backup list
: Fix issue that returned backup configuration instead of backup listaz logicapp start/restart/stop
: Add new commands for logicappaz webapp config storage-account
: Update parameter descriptions
ARM
az deployment
: Remove the log of printing request body from custom policyaz deployment group create
: Fix incorrect scope in the example of creating deployment from template-specaz ts create
: Simplify overwrite confirmation message
Backup
az backup container register
: Fix refresh container bugaz backup
: Add CRR functionality for Azure Workloadaz backup
: Add support for MAB backup management type in some sub commands
Compute
az sig create/update
: Add new parameter--soft-delete
to support soft deleteaz sig image-version
: Add new parameter--replication-mode
to support setting replication modeaz vm/vmss update
: Fix disassociation VM/VMSS from capacity reservationaz vm/vmss create
: Hide alias--data-delete-option
in helpaz vmss create
: Support quick creation for flexible VMSS
Container
- [BREAKING CHANGE]
az container create
: Remove--network-profile
parameter, property no longer supported az container logs
: Fix the attribute error introduced by Track 2 migrationaz container create
: Add parameter--acr-identity
for support of MSI authenticated ACR image pull
Cosmos DB
az cosmosdb identity assign/remove
: Add support for user identity
Eventhub
az eventhubs namespace update
: Add--infra-encryption
for encryption (enable-require-infrastructure-encryption).az eventhubs namespace create/update
: Add--disable-local-auth
to enable or disable SAS authentication.az eventhubs namespace
: Addprivate-endpoint-connection
andprivate-link-resource
command groups
Key Vault
- [BREAKING CHANGE] Fix #18479:
az keyvault network-rule add
: Fix the bug which allows duplicate--ip-address
with the ones already in the network-rule - Fix #10254:
az keyvault network-rule add
: Add capability to accept multiple ip-addresses as a list in the form of--ip-address ip1 [ip2] [ip3]...
az keyvault delete
: Add warning when deleting managed HSM
Network
- Add
az network custom-ip prefix wait
- Add
az network vnet-gateway packet-capture wait
- Add
az network vnet-gateway vpn-client ipsec-policy wait
- Add
az network vnet-gateway nat-rule wait
- Add
az network vpn-connection packet-capture wait
- Private link and endpoint support for provider
Microsoft.BotService/botServices
to supported private endpoints operations az network application-gateway client-cert
: Add commandsupdate
andshow
az network application-gateway ssl-profile
: Add commandsupdate
andshow
az network application-gateway http-listener create
: Add parameter--ssl-profile
az network application-gateway http-listener update
: Add parameter--ssl-profile
- Onboard hdinsight private link2 network cmdlets
az network bastion create
: Add--tags
argument- Private link and endpoint support for provider
Microsoft.Authorization/resourceManagementPrivateLinks
- Private link and endpoint support for provider
Microsoft.MachineLearningServices/workspaces
Profile
az account show
: Deprecate--sdk-auth
RDBMS
- [BREAKING CHANGE]
az postgres flexible-server migration
: Change--properties @{filepath}
to--properties {filepath}
az postgres flexible-server migration create
: User can pass in filename with double quotes or no quotes and same for absolute paths.az postgres flexible-server migration check-name-availability
: Add a command to check if a migration name is available.az postgres flexible-server migration update
: Add--start-data-migration
to reschedule the migration to start right now.- Update list-skus, create command location setting and replica command
Role
az ad sp create-for-rbac
: Deprecate--sdk-auth
Security
- Add command
az security setting update
Storage
- Fix #19279: Add clarification for file system name to also mean container name.
- Fix #19059: Fix doc link to point to public doc website
az storage account hns-migration start/stop
: Support migrate a storage account to enable hierarchical namespaceaz storage container-rm create/update
: Add--root-squash
to support enable nfsv3 root squash or all squash- Fix #17858:
az storage blob upload
: make --name optional az storage account create/update
: Add --public-network-access parameteraz storage container immutability-policy create
: Add --allow-protected-append-writes-all/--w-all parameteraz storage container legal-hold set
: Add --allow-protected-append-writes-all/--w-all parameteraz storage account create/update
: Enable account level immutability
Synapse
- [BREAKING CHANGE]
az synapse sql/pool audit-policy update
: Add parameterblob-storage-target-state
,log-analytics-target-state
,event-hub-target-state
(at least choose one of these 3 paras) az synapse integration-runtime
: Support start/stop integration-runtimeaz synapse trigger
: Add az synapse trigger waitaz synapse trigger-run
: Add az synapse trigger-run cancelaz synapse integration-runtime
: Deprecatecreate
command and will redirect tomanaged create
orself-hosted create
commandaz synapse dataset/pipeline/linked-service/trigger
: Deprecateset
command and will redirect toupdate
commandaz synapse workspace-package
: Support workspace package CRUDaz synapse spark pool update
: Support add or remove specific packagesaz synapse workspace create/update
: Add arguments for supporting synapse workspace repository configurationaz synapse spark-job-definition
: Support spark job definition CRUD
September 09, 2021
Version 2.28.1
ARM
Hotfix: Fix #19468: pip installs azure-cli 2.0.73 because of the dependency on deprecated package jsmin
September 07, 2021
Version 2.28.0
ACR
az acr create/update
: Add support for disabling export through--allow-exports
az acr
: Bump core api-version to2021-06-01-preview
from2020-11-01-preview
. agent_pool, tasks and runs operations unchanged from2019-06-01-preview
az acr task credential
: Fix the issue where task credentials were not usedaz acr task logs
: Fix the AttributeError when querying the task logs
AKS
- [BREAKING CHANGE]
az aks nodepool update
: Change rejecting the ability to use max-surge with node-image-only az aks install-cli
: Add support for kubelogin darwin/arm64 releases- Fix incorrectly passed parameter for option
--assign-kubelet-identity
in aks create sub-command - Upgrade api-version to
2021-07-01
for ACS module az aks create/update
: Add support for private cluster public fqdn feature- Revert PR #18825:
az aks create/update
: Add parameter--auto-upgrade-channel
to support auto upgrade (with fix) aks create/aks nodepool add
: Add parameter--os-sku
to support choosing the underlying container host OS
App Config
appconfig kv import/export
: Add endpoint validation during import and export
App Service
az webapp config storage-account list/add/update/delete
: Remove preview flag- Fix #18497:
functionapp identity show
: Fix the crashes when the functionapp name does not reference an existing functionapp az webapp config set
: Add additional help examples for powershell users- Fix #17818:
az functionapp update
: Add instance validation for updating functionapp az webapp config hostname add
: Fix the issue caused by AttributeErroraz webapp config hostname add
: Fix the issue caused by AttributeError- Fix #16470:
az staticwebapp secrets
: Add commands to manage deployment secrets az webapp deployment source config-local-git
: Fix the issue caused by AttributeError when slot option is specifiedaz webapp deleted restore
: Fix the issue that 'WebAppsOperations' object has no attribute 'restore_from_deleted_app'az webapp up
: Add ability to deploy Linux and Windows webapps to the same resource groupaz webapp up
: Add support for deploying to an App Service Environment- Fix #19098:
az webapp deployment slot auto-swap
: Fix the AttributeError error for parameters--slot --disable
ARM
az feature registration
: Add az feature registration apisaz tag create
: Add the note for handling existing tag in helpaz ts create
: Fix issue where creating a template spec with inner deployments that reference a common template fails
CDN
az cdn endpoint create
: Fix endpoint creation failure with--content-types-to-compress
Compute
az ssh vm
: Raise error for managed identity and Cloud Shell- Upgrade api-version for VM and VMSS from
2021-03-01
to2021-04-01
az vmss create/update
: Support spot restore policy to VM scale sets- Add new examples for creating disk from share image gallery
az vm image list/list-offers/list-skus/list-publishers/show
: Add new parameter --edge-zone
to support querying the image under edge zone- Fix the issue caused by the lack of
os_type
when creating VM from shared gallery id - Update shared image gallery doc
az capacity reservation
: Add new commands to manage capacity reservationaz capacity reservation group
: Add new commands to manage capacity reservation groupaz vm create/update
: Add new parameter--capacity-reservation-group
to support association to capacity reservationaz vmss create/update
: Add new parameter--capacity-reservation-group
to support association to capacity reservationaz vmss create
: Support creating VMSS from shared gallery image
IoT
az iot hub/dps certificate update/create
: Add--verified
argument to mark certificates as verified without proof-of-possession flowaz iot hub create/update
: Add--disable-local-auth
,--disable-device-sas
, and--disable-module-sas
arguments to configure accepted SAS key authentication methods.
Key Vault
az keyvault private-endpoint-connection list
: Support list mhsm's private endpoint connectionsaz keyvault set-policy
:--key-permissions
add new optionrelease
Network
- Fix NSG rule creation example mistake
- Add a new command group
az network custom-ip prefix
. az network public-ip
: Add parameter--ip-address
.az network public-ip prefix create
: Add parameter--custom-ip-prefix-name
.az network dns record-set {record-type} add-record
: Support idempotent- PrivateLink supports
Microsoft.Purview/accounts
2021-07-01 az network bastion ssh
: connect to a Virtual machine through ssh using Bastion Tunneling.az network bastion rdp
: connect to a Virtual machine through native RDP using Bastion Tunneling.az network bastion tunnel
: connect to a Virtual machine using Bastion Tunneling.
Packaging
- Use Python 3.9 in Homebrew formula
- When installed with RPM, run python3.6 if available
- Add Ubuntu 21.04 Hirsute Hippo support
- Add Debian 11 Bullseye support
- Drop Ubuntu 20.10 Groovy Gorilla support
PowerBI
- Add private link provider Microsoft.PowerBI/privateLinkServicesForPowerBI
RDBMS
- [BREAKING CHANGE]
az postgres flexible-server migration
: Rename--migration-id
to--migration-name
- [BREAKING CHANGE]
az mysql flexible-server create/update
:--high-availability
available parameter is changed from 'Enabled' to 'ZoneRedundant' and 'SameZone' . - Fix maintenance window update issue with MySQL and Change restart parameter to be case insensitive
az mysql flexible-server restore
enables network option change from private network to public network and vice versa.az mysql flexible-server replica create
: Addzone
parameter.
Role
az role assignment create
: SupportForeignGroup
for--assignee-principal-type
az role assignment create
: Do not invoke Graph API if--assignee-principal-type
is provided
SQL
az sql mi update
: Add --subnet and --vnet-name parameters to support the cross subnet update SLO- Fix the enum name change in track2 Python SDK
Storage
- Fix #10765: Refine error message when account key is incorrect padding
Synapse
- [BREAKING CHANGE] Rename
az synapse workspace key update
toaz synapse workspace key activate
and remove--is-active
- Optimize submit spark job arguments
az synapse
: Add managed private endpoints feature.- Spark pool remove library requirement
August 23, 2021
Version 2.27.2
Cosmos DB
- Hotfix:
az cosmosdb restore
: Fix the restore command for deleted accounts
August 17, 2021
Version 2.27.1
ARM
- Hotfix: Fix #19124:
az deployment what-if
: Handle unsupported and no effect change types
Batch
Upgrade batch data-plane to azure-batch 11.0.0
Upgrade batch management-plane to azure-batch-mgmt 16.0.0
az batch location
: Add list-skus
command to list SKUs available in a location
az batch account
: Add outbound-endpoints
command to list outbound network dependencies
August 03, 2021
Version 2.27.0
ACR
- [BREAKING CHANGE]
az acr connected-registry install info
: Add a new required parameter--parent-protocol
. - [BREAKING CHANGE]
az acr connected-registry install renew-credentials
: Add a new required parameter--parent-protocol
. az acr import
: Support new parameter--no-wait
- Fix the Python SDK compatibility issue when migrating Track 2
az acr build
: Make file .dockerignore include directories with!
AKS
az aks check-acr
: Fix issues parsing certain client minor versions
AppConfig
- [BREAKING CHANGE]
appconfig feature set
: Set the value of parameter--description
to empty string if it is not specified - [BREAKING CHANGE]
az appconfig feature
: Support namespacing for feature flags and change output fields az appconfig create
: Add tags support when creating resource
App Service
az webapp config set
: Add support for VNet Route All property.az webapp vnet-integration add
: Default to VNet Route All. Allow cross subscription integration.az appservice ase create
: Support for ASEv3 External and Zone redundancyaz webapp hybrid-connection add
: Improve help/error message and unblock Linuxaz webapp config access-restriction remove
: Fix #18947 issue removing service endpoint rules- : Fix #17424:
az appservice plan show
: Provide correct exit status
ARM
az what-if
: Fix output formattingaz bicep uninstall
: Add new command to uninstall bicepaz bicep build
: Fix an issue where running with --stdout doesn't print any outputaz provider register
: Add deprecate info for--accept-term
az lock create/delete
: Add examples for operating different levels of locksaz deployment group/sub/mg/tenant create
: Add --what-if parameter for invoking What-If with the deployment create commands.az deployment group/sub/mg/tenant create
: Add --proceed-if-no-change parameter to skip confirmation when --confirm-with-what-if is set and there's no changes in What-If results.- Bump api-version from 2020-10-01 to 2021-04-01
az ts create
: Make parameter--template-file
support bicep fileaz resource create
: Add example for creating site extension to web appaz ts export
: Fix the issue that export template specs with no linked templates failed
Backup
az backup vault
: Add support for Customer Managed Keys(CMK)az backup restore restore-disks
: Add MSI usage in IaaS VM Restore
CDN
az cdn endpoint rule
: Add OriginGroupOverride action support
Compute
az sig image-version create
: Support mixing disks, snapshots, and vhdaz vmss update
: Upgrade package version to fix securityProfile issueaz vm boot-diagnostics get-boot-log
: Fix crash when getting boot diagnostics logaz vm list-skus
: Fix the issue that it can't query the SKU which with partially zones availableaz vm auto-shutdown
: Fix the issue that--webhook
is required when--email
is passed inaz vm create
: Support creating VM from shared gallery imageaz vm secret add
: Add note to use Azure Key Vault VM extension instead in help
Container
az container exec
: Fix and improve terminal experience
DataBoxEdge
- Migrate databoxedge to track2 SDK
DMS
az dms project create/az dms project task create
: Remove MySQL projects/tasks for online migrations since they are no longer supported.
IoT
az iot hub create/update
: Add checks to prevent bad file-upload identity parameters when hub doesn't have identityaz iot hub create/update
: Add--fileupload-notification-lock-duration
parameteraz iot hub create/update
: Deprecatefileupload-storage-container-uri
parameteraz iot dps/hub certificate create
: Certificates will now always be uploaded in base64 encoding.
Key Vault
- [BREAKING CHANGE] Fix #13752: az keyvault create not idempotent. Creating existing keyvault will fail.
- Fix #6372: table output for secrets isn't correct
Maps
az maps creator create
: Support maps creator create managedaz maps creator update
: Support maps creator update managedaz maps creator list
: Support maps creator list managedaz maps creator show
: Support maps creator show managedaz maps creator delete
: Support maps creator delete managed
NetAppFiles
az netappfiles volume pool-change
: Update help description for pool-change
Network
az network application-gateway create
: Add--ssl-certificate-name
argument- Private link add Microsoft.ServiceBus/namespaces provider
az network application-gateway waf-policy custom-rule match-condition add
: Add examplesaz network express-route port link update
: Add--macsec-sci-state
argument.- Private link add Microsoft.Web/hostingEnvironments provider
az network lb frontend-ip update
: Support cross tenant for argument--gateway-lb
.az network nic ip-config update
: Support cross tenant for argument--gateway-lb
.- Private link add Microsoft.StorageSync/storageSyncServices provider
- Private link add Microsoft.Media/mediaservices provider
- Private link add Microsoft.Batch/batchAccounts provider
Packaging
- Add licenses to all Python packages
- Add SOCKS Proxy Support
PolicyInsights
- Migrate to track 2 SDK
RDBMS
- PostgreSQL, MySQL migration to GA API
Redis
az redis create\update
: Add new parameter--redis-version
SQL
- Update Microsoft.Sql to track2 SDK
az sql server outbound-firewall-rule create
: Azure CLI Commands for Outbound Firewall Rules
Storage
- Fix #18352:
az storage fs file list --exclude-dir
breaks with--show-next-marker
az storage fs generate-sas
: Support generate sas token for file system in ADLS Gen2 accountaz storage account blob-service-properties
: Support last access tracking policystorage container-rm migrate-vlw
: Support Version level Worm (VLW)az storage copy
add new option--cap-mbps
Synapse
synapse workspace key update
: Fix the issue that updating a workspace key failure due to parameter--is-active-cmk
lost- Reimport notebook failure
July 14, 2021
Version 2.26.1
ACR
- Hotfix:
az acr build\connected-registry\pack\run\scope-map
: Fix the compatibility bug caused by SDK upgrade
AKS
- Hotfix:
az aks create
: Fix the issue thatassign-kubelet-identity
option can't work
Storage
- Hotfix: Fix issue caused by jwt upgrade.
- Hotfix:
az storage fs directory download
: Fix the issue with--sas-token
to generate valid sas url - Hotfix:
az storage blob copy start
: Fix the issue in copy from different account
July 06, 2021
Version 2.26.0
AKS
- Migrate ACS module to track 2 SDK
- Upgrade api-version to 2021-05-01 for ACS module
- Add UltraSSD support
- Support use custom kubelet identity
az aks get-credentials
: Add a check for KUBECONFIG environmental variable
APIM
- Add version parameter for apim api import
- Fix apim upgrade bug when specifying protocols
az apim create
: Fix--enable-managed-identity
true failure
App Config
- Stop overwriting KeyVault reference content type during import
App Service
- [BREAKING CHANGE]
az functionapp create
: Remove support for EOL Node 8 and 10 - [BREAKING CHANGE]
az webapp deployment source config
: Remove vsts-cd-manager - [BREAKING CHANGE]
az functionapp deployment source config
: Remove vsts-cd-manager az webapp/functionapp config access-restriction add
: Prevent duplicate rules using service endpoints.az webapp/functionapp config access-restriction remove
: Remove service endpoints are case-insensitiveaz webapp config access-restrictions add
: Skip validation if user does not have access to get service tag list.- Add support for Linux Consumption and improve how content share name is generated.
- : Fix an issue where adding VNET integration & Hybrid connections on a slot is not working
az appservice domain create
: Fix get correct domain agreementsaz webapp deployment github-actions add/remove
: new commands
AppConfiguration
- Add support for
disable_local_auth
ARM
az provider register
: Make parameter--accept-term
become not required
ARO
az aro create
: Add cidr values for pod/service- Fail if resource doesn't exist on delete
Azurestack
- Azure Stack Hub Support for AKS and ACR has been added in 2020-09-01-hybrid profile
Backup
az backup container
: Fix container registration Workload container registration fix, SDK upgraded to 0.12.0, Fixed and Re-ran tests- Add Archive Support for Azure CLI
Billing
- Migrate billing to track2 SDK
Cognitive Services
az cognitiveservices account
: Add list-deleted, show-deleted, recover, purge commands
Compute
az sig create/update
: Add --permissions to specify the permission of sharing gallery.az sig share
: Manage gallery sharing profile.az sig list-shared
: List shared galleries by subscription id or tenant id.az sig show-shared
: Get a shared gallery.az sig image-definition list-shared
: List shared galleries by subscription id or tenant id.az sig image-definition show-shared
: Get a shared gallery image.az sig image-version list-shared
: List shared galleries by subscription id or tenant id.az sig image-version show-shared
: Get a shared gallery image version.az vmss create
: Support NetworkApiVersion for Vmss with OrchestraionMode == Flexible- Make dependent resources of VM/VMSS support edge zone
- Update from CoreOS to Flatcar
- Add the hint to suggest users use the standard public IP when creating VM
Container Registry
- Migrate to track2 SDK
Cosmos DB
- Add point-in-time restore commands to the stable branch.
- Add support for selecting Cosmos DB analytical storage schema type
HDInsight
az hdinsight create
: Remove the incoming breaking change notice for the parameter--workernode-size
and--headnode-size
.- Add three new cmdlets to support new azure monitor feature:
NetAppFiles
az netappfiles account ad add
: Optional parameter added named --administratorsaz netappfiles pool create
: Optional parameter added --cool-accessaz netappfiles volume create
: Optional parameters added named --chown-mode, --cool-access, --coolness-period, --coolness-periodaz netappfiles volume backup restore-status
: Command added to see backup restore status
Network
az network routeserver create
: Add--public-ip-address
argument.
RDBMS
- Add autogrow parameter for MySQL and add database name to output json when created
Resource
- Third-party S2S Consent/Permission Enumeration
Security
- Remove preview from security module
SQL
- Bump sdk version
- Fix for server create in SQL 0.28
az sql db ledger-digest-uploads
: Support SQL Ledger- Fix for IdentityType for UMI
az sql db str-policy set/show
: Add Set and Show ShortTermRetentionPolicy
Storage
- GA support secured SMB
az storage account create
: Support--enable-nfs-v3
to set NFS 3.0 protocol- Support container soft delete
June 15, 2021
Version 2.25.0
ACR
az acr connected-registry
: Minor bug fixes
App Service
az webapp deployment source config-local-git
: Fix to set SiteConfig
ARM
az resource tag
: Fix the problem of tagging resources with resource typeMicrosoft.Network/publicIPAddresses
az policy assignment non-compliance-message
: New command group for policy assignment non-compliance messagesaz policy assignment update
: New command for partially updating existing policy assignments
Backup
- Migrate backup to track2 SDK
Compute
- Upgrade api-version for VM and VMSS from '2020-12-01' to '2021-03-01'
az vm create
: Support delete option for NICs and Disks for VMs in Azure CLI- Support user_data for VM and VM Scale Sets
Container
az container exec
: Decode received bytes as utf-8 string
EventGrid
- Migrate track2 SDK
HDInsight
- Migrate to track2 Python SDK 7.0.0
Iot Hub
- Fix for user-assigned identity ARM issue on remove
Key Vault
- Fix #11871: AKV10032: Invalid issuer error for operations in nondefault tenant/subscription
az keyvault set-policy/delete-policy
: Support --application-idaz keyvault recover
: Support MHSMaz keyvault private-link-resource list
: Support MHSMaz keyvault private-endpoint-connection
: Support MHSM
NetAppFiles
az netappfiles volume backup status
: Command added to get the status of the backup for a volume.az netappfiles volume update
: Optional parameter added named--snapshot-policy-id
o assign a snapshot policy to the volume.az netappfiles volume backup create
: Optional parameter added named--use-existing-snapshot
to manually backup an already existing snapshot.az netappfiles volume backup update
: Optional parameters added named--use-existing-snapshot
to manually backup an already existing snapshot. Optional parameter label also added to add a label to backup.
Network
- Support
Microsoft.Sql/servers
provider in Private link az network private-link-resource list
: Support--type microsoft.keyvault/managedHSMs
az network private-endpoint-connection
: Support--type microsoft.keyvault/managedHSMs
RDBMS
- Add commands for Github actions
az postgres flexible-server migration
: Add customer facing feature to migrate postgres db servers from Sterling to Meru platform- Private DNS zone parameter added for restore command, high availability validator
- Change server default location (issue reported)
Role
- [BREAKING CHANGE]
az ad sp create-for-rbac
:--name
is now only used as thedisplayName
of the app. It is not used to generateidentifierUris
anymore.name
in the output is now the same asappID
(servicePrincipalNames
) and deprecated.
SignalR
az signalr identity
: Add managed identity related commandaz signalr cors update
: Add update command for cors
Storage
az storage blob copy start
: Support --tier and --rehydrate-priority- GA release storage file share NFS and SMB multichannel
- [BREAKING CHANGE]
az storage account create
: RemoveStorageFileDataSmbShareOwner
option for --default-share-permission az storage blob list
: --delimiter parameter value will now be honored
Synapse
- Update to AZ Synapse mgmt 2.0.0
- Spark configuration conversion, which cause the failure
Webapp
- Add to
az webapp deploy
param help text
June 02, 2021
Version 2.24.2
Container
- Hotfix: Fix #18276:
az container create
fails withAttributeError: 'ResourcesOperations' object has no attribute 'create_or_update'
June 01, 2021
Version 2.24.1
App Service
- Hotfix: Fix #18266 - webapp config appsettings set command causing all values to default to "false"
ARM
- Hotfix: Fix deserialization issue in the What-If formatter of ARM template
Compute
- Hotfix: Fix the bad request issue when creating VMSS in Azure Stack
IoT
- Hotfix: Fix issue for removing last user-assigned identity from IoT Hub
May 25, 2021
Version 2.24.0
AKS
az aks check-acr
: Add the nodeslector linux to avoid the "canipull" pod to be scheduled on the windows node- Sdk update
- az aks create and update azure-rbac
- Add run-command cli
App Config
- Allow importing key-values with unicode characters from file
App Service
- [BREAKING CHANGE]
az webapp list-runtimes
: Add Dotnet6 support and update runtimes webapp log tail
: Fix #17987: logging.warning call with invalid 'end' argument- Fix #16838- az cli update app setting command always making slotsetting to true
az appservice
: Add function to retrieve users github personal access token- az staticwebapp appsettings set issue #17792
- Fix #18033: az staticwebapp appsettings set of missing positional param app_settings
- Fix issues with APIs signature that changed with Track2 update
- Fix get resource management client properly
- Add interactive way to get token for staticwebapp
- Fix an issue where assign and remove identities would fail with a call to NoneType
ARM
- Migrate resource to track2 SDK
az ts
: Add UiFormDefinition file support to TemplateSpecs for GA (05/04)
ARO
- Add cluster credential rotation
Compute
az sshkey create
: Save private key to local file system
Cosmos DB
- Create and manage Role Definitions and Role Assignments for enforcing data plane RBAC on Cosmos DB SQL accounts
DevTestLabs
az labs create environment
: Fix error creating an environment from an ARM template
HDInsight
- [BREAKING CHANGE]
az hdinsight create
: Use getting default sku api to set workernode and headnode size if customer does not provide.
IoT
az iot hub create
: Support assigning identities and assigning roles to system-managed identity.az iot hub update
: New parameter--file-upload-storage-identity
to allow for managed-identity authenticated file upload.az iot hub identity assign
: New command to assign user/system-assigned managed identities to an IoT Hub.az iot hub identity show
: New command to show identity property of an IoT Hub.az iot hub identity show
: New command to update identity type of an IoT Hub.az iot hub identity remove
: New command to remove user/system-assigned managed identities from an IoT Hub.az iot hub routing-endpoint create
: New--identity
parameter allows choosing a user/system-assigned identity for routing endpoints.az iot hub route create
: New routing source-typeDeviceConnectionStateEvents
Kusto
- Update command group long summary
Network
- Bump api version from '2020-11-01' to '2021-02-01'
- New command group
az network lb address-pool tunnel-interface
az network lb frontend-ip update
: New parameter--gateway-lb
az network nic ip-config update
: New parameter--gateway-lb
az network rule create/update
: New parameter--backend-pools-name
az network vnet-gateway create
: Add new paramter--nat-rule
- Add new cmd group
az network vnet-gateway nat-rule
az network vpn-conncetion create
: Add new paramter--ingress-nat-rule
and--egress-nat-rule
az network vnet create
: Add new parameter--flowtimeout
Packaging
- Support Python 3.9
RDBMS
- Change IOPS logic for MySQL
- Prevent private DNS zone track2 migration breaking rdbms module
Service Fabric
- [BREAKING CHANGE]
az sf cluster certificate
: Remove all commands under this group. Please follow the instructions in Add a secondary certificate using Azure Resource Manager to add/remove cluster certificates. - [BREAKING CHANGE]
az sf managed-service update
: Remove deprecated parameter --drop-source-replica-on-move. - [BREAKING CHANGE]
az sf managed-service create
: Remove deprecated parameters --service-dns-name, --drop-source-replica-on-move and -instance-close-delay-duration. - [BREAKING CHANGE]
az sf cluster
: Rename parameter --vault-resource-group to --vault-rg. az sf managed-cluster and sf managed-node-type
: Set groups as not preview- Update azure-mgmt-servicefabricmanagedclusters package to the latest version 1.0.0 that uses 2021-05-01 GA api version.
az sf managed-cluster create
: Add parameters --upgrade-mode, --upgrade-cadence and --code-version.az sf managed-node-type
: Add parameters --data-disk-type, --is-stateless and --multiple-placement-groups.
SQL
az sql server create
: Add a space to split the concatenated words in the help message of the argument --assign-identity.az sql server update
: Add a space to split the concatenated words in the help message of the argument --assign_identity.
Storage
- [BREAKING CHANGE]
az storage share-rm delete
: Raise error when there are snapshots for target file share and add--include
to specify deleting target file share and its snapshots az storage blob generate-sas
: Add spaces to split the concatenated words in the help message of the arguments --cache-control, --content-disposition, --content-encoding, --content-language and --content-type.az storage blob url
: Add a space to split the concatenated words in the help message of the argument --snapshot.az storage container generate-sas
: Add spaces to split the concatenated words in the help message of the arguments --cache-control, --content-disposition, --content-encoding, --content-language and --content-type.- Upgrade storage API version to 2021-04-01
- Support default share permission
- Support cross tenant object replication
- GA blob inventory
az storage share-rm list
: Support list with snapshots.
May 06, 2021
Version 2.23.0
ACR
az acr check-health
: Add support to verify dns routings to private endpoints- Fix #17618: Update credential add/update handling for tasks created using --auth-mode
AKS
az aks update
: Add--windows-admin-password
to support updating Windows passwordaz aks update
: Support updating from SPN cluster to MSI cluster.az aks create
: Add--enable-encryption-at-host
parameter
App Service
- [BREAKING CHANGE] Update websites SDK to the latest version (azure-mgmt-web==2.0.0) & Adopt track2 SDK
- [BREAKING CHANGE] Rename
az staticwebapp browse
toaz staticwebapp show
- Add option of sku for
az staticwebapp create --sku
- Add command
az staticwebapp update
az webapp/functionapp config access-restriction add/remove
: Support for Service Tag, Http headers and multi-source rules.
ARM
az bicep
: Replace datetime APIs that are not available in Python 3.6az deployment group create
: Fix the compatibility issue of api-version for parameter--template-specs
Backup
az backup vault create
: Add tags as an optional argument- Make AFS configure backup flow idempotent
CDN
az cdn endpoint rule add
: Fix delivery rule creation for non-Microsoft SKU
Compute
- Extended location for Compute RP
az sig image-version create
: Support creating from a VHDaz vm create --count
: Support vnet and subnet configurationaz vmss extension upgrade
: Fix a bug- Add error message for
vm identity assign
- Zone-redundant storage (ZRS) managed disks
az disk create
: Trusted launchaz disk create
: Hibernation- Fix a compatibility issue of old API version
az sig image version create
: Support data disk VHDs
Feedback reference
- Do not minify feedback issue body
FunctionApp
- Fix issue with zip deploy where local time was provided but UTC was expected
- Update stacks api json to add PowerShell on Linux in Functions
HDInsight
- Add Incoming BREAKING CHANGE for removing default value of
--workernode-size
and--headnode-size
Key Vault
- [BREAKING CHANGE] Support soft-delete feature for managed-HSM.
keyvault delete --hsm-name
will perform soft delete on a MHSM.
Marketplace Ordering
- New command group
az term
to accept/show terms
Misc.
- Define theme for Cloud Shell
Monitor
- New command
az monitor metrics list-namespaces
Network
- [BREAKING CHANGE] az network dns record-set a show: Property
arecords
in output will be changed toaRecords
. - New command
az network express-route list-route-tables-summary
. - New command
az network express-route peering get-stats
. - New command
az network express-route peering connection list
. az network lb create
: Add new parameter--edge-zone
az network nic create
: Add new parameter--edge-zone
az network private-endpoint create
: Add new parameter--edge-zone
az network private-link-service create
: Add new parameter--edge-zone
az network public-ip create
: Add new parameter--edge-zone
az network public-ip prefix create
: Add new parameter--edge-zone
az network vnet create
: Add new parameter--edge-zone
- New Command
az network lb list-nic
az network application-gateway show-backend-health
: support probe operation arguments.az network vpn-connection list
: support parameter--vnet-gateway
.- New command
az network vnet-gateway disconnect-vpn-connections
. - New command
az network vnet-gateway vpn-client show-health
. - New command
az network vnet-gateway vpn-client ipsec-policy show
. - New command
az network vnet-gateway vpn-client ipsec-policy set
. - New command
az network vnet-gateway packet-capture start
. - New command
az network vnet-gateway packet-capture stop
. - New command
az network vnet-gateway show-supported-devices
. - New command
az network vpn-connection list-ike-sas
. - New command
az network vpn-connection packet-capture start
. - New command
az network vpn-connection packet-capture stop
. - New command
az network vpn-connection show-device-config-script
. az network private-link-resource list
: support more providers for--type
Packaging
- Bump python to
3.8.9
in docker image - Bump bundled python to
3.8.9
in MSI.
RDBMS
- [BREAKING CHANGE]
az mysql flexible-server create
:--storage-size
default value is changed from 10 to 32. az postgres flexible-server create
: Add--private-dns-zone
parameter for creating server with private access.
Role
az role assignment create/update
: Auto completeassignee_principal_type
SQL
az sql db create
: Add --ha-replicas argumentaz sql db replica create
: Add --ha-replicas argument- Allow short mw policy names for mi
SQL VM
- Make SqlServerLicenseType as optional
Storage
- Fix #16272 & #16853: Refine error message
az storage account create
: Add edge zone support- Support user assigned identity for storage account
az storage account create/update
: Support sas&key policy
Synapse
az synapse notebook create
: Create a notebook
April 19, 2021
Version 2.22.1
ARM
- Hotfix: Fix the issue that bicep build broken in Python 3.6
Key Vault
- Hotfix: GA for managed-HSM ralated commands and parameters
April 13, 2021
Version 2.22.0
ACR
- [BREAKING CHANGE]
az acr connected-registry install info
: Replace keys ACR_REGISTRY_NAME, ACR_SYNC_TOKEN_NAME, ACR_SYNC_TOKEN_PASSWORD, ACR_PARENT_GATEWAY_ENDPOINT, and ACR_PARENT_PROTOCOL with a new connected string key, ACR_REGISTRY_CONNECTION_STRING. - [BREAKING CHANGE]
az acr connected-registry install renew-credentials
: Replace keys ACR_REGISTRY_NAME, ACR_SYNC_TOKEN_NAME, ACR_SYNC_TOKEN_PASSWORD, ACR_PARENT_GATEWAY_ENDPOINT, and ACR_PARENT_PROTOCOL with a new connected string key, ACR_REGISTRY_CONNECTION_STRING. az acr connected-registry create
: Verify before the creation of the token and sync scope map that all ancestors are active.az acr connected-registry create
: Add the repository and gateway permissions required for creation to all the ancestors of the new connected registry if needed prior to the connected registry creation.az acr connected-registry delete
: Remove the gateway permissions of the deleted resources from all its ancestors' sync scope maps.az acr connected-registry repo
: New command to add repository permissions to a connected registry and all its ancestors' sync scope maps, and remove repository permissions from the connected registry and all its descendants' sync scope maps
AKS
az aks create
: Add support for--private-dns-zone
and--fqdn-subdomain
feature
App Config
- Configure max line width for YAML parser to stop wrapping output
- Fix bug in print preview of restore command
App Service
- Fix #17219: Fix ssl bind bug
- Remove preview flag for Python 3.9 in create function app command
- Bugfix: Handle if only single publish profile is returned
- Fix #16203: az webapp log tail supports webapps running on Linix.
ARM
- [BREAKING CHANGE]
az bicep build
: Change the parameter--files
to--file
- [BREAKING CHANGE]
az bicep decompile
: Change the parameter--files
to--file
- Fix #17379: bicep auto install results in invalid json output from deployment
az bicep build
: Add a parameter--outdir
for specifying the output directoryaz bicep build
: Add a parameter--outfile
for specifying the output file path- Fix an issue where checking version upgrade for Bicep CLI throws exception if GitHub API rate limit is hit
az policy exemption
: Add new commands to support policy exemption
Backup
- Fix #14776: Fix
--force
parameter functionality foraz backup vault delete
command - Fix on demand backup
az backup protectable-item list
: Add optional parameter--backup-management-type
- Fix policy create with rgNamePrefix and rgNameSuffix
az backup protectable-item list
: Add--server-name
as an optional argument
Compute
az ssh vm
: Support VM SSH with Service Principal- Add VMSS Rolling Upgrade opt
- New command:
vm install-patches
- Disk encryption set: Add
--enable-auto-key-rotation
Container
- Fix #16499:
az container create
: Fix handling of return value from network_profiles.create_or_update
Cosmos DB
- Support for managed service identity & default identity
EventGrid
az eventgrid system-topic create/update
: Add MSI Supportaz eventgrid [partner topic | system-topic] event-subscription
: Add support for StorageQueueMessageTTL, AdvancedFilters, EnableAdvancedFilteringOnArraysaz eventgrid [partner topic | system-topic] event-subscription
: Add support for delivery attributeaz eventgrid topic create
: Add support for creating topic for azure or azurearc
Interactive
- Fix #16931: Fix
KeyError
inaz interactive --update
NetAppFiles
az netappfiles account ad add
: Optional parameter added named allow-local-ldap-usersaz netappfiles volume create
: Optional parameter added named ldap-enabledaz netappfiles volume backup status show
: Operation added- Update backup tests
Network
az network vnet-gateway
:--vpn-auth-type
allow multi value
Packaging
- [BREAKING CHANGE] RPM installed az now uses
python3
instead of hard-coded/usr/bin/python3
.
RDBMS
- Allow DB server private access from different subscription
- Modify server create with private network, fix restore time bug
Search
az search service create
: Add async (--no-wait) options.az search service update
: Add async (--no-wait) options.az search shared-private-link-resource create
: Add async (--no-wait) options.az search shared-private-link-resource update
: Add async (--no-wait) options.
Service Fabric
- Add managed application cli commands
Storage
az storage fs directory upload/download
: Support adls gen2 file system directory upload&downloadaz storage fs file list
: Support --show-next-markeraz storage share-rm
: Support create/show/delete snapshots
Synapse
- [BREAKING CHANGE]
az synapse role assignment create
: Role names at old version are not allowed, Sql Admin, Apache Spark Admin, Workspace Admin - [BREAKING CHANGE]
az synapse role assignment create
: When --assignee argument can't uniquely determine the principal object, the command will raise error instead of adding a role assignment for the uncertain principal object. az synapse role scope list
: List all scopes synapse supports.az synapse role assignment create/list/delete
: Add --scope/--item-type/--item arguments to support manage role assignments based on scope.az synapse role assignment create/list/delete
: Add --assignee-object-id argument, it will bypass Graph API and uniquely determine principal object instead of deducing principal object using --assignee argument.
March 23, 2021
Version 2.21.0
ACR
- Output a trace in
az acr login
for self-diagnosing potential docker command latency - Fix #17172: When run check-health behind corporate proxy
acr update
: Support anonymous pull- Fix #16700: Use "exists" api to check storage blob existence
AKS
aks update
: Add--no-uptime-sla
- Fix cross-sub assigning identity error and attach acr error
- Add support for node public IP prefix ID
APIM
- [BREAKING CHANGE]
apim backup
:--storage-account-container
not support multi-value. - [BREAKING CHANGE]
apim restore
:--storage-account-container
not support multi-value.
App Service
- [BREAKING CHANGE] Fix #16087:
az webapp config ssl create
: set--name
parameter as required. - Fix #17053:
az webapp show
return null values for SiteConfig properties - Fix #17207:
az webapp log config
: 'level' always defaults to verbose
ARM
az bicep build
: fix an issue where build warnings are not shown
Backup
- Add
id_part
for sub-resource names to fix--ids
- Fix #17094: Created separate test suite for CRR tests
az backup protection check-vm
: Add--vm
and--resource-group
as optional params
Cache
- GA
az cache
CDN
az afd rule create
: Fix--help
message
Compute
- Fix a Windows vm user update bug
- Fix #16585:
az vmss deallocate
:--instance-ids
failed az vm create
: New parameter--platform-fault-domain
in FLEX VMSS modeaz vm create
:--patch-mode
for Linux VMaz ssh vm
: Automatically launch browser when getting certificate failsaz vm create
: New parameter--count
az vm create
: Trusted Launch- Fix #16037: az vm open-port accepts list of ports
Extension
- Add actionable message when an extension is not compatible with the CLI core
Key Vault
az keyvault role definition list
: Support--custom-role-only
to list only custom role definitions- Support keyvault custom role definition
- Add
--no-wait
for commandaz keyvault security-domain download
and--target-operation
for commandaz keyvault security-domain wait
NetAppFiles
az netappfiles account backup show
: Operation added.az netappfiles account backup delete
: Operation added.az netappfiles account ad add
: Parameter--ldap-over-tls
added.az netappfiles account create
: Parameter--encryption
added.az netappfiles account update
: Parameter--encryption
added.az netappfiles volume create
: Parameter--encryption-key-source
added.az netappfiles volume create
: Default export policy removed for nfsv4.1 and optional parameters added for setting up an export policy for nfsv4.1: rule_index, unix_read_only, unix_read_write, cifs, allowed_clients
Network
az network public-ip prefix create
: Support--zone 1 2 3
az network lb frontend-ip create
: Support--zone 1 2 3
- Bump version from '2020-08-01' to '2020-11-01'
az network lb address-pool
: Support subnet when creating or updating an IP-based backend pool of a load balancer.
RDBMS
- Added tests for flexible server team pipeline
- Python SDK migration
- Added PostgreSQL database create, show, and delete feature
- Updating Python SDK to 8.1.0b2
Role
az ad app permission list/grant
: Refine error message when no associated Service Principal exists for the App
Search
az search
: GA
Service Fabric
az sf certificate
: deprecate cluster cert commands.
SQL
- Add Server Trust Group commands
Storage
- Fix #16917:
az storage account generate-sas
fails if a connection string is provided - Fix #16979:
az storage container create
fails when providing storage container metadata
Upgrade
- Fix #16952: Fix ImportError after upgrade
Misc.
- Allow configuring theme
March 02, 2021
Version 2.20.0
AKS
- Add support for SGX addon 'confcom'
AMS
- Update module to use 2020 Azure Media Services api.
az ams account encryption
: New subgroup to show or set the encryption for the media service accountaz ams account storage set-authentication
: New command to set the authentication for the storage account associated with the media service accountaz ams account create (mi-system-assigned)
: New --mi-system-assigned parameter for account create to set the managed identity of the media accountaz ams account mru set
: This command will no longer work for Media Services accounts that are created with the 2020-05-01 version of the API or later.az ams live-event create (stretch-mode, key-frame-interval, transcrip-lang, use-static-hostname, custom hostname)
: Add new parameter options to live-event create commandaz ams live-event standby
: New command to put the live event in standby modeaz ams transform create (videoanalysismode, audioanalysis mode)
: New parameter options for transform create
App Service
az webapp config ssl bind
: handle if webapp and appservice plan in different rg. Also reference text updates- Fix #8743: az webapp deploy
- Bugfix: Add generateRandomAppNames.json to setup
az functionapp create
: Add preview support for creating dotnet-isolated apps.- Fix #12150: Support for subnet ID in vnet-integration add
az functionapp create
: Remove preview flag from Node.js 14.
ARM
az deployment group/sub/mg/tenant validate/create/what-if
: Add support for Bicep filesaz bicep install
: New command for installing Bicep CLIaz bicep upgrade
: New command for upgrading Bicep CLIaz bicep build
: New command for building Bicep filesaz bicep version
: New command for showing the current installed version of Bicep CLIaz bicep list-versions
: New command for showing the available Bicep CLI versionsaz managedapp definition update
: Add new command for updating managedapp definition
Backup
az backup recoverypoint show-log-chain
: Add start/end time in show-log-chain table output- BugFix: Enable Alternate Location Restore for SQL/SAPHANA protected items
CDN
- Add cli support for AFD SKU
Compute
az vm (extension) image list
: Make it more robustaz vmss create
: Fix a license type issue- Upgrade API version to 2020-12-01
az vm create
: add--enable-hotpatching
Cosmos DB
- Upgrade to version 3.0.0 and add support for NetworkAclBypass + Update Mongo ServerVersion + backup policy
Extension
- Support config of extension index url
IoT Central
az iot central app
: Address several S360 fixesaz iot central app update
: Remove the need of checking etag when updating the existing iotc app.- Change the resourceType (IotApps) to be in camel case.
Key Vault
- [BREAKING CHANGE]
az keyvault role assignment/definition list
:roleDefinitionName
should beroleName
in command output - [BREAKING CHANGE]
id
changes to bejobId
,azureStorageBlobContainerUri
changes to befolderUrl
in command output ofaz keyvault backup/restore
,az keyvault key restore
Network
- Bump version from '2020-07-01' to '2020-08-01'
az network public-ip create
: Support '--zone 1 2 3' after '2020-08-01'az network routeserver peering
: Rename--vrouter-name
by--routeserver
az network express-route peering create
: Support ipv6 addressaz network public-ip create
: Expose a new argument--tier
OpenShift
- Update of az openshift deprecation warning
Search
az search
: Fix the--identity-type
helper's guide.
SQL
- Update az sql mi examples
az sql db/elastic-pool create/update
: Add maintenance-configuration argumentaz sql db replica create
: Add --secondary-type argument
Storage
- [BREAKING CHANGE]
az storage account file-service-properties
: Default to enable delete retention policy with retention days 7 in server side - Fix #16872: az storage blob now (2.19) requires login even if connection-string is provided
- Fix #16959: az storage copy crashes: ValidationError: local variable 'service' referenced before assignment
- Fix #14054: 'NoneType' object has no attribute 'name'
- Fix #16679:
az storage blob download
fails with "Permission denied" if the destination file is a directory - Upgrade storage api version to 2021-01-01
- Support version in Lifecyle management policy
- Support storage account shared key access management
az storage account network-rule
: GA resource access rules- Support double encryption for encryption scope
az storage account blob-service-properties update
: Support --change-feed-retention-days- Support rewrite existing blob
February 10, 2021
Version 2.19.1
Key Vault
- Hotfix: Dependency package
azure-keyvault-administration
is pinned to 4.0.0b1
February 09, 2021
Version 2.19.0
ACR
az acr connected-registry install info
: Add new keyACR_SYNC_TOKEN_NAME
with the same value asACR_SYNC_TOKEN_USERNAME
. A warning that the latter will be deprecated is displayed.az acr connected-registry install renew-credentials
: Add new keyACR_SYNC_TOKEN_NAME
with the same value asACR_SYNC_TOKEN_USERNAME
. A warning that the latter will be deprecated is displayed.
AKS
- Add managed cluster stop/start bindings
az aks check-acr
: Fix Kubernetes version check
APIM
- GA the command group
App Config
- [BREAKING CHANGE]
az appconfig feature filter add
: Support adding JSON objects as feature filter parameter values
App Service
az appservice ase/plan
: Support ASEv3- Fix #16026 and #16118 for az appservice plan
- Fix #16509: Add support for os-preference
- Improve behavior of appservice ase create-inbound-services to allow skipping DNS services and support DNS for ASEv2
az webapp up/az webapp create
: Fix nonetype errorsaz webapp up/create
: better error handling of app name with period- Fix #16681:
az webapp config ssl import
: Fix bug that causes failures on national clouds
ARM
az provider register
: Support registering management group
Backup
- Add CRR functionality for IaaSVM and other CRR commands
az backup protectable-item list
: Add protectable-item-type as an optional argument
BotService
az bot create/update
: Add Encryption features--cmk-key-url
and--encryption-off
az bot update
: Rename Encryption-OFF arg to CMK-OFF and updating api version
Compute
- [BREAKING CHANGE] vmss create: Rename orchestration mode values
- New command group sshkey. Allow referencing a SSH key resource when creating a VM
az disk create/update
: Add parameter--enable-bursting
to support disk bursting
Extension
- Support extension command prefix match for dynamic install
HDInsight
az hdinsight create
: Add a new parameter--enable-compute-isolation
to support create cluster with compute isolation feature.
Key Vault
az keyvault key import
: Support--curve
parameter for importing BYOK keysaz keyvault certificate download
: Fix deprecated/removed method callaz keyvault create/update
: Remove preview tag for--enable-rbac-authorization
Monitor
az monitor metrics alert create
: Fix 'resource is not found' error
NetAppFiles
az netappfiles account ad add
: Add parameter--security-operators
.az netappfiles volume create
: Add parameter--smb-continuously-available
.az netappfiles volume create
: Add parameter--smb-encryption
.az netappfiles
: No longer in preview mode.
Network
- [BREAKING CHANGE]
az network vrouter
: Depracate this command group, please useaz network routeserver
. az network routeserver
: Add new command group.az network application-gateway create
: Add parameter--ssl-profile-id
az network application-gateway client-cert
: Manage trusted client certificate of application gatewayaz network application-gateway ssl-profile
: Manage ssl profiles of application gateway- Add support for private endpoint connections to DigitalTwins
Profile
az login
: Launch browser in WSL 2
RDBMS
az mysql flexible-server create --iops
: Allow user to choose IOPS for their SKU.- Update Postgres restore command to support available zone
Search
- Upgrade to use the latest (8.0.0) azure-mgmt-search python sdk
az search create
: Add support for search service creation with IP rules, public endpoint access and/or msiaz search update
: Add support for search service update with IP rules, public endpoint access and/or msiaz search private-endpoint-connection
: Manage private endpoint connection to a search serviceaz search shared-private-link-resource
: Manage shared private link resources in a search serviceaz search private-link-resource
: List available private link resources in a search service
Security
- Add new commands for
az security
SQL
- Add managed hsm regex match to SQL
- Upgrade azure-mgmt-sql to 0.26.0
az sql mi create/update
: Add support for maintenance configuration in managed instance operations- Support SQL server DevOps audit policy commands
Storage
- Fix #16079: public blob gives error
- GA Storage routing reference
- Fix #9158: Cannot generate a working SAS key from a policy
- Fix #16489: Upgrade azcopy to 10.8.0
az storage account blob-service-properties
: Support default service version- Fix #16519: azcopy is given more powerful SAS than needed (has write, only needs read)
Synapse
az synapse workspace create
: Add parameter--key-identifier
to support to create workspace using customer-managed key.az synapse workspace key
: Add CRUD cmdlets to support to manage keys under specified synapse workspace.az synapse workspace managed-identity
: Add cmdlets to support CRUD managed identity to sql access setting.az synapse workspace
: Add data exfiltration protection support, add parameter--allowed-tenant-ids
.
January 19, 2021
Version 2.18.0
ACR
az acr create / update
: Add--allow-trusted-services
. This parameter determines whether trusted azure services are allowed to access network restricted registries. The default is to allow.
AKS
az aks check-acr
: Add new check-acr command
App Service
- Fix #13907:
az webapp config ssl import
: Change command to also import App Service Certificate - Fix #16125:
az webapp ssh
: If using a windows client, open browser to scm link - Fix #13291:
az webapp deployment slot swap
: The command should support preserve vnet. - [BREAKING CHANGE] Fix regression where you can't use a runtime version with a space in the name
ARM
az deployment
: Add support for--query-string
az ts
: Error handling improvement for--template-file
without--version
prohibited
Backup
az backup protection backup-now
: Set default retention period to 30 days
Compute
- Fix issue of none storage_profile
- Better error handling of external tokens
- Fix a vmss reimage issue
az vm/vmss extension set
: New parameter--enable-auto-upgrade
Container
az container exec
: Remove eol check to avoid closing terminal before it even started on linux
DMS
az dms project task create
: Added task type parameter to help distinguish if a scenario is an online migration or an offline migration.az dms project task cutover
: Add new command which allows tasks with an online migration task type to cutover and end the migration.az dms project create/az dms project task create
: Enable MySQL and PostgreSQL projects/tasks to be created.
IoT
- Add --tags to IoT Hub create and update
Monitor
- [BREAKING CHANGE]
az monitor log-analytics workspace data-export
: Remove deprecated--export-all-tables
parameter and require--tables
parameter
RDBMS
- Remove the preview tag for server key and ad admin commands for Postgres and MySql
Role
- Fix #11594:
az role assignment create
: Only show supported values for--assignee-principal-type
Storage
- Fix #16072: Upload file with big size
- Fix #12291:
az storage blob generate-sas
does not properly encode--full-uri
- GA PITR and blob service properties in SRP
January 04, 2021
Version 2.17.1
RDBMS
- Hotfix:
az mysql create
: Revert incorrect parameter name 'serv_name' to 'service_name'
December 29, 2020
Version 2.17.0
ACR
- Support zone redundancy
az acr connected-registry
: New feature for on-prem Azure Container Registryaz acr scope-map update
: --add and --remove are deprecated, they are renamed to --add-repo --remove-repoaz acr scope-map create/update
: Add support to handle Gateway actions.az acr token create
: support added for gateway actions
AKS
- Fix: add arguments removed by a previous PR
az aks get-credentials
: Clarify documentation for get-credentials
App Service
- Allow customer to create Python 3.9 function app
- Fix #14583: az webapp up should generate default name if name isn't provided
- Fix: Better error handling when trying to create duplicate ASP in diff location
ARM
az ts
: Add support for --tagsaz ts
: Support deleting a single versionaz provider register
: Add --accept-terms for registering RPaaS- Fix parsing JSON files with multi-line strings
ARO
az aro delete
: Add RBAC validation on cluster deletionaz aro update
: Add RBAC validation on cluster update- Ensure worker_profile is not None before getting the subnets from
Backup
az backup job list
: Solve -o table bug and added backup_management_type as command input
Batch
- Upgrade data plane to azure batch 10.0.0
- [BREAKING CHANGE] az batch job task-counts: Change the output from a JSON object returning task counts to a complex JSON object that includes task counts (
taskCounts
) as well as task slot counts (taskSlotCounts
).
Compute
- New license type RHEL_ELS_6
- Adopt track2 SDK, azure-mgmt-compute==18.0.0
Container
- Fix misspelling in
az container create
CLI example text.
DataBoxEdge
- New command module: support for data-box-edge devices and management
IoT
- Update device key generation
- Update identity-enabled hub tests to fix endpoint RBAC issues
Key Vault
az keyvault key import
: Support--kty
for importing BYOK keys
Monitor
az monitor metrics alert create
: Improve error message to give more actionable insight
Network
az network private-endpoint create
: Add more declaration of '--subnet' and '--private-connection-resource-id'- Change validator of application-gateway ssl-cert create
- Migrate network to track2 SDK
- Fix bug for "az network traffic-manager profile create" when using "--routing-method MultiValue"
Profile
- Fix "missing secret or certificate in order to authenticate through a service principal"
Role
az ad sp create-for-rbac
: Deprecate creating Contributor role assignment by default
Security
- Add secure score commands
- Fix update alert command and support new value
SQL
az sql dw update
: do not accept backup-storage-redundancy argumentaz sql db update
: update backup storage redundancy as requested from command
Storage
- Fix issue #15965: Clarify how to remove multiple legal hold tags with
az storage container legal-hold [clear|set]
az storage account encryption-scope
: GA support- Fix issue #9959: Trying to download a snapshot version of a file share fails with ResourceNotFound
Synapse
- Add new cmdlets az synapse sql ad-admin show, create, update, delete
- Add new cmdlet az synapse workspace firewall-rule update
- Add new cmdlets az synapse sql audit-policy show, update
- Add integration runtime related cmdlets
December 08, 2020
Version 2.16.0
ACR
- Update description for KEK param
AKS
az aks nodepool add/update/upgrade
: Take max surge parameter- Add support for AGIC addon
- Change MSI cluster to default
APIM
az apim restore
: New command to restore a backup of an API Management service
App Service
- Fix #14857: Let users update webapp config even with access restriction
az functionapp create
: Accept--runtime python
and--runtime-version 3.9
as Azure Functions v3 parameter- Fix #16041: az webapp config ssl create results in unknown error
ARM
az deployment-scripts
: Remove preview flag
Backup
- Fix #14976: CLI error improvements for ValueError and AttributeError cases
az backup protection undelete
: Add support for AzureWorkload protection undelete using CLI- Fix Bad Request Error for Correct Workload Type Input
CDN
- Add preview multi-origin support.
- Add BYOC auto-rotation.
Key Vault
az keyvault key/secret list
: Add a parameter--include-managed
to list managed resources
Monitor
az monitor metrics alert create
: Support dynamic thresholds for condition parameteraz monitor metrics alert update
: Support dynamic thresholds for condition parameteraz monitor metrics alert dimension create
: Build a metric alert rule dimensionaz monitor metrics alert condition create
: Build a metric alert rule condition
MySQL
- Add MySQL version upgrade CLI
NetAppFiles
az netappfiles account ad add
: Two optional parameters added, aes_encryption and ldap_signingaz netappfiles account backup-policy update
: Three optional parameters added named tags, type and idaz netappfiles snapshot policy create
: An optional parameter added named provisioning_state
Network
az network network watcher configure
: Fix NetworkWatcherCountLimitReached error caused by case sensitivity of location valueaz network application-gateway http-listener
: Fix bug that cannot create and update with WAF policy nameaz network route-table
: Deprecate route table V1az network cross-region-lb
: Support cross-region load balanceraz network express-route port generate-loa
: New command to generate and download the PDF letter of authorization for a ExpressRoutePort
Packaging
- Add Ubuntu Groovy package
RDBMS
- Add single server show-connection-string and tests for local-context commands, server creation
Role
- Add long-summary/warning for commands generating credentials
Search
- Add SKU option
Service Fabric
- Update SF app docs. only support for arm deployed resources
Synapse
- Support synapse sql dw cmdlets and update az synapse workspace create cmdlet
November 20, 2020
Version 2.15.1
Profile
- Hotfix: Fix #15961: az login: UnboundLocalError: local variable 'token_entry' referenced before assignment
November 17, 2020
Version 2.15.0
ACS
- Add v3 deprecation warnings
AKS
- Add ephemeral os functionality
- Engineering improvement: Replace addon strings with constants
az aks install-cli
: Support customize download urlaz aks browse
: Point to Azure Portal Kubernetes resources view if k8s >=1.19 or kube-dashboard not enabled- Support BYO control plane identity
az aks use-dev-spaces
: Indicate that dev-spaces commands are deprecated
AMS
- Change "region" to "location" in output string: az ams account sp create
App Config
- Fix key vault client initialization
App Service
- Fix #13646: Unable to create App Service Plan in a different resource group to App Service Environment
- Fix #11698 #15198 #14862 #15409: az webapp/functionapp config access-restriction add
az functionapp create
: Add Node 14 preview support.az functionapp create
: Remove preview flag from custom handlers.- [BREAKING CHANGE] az functionapp update: Migrate a functionapp from Premium to Consumption plans now requires the '--force' flag.
az functionapp update
: Add error message if functionapp migration involves any plans on Linux.az functionapp update
: Add more descriptive error message if functionapp migration fails.
ARM
- Fix an issue where What-If shows two resource group scopes with different casing
az deployment
: Print out error details for deployment
Backup
- Fix #14976: KeyError fixed and help text improved
Batch
- Fix #15464: Update check for pfx file without password in batch create_certificate
Billing
- [BREAKING CHANGE] az billing invoice: Remove properties BillingPeriodsNames and DownloadUrlExpiry from the response.
az billing invoice
: Support many other scopes like BillingAccount, BillingProfile and existing subscription.az billing account
: New commands to support display and update existing billing accounts.az billing balance
: New commands to support display balance of a billing profile.az billing customer
: New commands to support display customer of billing account.az billing policy
: New commands to support display and update policy of a customer or a billing profile.az billing product
: New commands to manage products of a billing account.az billing profile
: New commands to manage a billing profile.az billing property
: New commands to display and update a billing account's properties.az billing subscription
: New commands to manage the subscriptions for a billing account.az billing transaction
: New commands to list transaction of an invoice.az billing agreement
: New commands to manage billing agreement.az billing permission
: New commands to manage billing permission.az billing role-assignment
: New commands to manage role assignment.az billing role-definition
: New commands to display role definition.az billing instruction
: New commands to manage instructions of billing.
Compute
- Fix update permission check issue
- Enhancement of vm list-skus table format
- vm host group create: Make --platform-fault-domain-count required and update help
- Support update vm/image version when they use cross tenant images
DPS
- Allow tags in IoT DPS create command
HDInsight
- az hdinsight create: Add two parameters
--resource-provider-connection
and--enable-private-link
to support relay outbound and private link feature.
Key Vault
- Refine error messages for HSM
list-deleted
andpurge
- Support selective key restore for managed HSMs
NetAppFiles
- [BREAKING CHANGE] az netappfiles pool update: Remove service-level from parameters.
az netappfiles pool update
: Add optional parameter qos-type.az netappfiles pool create
: Add optional parameter qos-type.az netappfiles volume replication suspend
: Add force-break-replication as optional parameter.- Add az netappfiles volume replication re-initialize: New command is added to re-initialise replication.
- Add az netappfiles volume pool-change: New command to change the pool of a volume.
- Add az netappfiles snapshot policy: New command group with list, delete, update, show, create and volumes commands.
- Add az netappfiles account backup: New command group with show, list and delete commands
- Add az netappfiles volume backups: New command group with show, list, delete, update and create commands.
- Add az netappfiles account backup-policy: New command group with show, list, delete, update and delete commands.
- Add az netappfiles vault list: New command is added.
az netappfiles account ad add
: Add optional parameters kdc-ip, ad-name, server-root-ca-certificate and backup-operatorsaz netappfiles volumes create
: Add optional parameters snapshot-policy-id, backup-policy-id, backup-enabled, backup-id, policy-enforced, vault-id, kerberos-enabled, throughput-mibps, snapshot-directory-visible, security-style, kerberos5-read-only, kerberos5-read-write, kerberos5i-read-only, kerberos5i-read-write, kerberos5p-read-only, kerberos5p-read-write and has-root-access.az netappfiles volume update
: Add optional parameters vault-id, backup-enabled, backup-policy-id, policy-enforced and throughput-mibps
Network
- Fix bug that can't create a Standard_v2 application-gateway without a private static IP address
az network dns zone import
: Raise FileOperationError instead of FileNotFoundError if zone file doesn't exist- Fix NoneType error crash while deleting nonexisting resources of ApplicationGateway, LoadBalancer, Nic
Private DNS
az network private-dns zone import
: Raise FileOperationError instead of FileNotFoundError if zone file doesn't exist
Profile
az login
: Add back the warning that a browser is opened
Role
az role assignment create
: Make--description
,--condition
,--condition-version
preview
Security
az security pricing
: Update help to reflect current API version being called
Storage
- Fix #15600: az storage fs exists: in case fs does not exist ResourceNotFoundError is returned
- Fix #15706: The examples for storage container create are incorrect
az storage blob delete-batch
: Correct typo in documentation.
November 09, 2020
Version 2.14.2
App Service
- Fix #15604, #15605: Add Dotnet5 support
November 06, 2020
Version 2.14.1
ARM
- Hotfix: Add TS multiline string support for template inputs
October 27, 2020
Version 2.14.0
AKS
- Add PPG support
- Update max standard load balancer timeout to 100 minutes
APIM
- Fix issue with creating consumption tier instance
App Config
- Fix querying key-values by comma separated labels
App Service
- Bugfix: az webapp up fails when user doesn't have write permissions to project's parent directory
- Fix #13777: Fix to remove escape chars from XML
- Fix #15441: az webapp create-remote-connection fails with AttributeError: 'Thread' object has no attribute 'isAlive'
- [BREAKING CHANGE] az webapp up: add optional params (os & runtime) and updated runtimes
ARM
- Make template deployment What-If commands GA
- [BREAKING CHANGE] Add user confirmation for az ts create
- Fix the returned data when tagging multiple resources
Backup
az backup policy create
: Add support for IaaSVM backup policy creation from CLI- Increasing VM protection limit from 100 to 1000
Compute
- sig image-definition create: add --features
- New API version of gallery_images 2020-09-30
az vm update / az sig image-version update
: Support update vm/image-version even it uses a cross tenant image- Remove validation of vm host SKUs
Cosmos DB
az cosmosdb create/update
: Improve error message from incorrect --locations inputaz cosmosdb sql container create/update
: Add --analytical-storage-ttl parameter
HDInsight
- [BREAKING CHANGE] az hdinsight create: remove two parameters: --public-network-access-type and --outbound-public-network-access-type
IoT Central
- Remove preview warning since it is already GAed
Key Vault
- Invalidate
--enable-soft-delete false
while creating or updating vaults - Make
--bypass
and--default-action
work together with network acl parameters while creating vaults
Misc.
- Add bash-completion to Dockerfile
RDBMS
- Add List-SKUS Command, Table Transformers, Local Context for Postgres, MySQL, Mariadb Single Server
- [BREAKING CHANGE] Parameter name updates. Improvements to Management Plane for MySQL and PostgreSQL
az postgres|mariadb|mysql server create
: Update create experience for Postgres, MySQL and MariaDB - new fields in the output , Introduce new values for--public
parameter in create command (all,<IP>,<IPRange>,0.0.0.0)
SignalR
az signalr create
: Add new option--enable-messaging-logs
for controling service generate messaging logs or notaz signalr update
: Add new option--enable-messaging-logs
for controling service generate messaging logs or not
SQL
- [BREAKING CHANGE] Fix response for backup storage redundancy param name and value for MI
az sql db audit-policy show
: extend to show database's audit policy including LA and EH dataaz sql db audit-policy update
: extend to allow LA and EH update along with database's audit policyaz sql db audit-policy wait
: place the CLI in a waiting state until a condition of the database's audit policy is met.az sql server audit-policy show
: extend to show servers's audit policy including LA and EH dataaz sql server audit-policy update
: extend to allow LA and EH update along with server's audit policyaz sql server audit-policy wait
: place the CLI in a waiting state until a condition of the server's audit policy is met.- Add AAD-only Support for SQL Managed Instances and Servers
az sql db replica create
: Add --partner-database argument
Storage
- Fix #15111:
az storage logging update
fails without optional argument - Fix bug when using set-tier command with service principal login
- Upgrade version for file datalake to 2020-02-10
az storage queue list
: Track2 supportedaz storage fs access
: Support managing ACLs recursively
Synapse
- Add pipeline, linked service, trigger, notebook, data flow and dataset related cmdlets
October 13, 2020
Version 2.13.0
ACR
az acr helm
: Update deprecation url- Add logtemplate and systemtask changes for ACR Tasks
AKS
- Support virtual-node with aks create:
az aks create --enable-addons virtual-node
- Add node image only option for CLI
- Expect kube-dashboard addon be disabled by default
az aks create/update
: Add LicenseType support for Windows- Support add Spot node pool
- Honor addon names defined in Azure CLI
AMS
- Fix #14687: Mixed resource group and account name in command "az ams streaming-endpoint show"
App Config
- Fix test bug
- Support AAD auth for data operations
App Service
az functionapp deployment source config-zip
: Fixed an issue where config-zip could throw an exception on success on linux consumption- Bugfix: Better error messages for webapp commands
az appservice domain create, show-terms
: Add ability to create app service domainaz functionapp create
: Removed the preview flag from Java 11 when creating a new function app- [BREAKING CHANGE] az webapp create, az webapp up - Update available webapp runtimes
ARM
az ts
: Add new commands for template specsaz deployment
: Add support for --template-spec -s
Compute
- Fix host group creation FD count limitation
- Add new command to support upgrading extensions for VMSS
- Fix the image reference is missing issue
HDInsight
az hdinsight create
: add deprecate information for argument --public-networrk-access-type and --outbound-public-network-access-typeaz hdinsight create
: add deprecate information for argument--public-networrk-access-type
and--outbound-public-network-access-type
az hdinsight create
: add parameter--idbroker
to support customer to create ESP cluster with HDInsight Id Broker
IoT Central
- Remove deprecated 'az iotcentral' command module
Key Vault
- Support
--hsm-name
foraz keyvault key encrypt/decrypt
Lab
- Fix #14127:
__init__()
takes 1 positional argument but 2 were given
Network
az network application-gateway ssl-cert show
: Add example to demonstrate certificate format and fetch informationaz network application-gateway rule
: Support --priority optionaz network application-gateway create
: Fix bug that cannot create without public IP sepcifiedaz network application-gateway waf-policy managed-rule rule-set add
: Expose server error to user to give more intuitive hint message.az network application-gateway waf-policy managed-rule rule-set update
: Support to change rule set type version.
RDBMS
- Bugfix: az postgres flexible-server create Remove hardcoded API version from network client.
Role
- Fix #15278:
az role assignment list/delete
: Forbid empty string arguments
SQL
az sql midb log-replay
: Support for log replay service on managed database- Ignore character casing for backup storage redundancy param value for managed instance
- [BREAKING CHANGE] az sql db create: Add --backup-storage-redundancy parameter; add warning for unspecified bsr/bsr == Geo.
SQL VM
az sql vm show
: Add configuration options to --expand flag
Storage
- [BREAKING CHANGE]
az storage blob copy start
: Fix format issue for--destination-if-modified-since
and--destination-if-unmodified-since
- [BREAKING CHANGE]
az storage blob incremental-copy start
: Fix format issue for--destination-if-modified-since
and--destination-if-unmodified-since
az storage fs
: Fix connection string issueaz storage share-rm
: GA release access tieraz storage container-rm
: Add a new command group to use the Microsoft.Storage resource provider for container management operations.
September 29, 2020
Version 2.12.1
RDBMS
- Hotfix:
az postgres flexible-server create
: Update VnetName to exclude servername and update default region for MySQL
September 22, 2020
Version 2.12.0
ACR
- Fix #14811 Add support for dockerignore override
AKS
- CLI should tolerate empty kubeconfig
- FIX #12871: az aks enable-addons: Autogenerated help example is wrong for vitual-node option
- Remove legacy aci connector actions
- Support azure policy addon in azure-cli
- Fix case sensitive issue for AKS dashboard addon
- Update mgmt-containerservice to 9.4.0 and enable 09-01 API
APIM
- Support product / productapi / namedValue entity commands && bump sdk version
App Config
- Support enabling/disabling PublicNetworkAccess for existing stores
App Service
- Add support for Premium V3 pricing tier
- Fix #12653: az webapp log config --application-logging false doesn't turn it off
- Fix #14684: access-restriction remove by ip address does not work; #13837-az webapp create - Example for different RSgroups for Plan and WebApp
- functionapp: Add support for custom handlers. Deprecated Powershell 6.2.
- functionapp: Fix issue where app setting was being incorrectly set for linux custom images
ARM
az deployment group/sub/mg/tenant what-if
: Show "Ignore" resource changes last
Compute
- Add new license_type in vm create/update: RHEL_BYOS, SLES_BYOS
- Upgrade disk API version to 2020-06-30
- disk create: add --logical-sector-size, --tier
- disk update: Support --disk-iops-read-only, --disk-mbps-read-only, --max-shares
- New command disk-encryption-set list-associated-resources
- vm boot-diagnostics enable: --storage becomes optional
- New command: vm boot-diagnostics get-boot-log-uris
- vm boot-diagnostics get-boot-log: support managed storage
Config
- Rename local-context to config param-persist
Cosmos DB
- Support for Migration APIs for Throughput resource for Autoscale feature in CosmosDB
Eventhub
Added Cluster commands and trusted_service_access_enabled parameter for Networkruleset
Extension
az extension add
: Add--upgrade
option to update the extension if already installed- Turn on dynamic install by default
IoT
- Enabled minimum TLS version on IoT Hub Create
IoT Central
- App delete operation is now long running operation
Iot Hub
- Deprecated 'show-connection-string' command
Key Vault
- Managed HSM public preview
- Fix the issue that
--maxresults
does not take effect while listing resources or resource versions
Kusto
- Add deprecating message
Monitor
az monitor log-analytics workspace linked-storage
: expose detailed error message to customers
Network
az network vnet subnet
: Support --disable-private-endpoint-network-policies and --disable-private-link-service-network-policies- Fix bug while updateing flow-log when its subproperty network_watcher_flow_analytics_configuration is None
- API version bump to 2020-06-01
- Support --tcp-port-behavior while configuring a TCP configuration of a Connection Monitor V2
- Support more types and coverage level while creating Endpoint of Connection Monitor V2
- Support --host-subnet to create VirtualHub underneath as VirtualRouter
RDBMS
- Management Plane updates for PostgreSQL and MySQL
Role
az role assignment create/update
: Support--description
,--condition
and--condition-version
az ad app permission delete
: Support--api-permissions
to delete specificResourceAccess
Service Fabric
- Add managed cluster and node type commands
SQL
- Upgrade azure-mgmt-sql to 0.20.0
- Add backup storage redundancy optional parameter to MI create cmdlet
Storage
az storage share-rm stats
: Get the usage bytes of the data stored on the share.- GA release storage blob PITR
az storage blob query
: Support Azure Storage Query Acceleration- Support Soft Delete for file share
az storage copy
: Add account credentials support and deprecate--source-local-path
,--destination-local-path
,--destination-account-name
az storage account blob-service-properties update
: Add container delete retention policy support
Synapse
- Fixed typo in example of az synapse role assignment create and delete
August 28, 2020
Version 2.11.1
ACR
- Add Isolated Tier to Agent Pool
- Add OCI Artifact Source Context
AKS
- Fix aks cluster create issue
Cognitive Services
- [BREAKING CHANGE] Show additional legal term for certain APIs
Network
- [BREAKING CHANGE] Allow to create both public and private IP while creating an Application Gateway
az network list-service-tags
: add details on location parameter use to the help message
Storage
az storage blob list
: Support OR properties with new api version
August 25, 2020
Version 2.11.0
AKS
- Remove preview tag from Virtual Node add-on
- Add AKS CMK argument in cluster creation
- Set network profile when using basic load balancer.
- Remove max pods validation from CLI and let preflight handle it
- Fixing add-ons available in the help message in
az aks create
- Bring in support for cluster autoscaler profile in core CLI
AppService
az webapp
: Add list-instances commandaz webapp ssh
: Add --instance parameter to connect to a specific instanceaz webapp create-remote-connection
: Add --instance parameter to connect to a specific instance- Fix #14758: az webapp create errors when creating windows app with --runtime dotnetcore
- Fix #14701: Implement functionapp create --assign-identity
- Fix #11244:
az webapp auth update
: Add optional parameter to update client-secret-certificate-thumbprint az functionapp keys
: Added commands that allow users to manage their function app keysaz functionapp function
: Added commands that allow users to manage their individual functionsaz functionapp function keys
: Added commands that allow users to manage their function keys- Fix #14788: az webapp create not getting correct webapp when names are substrings
az functionapp create
: Removed ability to create 2.x Functions in regions that don't support it
ARM
az resource list
: Extend the return data ofcreatedTime
,changedTime
andprovisioningState
az resource
: Add parameter--latest-include-preview
to support using the latest api-version whether this version is preview
ARO
- CLI enhancements, including route table checking permissions
Cloud
az cloud register
: Fix registering clouds with a config file
Compute
- Update VM SKUs that support accelerated networking
az vm create
: Automatic in-guest patchingaz image builder create
: Add --vm-size, --os-disk-size, --vnet, --subnet- New command az vm assess-patches
Container
- Fix #6235: Update help text for ports parameter in container create
Datalake Store
- Fix issue #14545 for data lake join operation
EventHub
az eventhubs eventhub create/update
: Change documentation of destination_name
Extension
- Add
az extension list-versions
command to list all available versions of an extension
HDInsight
- Support creating cluster with autoscale configuration and Support managing autoscale configuration
- Support creating cluster with encryption at host
IoTCentral
- CLI documentation improvements
Monitor
az monitor metrics alert create
: support RG and Sub as the scope values
NetAppFiles
- [BREAKING CHANGE] az netappfiles snapshot create: Removed file-system-id from parameters
- [BREAKING CHANGE] az netappfiles snapshot show: Snapshot no longer has parameter file-system-id
az netappfiles account
: Model ActiveDirectory has a new parameter backup_operatorsaz netappfiles volume show
: Model dataProtection has a new parameter snapshotaz netappfiles volume show
: Model Volume has a new parameter snapshot_directory_visible
Network
az network dns export
: export FQDN for MX, PTR, NS and SRV type instead of relative path- Support private link for managed disks
az network application-gateway auth-cert show
: Add example to demonstrate certificate formataz network private-endpoint-connection
: support app configuration
RBAC
az ad group create
: support specify description when creating a groupaz role definition create
: print human readable message instead of exception when assignableScope is an empty array- [BREAKING CHANGE]
az ad sp create-for-rbac
: change default permission of created certificate
SQL
az sql server audit-policy
: Add sql server auditing support
Storage
az storage blob copy start-batch
: Fix #6018 for --source-sasaz storage account or-policy
: Support storage account object replication policy- Fix issue #14083 to upgrade azure-multiapi-storage package version for package issue and new api version support
az storage blob generate-sas
: add examples for --ip and refine error messageaz storage blob list
: Fix next_marker issue
Synapse
- Add workspace, sparkpool, sqlpool related cmdlets
- Add spark job releated commands based on track2 sdk
- Add accesscontrol feature related commands based on track2 sdk
Upgrade
- Add
az upgrade
command to upgrade azure cli and extensions
August 11, 2020
Version 2.10.1
App Service
- Fix #9887 webapp and functionapp, support assigning/removing user managed identity
- Fix #1382, #14055: Update error messages for az webapp create and az webapp config container set
az webapp up
: Fix default ASP selection logic when --plan parameter is not provided
AppConfig
- Support enabling/disabling PublicNetworkAccess during store creation
Compute
- Support associating disk and snapshot with a disk-access resource
Lab
- Fix for issue #7904 date validation bug in lab vm creation
Storage
az storage blob upload-batch
: Fix issue #14660 with unpositional arguments
August 04, 2020
Version 2.10.0
AKS
az aks update
: Change --enable-aad argument to migrate a RBAC-enabled non-AAD cluster to a AKS-managed AAD clusteraz aks install-cli
: Add --kubelogin-version and --kubelogin-install-location arguments to install kubelogin- Add az aks nodepool get-upgrades command
AMS
- Fix #14021: az ams account sp is not idempotent
APIM
- apim api import: support API import and enchance other api level cli commands
App Service
- Fix #13035: Add validation for az webapp config access-restriction to avoid adding duplicates
AppConfig
- Default to standard sku if not specified
- [BREAKING CHANGE] Support settings with JSON content type
ARM
az resource tag
: Fix the bug of managedApp tagging and some related test issuesaz deployment mg/tenant what-if
: Add support to management group and tenant level deployment What-Ifaz deployment mg/tenant create
: Add --confirm-with-what-if/-c parameter.az deployment mg/tenant create
: Add --what-if-result-format/-r parameter.az deployment mg/tenant create
: Add --what-if-exclude-change-types/-x parameter.az tag
: az tag support for resource id parameter
Backup
- Trigger AFS container/item discovery only when needed
CDN
- Add private link fields to origin
Compute
az vm/vmss create
: Select a valid username for user if the default username is invalidaz vm update
: support cross tenant imageaz disk-access
: Add new command group to operate disk access resource- Support dedicated host group automatic placement
- Support ppg and spg in VMSS orchestration mode
Config
az config
: Add newconfig
command module
Extension
- Support automatically installing an extension if the extension of a command is not installed
HDInsight
- Add 3 parameters to the command
az hdinsight create
to support private link and encryption in transit feature:
Iot Hub
- Fix #7792: IoT Hub Create is not idempotent
IoT Central
- Add paramater option list for iot central
KeyVault
az keyvault key encrypt/decrypt
: add parameter--data-type
for explicitly specifing the type of original data
Monitor
az monitor log-analytics workspace data-export
: support event hub namespace as the destination.az monitor autoscale
: support namespace and dimensions for --condition
NetAppFiles
az volume revert
: Add Volume Revert to revert a volume to one of its snapshots.- [BREAKING CHANGE] Remove
az netappfiles mount-target
. az volume show
: Add site to Active Directory Properties
Network
az application-gateway private-link add
: support to specify an existing subnet by IDaz network application-gateway waf-policy create
: support version and type
Storage
- Fix #10302: Support guess content-type when synchronizing files
az storage blob lease
: Apply new api version for blob lease operationsaz storage fs access
: Support AAD credential in managing access control for ADLS Gen2 accountaz storage share-rm create/update
: add --access-tier to support access tier
July 16, 2020
Version 2.9.1
AKS
- Remove explicit setting of VMSS in Windows example command since it is now default
IoT
- [BREAKING CHANGE]
az iot pnp
: Remove IoT PNP preview commands from core CLI
REST
- Fix #14152:
az rest
: Accept ARM URLs without subscription ID
Storage
- Fix #14138: Make some permissions optional
July 14, 2020
Version 2.9.0
ACR
- Handle log artifact link from Registry to stream logs
- Deprecate helm2 commands
AKS
az aks create
: add --enable-aad argumentaz aks update
: add --enable-aad argument
APIM
- Added general az apim api commands
AppConfig
- Add example for using --fields in appconfig revision
AppService
az functionapp create
: Added support for Java 11 and Powershell 7. Added Stacks API Support.- Fix #14208 multi-container app creation fails
- Fix az webapp create - use hardcoded runtime stacks
ARM
az resource tag
: Fix the problem of tagging resources with resource typeMicrosoft.ContainerInstance/containerGroups
Compute
- Bump version disks 2020-05-01, compute 2020-06-01
- Double encryption of disk encryption set
az vmss update
: support specify cross tenant image.az sig image-version create
: support specify cross tenant image.- vm/vmss create: Encryption of cache & data-in-transit for OS/Data disks and temp disks for VM & VMSS
- Add simulate-eviction operation for VM and VMSS
CosmosDB
- Recent features: Autoscale, IpRules, EnableFreeTier and EnableAnalyticalStorage
EventGrid
- Add CLI support for 2020-04-01-preview and mark preview features with is_Preview=True
Find
- Fix #14094 az find Fix Queries failing when not logged in and when telemetry is disabled
HDInsight
- Add two commands to support hdinsight node reboot feature
Monitor
- Remove preview flag for commands under Log Analytics workspace
az monitor diagnostic-settings subscription
: Support diagnositc settings for subscriptionaz monitor metrics
: support ',' and '|' in metric nameaz monitor log-analytics workspace data-export
: support log analytics data export
Network
az network application-gateway frontend-ip update
: Deprecating the --public-ip-address parameter- Bump azure-mgmt-network to 11.0.0
az network express-route gateway connection
: support routing configurationaz network virtual-appliance
: Support Azure network virtual appliance.- Application Gateway support private link feature
PolicyInsights
az policy state
: add trigger-scan command to trigger policy compliance evaluationsaz policy state list
: expose versions of policy entities in each compliance record
Profile
az account get-access-token
: Show expiresOn for Managed Identity
RDBMS
- Support Minimum TLS version
- Add Infrastructure Encryption for Azure Postgres and MySQL
Security
- Add allowed_connections commands
- Add Adaptive network hardeningss commands
- Add adaptive_application_controls commands
- Addition of az security iot-solution/ iot-alerts/iot-recommendations/iot-analytics REST to Azure CLI
- Add regulatory compliance CLI
SignalR
- Add features including managing private endpoint connections, network rules and upstream
SQL
az sql mi create
,az sql mi update
: Add--tags
parameter to support resource taggingaz sql mi failover
: Support failover from primary or secondary point
Storage
az storage account create/update
: Add --allow-blob-public-access to allow or disallow public access for blob and containersaz storage account create/update
: Add--min-tls-version
to support setting the minimum TLS version to be permitted on requests to storage.- Remove check in token credential
- Fix the storage account name in examples
Webapp
- Bugfix: az webapp log deployment show - return deployment logs instead of log metadata
- Bugfix: az webapp vnet-integration add - fix error handling if bad vnet name, support vnet resource ID
June 23, 2020
Version 2.8.0
ACR
- Add support for region endpoint disable / routing disable
- [BREAKING CHANGE]
az acr login --expose-token
does not accept username and password
ACS
- Remove private cluster and 2019-10-27-preview API
AKS
- Support --yes for az aks upgrade
- Revert "change default vm sku to Standard_D2s_v3 (#13541)"
- Add "az aks update --uptime-sla"
- Fix typo in az aks update command
- Change to support 0 node agent pool and block manual scale for CAS enabled pool
- Fix typo on VirtualMachineScaleSets and update references to Kubernetes versions
AMS
- CHANGE help text for "--expiry" parameter.
AppService
az webapp log deployment show
: Show the latest deployment log, or the deployment logs of a specific deployment if deployment-id is specifiedaz webapp log deployment list
: List of deployment logs available- Fix: Surface error when invalid webapp name provided
- Fix #13261 az webapp list-runtimes use static list until new Available Stacks API is available
az appservice ase create
: Fix create issue #13361az appservice ase list-addresses
: Fix change of SDK #13140.- Fix webapp/slot creation for Windows Containers
az webapp auth update
: Add optional parameter to update runtime-version- Support list, delete, approve and reject private endpoint connection for webapp in CLI
- Fix #13888 : Add support for Static WebApps: get, list, create commands
- Improved error messages for SSH Tunnel Connection
ARM
az tag
: Add examples for -haz deployment group/sub what-if
: Add --exclude-change-types/-x parameter.az deployment group/sub/mg/tenant create
: Add --what-if-exclude-change-types/-x parameter.az deployment group/sub/mg/tenant validate
: Show error messages in a better format.az group export
: Add new parameters--skip-resource-name-params
and--skip-all-params
to support skip parameterization- Add az feature unregister api
ARO
- Add Public, Private to params for help with ingress/apiserver visibility
Batch
az batch account create
: Add new parameter--public-network-access
az batch account create
: Add new parameter--identity-type
az batch account set
: Add new parameter--identity-type
- [BREAKING CHANGE] az batch pool create: When creating a pool using a custom image, the --image property of can now only refer to a Shared Image Gallery image.
- [BREAKING CHANGE] az batch pool create: When creating a pool with --json-file option and specifying a networkConfiguration, the publicIPs property has moved in to a new property publicIPAddressConfiguration. This new property also supports a new ipAddressProvisioningType property which specifies how the pool should allocate IP's and a publicIPs property which allows for configuration of a list of PublicIP resources to use in the case ipAddressProvisioningType is set to UserManaged
az network private-link-resource
: Add support for the Microsoft.Batch batchAccount resourceaz network private-endpoint-connection
: Add support for the Microsoft.Batch batchAccount resource
CDN
az cdn custom-domain enable-https
: Add BYOC support.az cdn custom-domain enable-https
: Fix enabling custom HTTPS with CDN managed certificates for Standard_Verizon and Standard_Microsoft SKUs.
Cognitive Services
- [BREAKING CHANGE]
az cognitiveservices account
now have a unified structure for all commands. az cognitiveservices account identity
: Add identity management for Cognitive Services.
Compute
az image builder
: Upgrade API version to 2020-02-14az image builder create
: Add--identity
to support identity configurationaz image builder customizer add
: Support Windows update customizer- New command
az image builder cancel
- Show a warning when a user deploys a VMSS pinned to a specific image version rather than latest
Cosmos DB
az cosmosdb
: Add exists command to database and container groups- Allow creating fixed collections
EventHub
az eventhubs namespace create
: Add managed identity parameters
Extension
- Add --version to support to install from a specific version
- Enable CLI extensions to include packages in the 'azure' namespace
Iot Hub
- [BREAKING CHANGE] az iot hub job: Remove deprecated job commands
KeyVault
az keyvault key import
: Supports importing from strings via two new parameters.- Support string/bytes encryption and decryption with stored keys
Monitor
- Support no wait for cluster creation
az monitor log-analytics workspace saved-search
: Support new commands for saved search
Network
az network application-gateway address-pool update
: Refine help message and add examples.az network vnet create
: Support --nsg argumentaz network lb address-pool
: Support create lb backend pool with backend address.az network application-gateway address-pool
: Fix for --add argument
RBAC
az ad sp create-for-rabc
: Support name with space, slash and back slashaz ad sp create-for-rbac
: Refine error message when user specify an invalid scope
Security
- Add security assessment commands
SQL
az sql db ltr-policy/ltr-backup
: update/show long term retention policy, show/delete long term retention backups, restore long term retention backup
Storage
- Fix authentication issue to support get token for --subscription
az storage remove
: Fix issue #13459 to raise exception for operation failure- Fix issues #13012, #13632 and #13657 to remove unused arguments for generate-sas related commands
az storage logging update
: Add check for logging versionaz storage blob show
: Add more properties for blob with track 2 SDK- Fix #13708: Refine warning message for credential
az storage share-rm create/update
: Add NFS protocol and root squash supportaz storage account create
: Add support for double encryption- [BREAKING CHANGE]
az storage blob/container/file/share/table/queue generate-sas
: make --expiry and --permissions required az storage blob set-tier
: Migrate to Track 2 to support setting rehydrate priority
June 02, 2020
Version 2.7.0
ACR
- Fix a typo in an error message of token creation
AKS
- Change default vm sku to Standard_D2s_v3
- Fix creating role assignment for MSI clsuter plus custom subnet
AppService
- Fix #12739 az appservice list-locations returns some invalid locations
ARM
az deployment
: Fix issue #13159 of incorrect message of JSON after removing comments and compressingaz resource tag
: Fix issue #13255 of tagging resources with resource typeMicrosoft.ContainerRegistry/registries/webhooks
- Improve the examples for the resource module
ARO
- Change CLIError to correct flag for --worker-vm-disk-size-gb
EventHub
- Fix for issue #12406 Argument --capture-interval does not update the "intervalInSeconds"
HDInsight
- Change get_json_object to shell_safe_json_parse
Monitor
az monitor metrics alert
: refine several help messagesaz monitor diagnostic-settings create
: support --export-to-resource-specific argument- Support LA workspace recover
Network
az network dns zone
: support - characteraz network vpn-connection ipsec-policy
: change the --sa-lifetime and --sa-max-size to larger values in example- Bump network to 2020-04-01
az network private-endpoint-connection
: support event gridaz network express-route list-route-tables
: fix bug that cannot list routes as table
Packaging
- Add Ubuntu Focal Package
RBAC
az ad sp credential reset
: modify credential generation to avoid troublesome special characters
Redis
- Fix #13529: Change documentation of parameter enable_non_ssl_port
Storage
az storage copy
: Add parameter--follow-symlinks
to support symlinks- Enable local context for storage account
az storage logging
: Fix issue #11969 to refine error message
May 19, 2020
Version 2.6.0
ACR
- Add default timeout of 5 minutes for any requests to ACR
- Support disable public network access
az acr token create
: expose --days argumentaz acr import
: accept --source argument values which contain login in server name through client end correction
ACS
- Bug fix: remove fields cleanup for fields that no longer exist
AKS
- Update uptime-sla command help context
- Remove range check for updating min count for autoscaler
- Fix that cli doe not fail when user only specifies Windows password
AMS
az ams transform create
: Add ability to create a transform with a FaceDetector presetaz ams content-key-policy create
: Add ability to create a FairPlay content key policy with an offline rental configuration
AppConfig
- Bug fix for list key values with fields
AppService
az functionapp create
: AzureWebJobsDashboard will only be set if AppInsights is disabled- Fix #10664- VNet Integration - Location Check Issue & fix #13257- az webapp up failing when RG needs to be created
az webapp|functionapp config ssl import
: Lookup key vault across resources groups in subscription and improve help and examples.- Onboard local context for app service
ARM
az deployment
: Fix the problem that the templateLink will not be returned when deploying or validating template-uriaz deployment
: Fix the problem that deployment/validate does not support specially encoded characteraz deployment sub/group what-if
: Fix array alignment and error handlingaz deployment operation
: Modify the deprecate information
ARO
- Add examples to az aro create, list, list-credentials, show, delete
- Add generate_random_id function
Backup
- Allow FriendlyName in enable protection for AzureFileShare command
- Fix in IaasVM restore-disks Command
- Add "MAB" BackupManagementType to item list command
- Add support for retrying policy update for failed items.
- Add Resume Protection functionality for Azure Virtual Machine
- Add support to specify ResourceGroup for storing instantRP during Create or Modify Policy
CI
- Support flake8 3.8.0
Compute
- New command az vm auto-shutdown
az vm list-skus
: Update --zone behavior, return all type skus now
Core
- Update local context on/off status to global user level
Extension
az extension add
: Add --system to enable installing extensions in a system path- Support .egg-info to store wheel type extension metadata
IoT
az iot
: Update the IoT command module first run extension awareness message to the accurate, non-deprecated modern Idazure-iot
.
IoT Hub
- Support for 2020-03-01 API and Network Isolation commands
NetAppFiles
az volume create
: Adds snapshot-id as a parameter to create volume this will allow users to create a volume from existing snapshot.
Network
- Fix ttl value changed unintended for dns add-record
az network public-ip create
: Inform customers of a coming breaking change- Support generic commands for private link scenario
az network private-endpoint-connection
: Support mysql, postgres and mariadb typesaz network private-endpoint-connection
: Support cosmosdb typesaz network private-endpoint
: deprecate --group-ids and redirect to --group-id
Output
- Show update instruction in find, feedback and --help
Packaging
- Build MSI/Homebrew packages with dependecies resolved from requirements.txt
RBAC
az ad sp credential reset
: fix weak credential generation
Storage
az storage account file-service-properties update/show
: Add File Properties Support for Storage Accountaz storage container create
: Fix #13373 by adding validator for public access- Add ADLS Gen2 track2 support
az storage blob sync
: Support--connection-string
az storage blob sync
: Fix the incorrect error message when azcopy cannot find the installation location
April 30, 2020
Version 2.5.1
ACR
az acr check-health
: Fix "DOCKER_PULL_ERROR" on Windows
Compute
az vm list-ip-addresses
: Error handling- Fix a bug of vm create if endpoint_vm_image_alias_doc is not set in cloud profile
az vmss create
: Add --os-disk-size-gb
Cosmos DB
az cosmosdb create/update
: add --enable-public-network support
Extension
- Fix loading wrong metadata for wheel type extension
Packaging
- Add az script for Git Bash/Cygwin on Windows
SQL
az sql instance-pool
: Add instance pools command group
Storage
- Upgrade package azure-multiapi-storage to 0.3.0
- Support GZRS for storage account creation and update
az storage account failover
: Add support for grs/gzrs storage account failoveraz storage blob upload
: Add --encryption-scope parameter to support specifying encryption scope information
April 28, 2020
Version 2.5.0
ACS
- [BREAKING CHANGE] az openshift create: remove --vnet-peer parameter.
az openshift create
: add flags to support private cluster.az openshift
: upgrade to2019-10-27-preview
API version.az openshift
: addupdate
command.
AKS
az aks create
: Add support for Windows
AppService
az webapp deployment source config-zip
: remove sleep after request.get()
ARM
- Add template deployment What-If commands
ARO
az aro
: Fix table output
CI
- Onboard pytest and deprecate nose for Automation Test
Compute
az vmss disk detach
: fix data disk NoneType issueaz vm availability-set list
: Support showing VM listaz vm list-skus
: Fix display problem of table format
KeyVault
- Add new parameter
--enable-rbac-authorization
during creating or updating
Monitor
- Support LA cluster CMK features
az monitor log-analytics workspace linked-storage
: supports BYOS features
Network
az network security-partner
: support security partner provider
Privatedns
- Add feature in private DNS zone to import export zone file
April 21, 2020
Version 2.4.0
ACR
az acr run --cmd
: disable working directory override- Support dedicated data endpoint
AKS
az aks list -o table
should show privateFqdn as fqdn for private clusters- Add --uptime-sla
- Update containerservice package
- Add node public IP support
- Fix typo in the help command
AppConfig
- Resolve key vault reference for kv list and export commands
- Bug fix for list key values
AppService
az functionapp create
: Changed the way linuxFxVersion was being set for dotnet linux function apps. This should fix a bug that was preventing dotnet linux consumption apps from being created- [BREAKING CHANGE]
az webapp create
: fix to keep existing AppSettings with az webapp create - [BREAKING CHANGE]
az webapp up
: fix to create RG for az webapp up command when using -g flag - [BREAKING CHANGE]
az webapp config
: fix to show values for non-JSON output with az webapp config connection-string list
ARM
az deployment create/validate
: Add parameter--no-prompt
to support skipping the prompt of missing parameters for ARM templateaz deployment group/mg/sub/tenant validate
: Support comments in deployment parameter fileaz deployment
: Removeis_preview
for parameter--handle-extended-json-format
az deployment group/mg/sub/tenant cancel
: Support cancel deployment for ARM templateaz deployment group/mg/sub/tenant validate
: Improve the error message when deployment verification failsaz deployment-scripts
: Add new commands for DeploymentScriptsaz resource tag
: Add parameter--is-incremental
to support adding tags to resource incrementally
ARO
az aro
: Add Azure RedHat OpenShift V4 aro command module
Batch
- Update Batch API
Compute
az sig image-version create
: Add storage account type Premium_LRSaz vmss update
: Fix terminate notification update issueaz vm/vmss create
: Add support for specialized image version- SIG API Version 2019-12-01
az sig image-version create
: Add --target-region-encryption- Fix tests fail when running in serial due to keyvault name is duplicated in global in-momery cache
CosmosDB
- Support
az cosmosdb private-link-resource/private-endpoint-connection
IoT Central
- Deprecate
az iotcentral
- Add
az iot central
command module
Monitor
- Support private link scenario for monitor
- Fix wrong mocking way in test_monitor_general_operations.py
Network
- Deprecate sku for public ip update command
az network private-endpoint
: Support private dns zone group- Enable local context feature for vnet/subnet parameter
- Fix wrong usage example in test_nw_flow_log_delete
Packaging
- Drop support for Ubuntu/Disco package
RBAC
az ad app create/update
: support --optional-claims as a parameter
RDBMS
- Add Azure active directory administrator commands for PostgreSQL and MySQL
Service Fabric
- Fix #12891:
az sf application update --application-parameters
removes old parameters that are not in the request - Fix #12470 az sf create cluster, fix bugs in update durability and reliability and find vmss correctly through the code given a node type name
SQL
- Add
az sql mi op list
,az sql mi op get
,az sql mi op cancel
az sql midb
: update/show long term retention policy, show/delete long term retention backups, restore long term retention backup
Storage
- Upgrade azure-mgmt-storage to 9.0.0
az storage logging off
: Support turning off logging for a storage accountaz storage account update
: Enable key auto-rotated for CMKaz storage account encryption-scope create/update/list/show
: Add support to customize encryption scopeaz storage container create
: Add --default-encryption-scope and --deny-encryption-scope-override to set encryption scope for container level
Survey
- Add switch to turn off survey link
April 01, 2020
Version 2.3.1
ACR
- Fix wrong version of azure-mgmt-containerregistry for Linux
Profile
- az login: Fix login failure with cloud profiles other than
latest
March 31, 2020
Version 2.3.0
ACR
- 'az acr task update': null pointer exception
az acr import
: Modify help and error message to clarify the usage of --source and --registry- Add a validator for argument 'registry_name'
az acr login
:Remove the preview flag on '--expose-token'- [BREAKING CHANGE] 'az acr task create/update' Branch parameter is removed
- 'az acr task update' Customer now can update context, git-token, and or triggers individually
- 'az acr agentpool': new feature
AKS
- Fix apiServerAccessProfile when updating --api-server-authorized-ip-ranges
- aks update: Override outbound IPs with input values when update
- Do not create SPN for MSI clusters and support attach acr to MSI clusters
AMS
- Fix #12469: adding Fairplay content-key-policy fails due to problems with 'ask' parameter
AppConfig
- Add --skip-keyvault for kv export
AppService
- Fix #12509: Remove the tag to az webapp up by default
- az functionapp create: Updated --runtime-version help menu and added warning when user specifies --runtime-version for dotnet
- az functionapp create: Updated the way javaVersion was being set for Windows function apps
ARM
- az deployment create/validate: Use --handle-extended-json-format by default
- az lock create: Add examples of creating subresource in the help documentation
- az deployment {group/mg/sub/tenant} list: Support provisioningState filtering
- az deployment: Fix the parse bug for comment under the last argument
Backup
- Added multiple files restore capabilities
- Added support for Backing up OS Disks only
- Added restore-as-unmanaged-disk parameter to specify unmanaged restore
Compute
- az vm create: Add NONE option of --nsg-rule
- az vmss create/update: remove vmss automatic repairs preview tag
- az vm update: Support --workspace
- Fix a bug in VirtualMachineScaleSetExtension initialization code
- Upgrade VMAccessAgent version to 2.4
- az vmss set-orchestration-service-state: support vmss set orchestration service state
- Upgrade disk API version to 2019-11-01
- az disk create: add --disk-iops-read-only, --disk-mbps-read-only, --max-shares, --image-reference, --image-reference-lun, --gallery-image-reference, --gallery-image-reference-lun
Cosmos DB
- Fix missing --type option for deprecation redirections
Docker
- Update to Alpine 3.11 and Python 3.6.10
Extension
- Allow to load extensions in the system path via packages
HDInsight
- (az hdinsight create:) Support customers specify minimal supported tls version by using parameter
--minimal-tls-version
. The allowed value is 1.0,1.1,1.2
IoT
- Add codeowner
- az iot hub create : Change default sku to S1 from F1
- iot hub: Support IotHub in the profile of 2019-03-01-hybrid
IoTCentral
- Update error details, update default application template and prompt message
KeyVault
- Support certificate backup/restore
- keyvault create/update: Support --retention-days
- No longer display managed keys/secrets while listing
- az keyvault create: support
--network-acls
,--network-acls-ips
and--network-acls-vnets
for specifying network rules while creating vault
Lock
- az lock delete fix bug: az lock delete does not work on Microsoft.DocumentDB
Monitor
- az monitor clone: support clone metric rules from one resource to another
- Fix IcM179210086: unable to create custom metric alert for their Application Insights metric
NetAppFiles
- az volume create: Allow data protection volumes adding replication operations: approve, suspend, resume, status, remove
Network
- az network application-gateway waf-policy managed-rule rule-set add: support Microsoft_BotManagerRuleSet
- network watcher flow-log show: fix wrong deprecating info
- support host names in application gateway listener
- az network nat gateway: support create empty resource without public ip or public ip prefix
- Support vpn gateway generation
- Support
--if-none-match
inaz network dns record-set {} add-record
Packaging
- Drop support for python 3.5
Profile
- az login: Show warning for MFA error
RDBMS
- Add server data encryption key management commands for PostgreSQL and MySQL
March 10, 2020
Version 2.2.0
ACR
- Fix:
az acr login
wrongly raise error - Add new command
az acr helm install-cli
- Add private link and CMK support
- add 'private-link-resource list' command
AKS
- fix the aks browse in cloud shell
- az aks: Fix monitoring addon and agentpool NoneType errors
- Add --nodepool-tags to node pool when creating azure kubernetes cluster
- Add --tags when adding or updating a nodepool to cluster
- aks create: add
--enable-private-cluster
- add --nodepool-labels when creating azure kubernetes cluster
- add --labels when adding a new nodepool to azure kubernetes cluster
- add missing / in the dashboard url
- Support create aks clusters enabling managed identity
- az aks: Validate network plugin to be either "azure" or "kubenet"
- az aks: Add aad session key support
- [BREAKING CHANGE] az aks: support msi changes for GF and BF for omsagent (Container monitoring)(#1)
- az aks use-dev-spaces: Adding endpoint type option to the use-dev-spaces command to customize the endpoint created on an Azure Dev Spaces controller
AppConfig
- Unblock using "kv set" to add keyvault reference and feature …
AppService
- az webapp create : Fix issue when running the command with --runtime
- az functionapp deployment source config-zip: Add an error message if resource group or function name are invalid/don't exist
- functionapp create: Fix the warning message that appears with
functionapp create
today which cites a--functions_version
flag but erroneously uses a_
instead of a-
in the flag name - az functionapp create: Updated the way linuxFxVersion and container image name were being set for linux function apps
- az functionapp deployment source config-zip: Fix an issue caused by app settings change racing condition during zip deploy, giving 5xx errors during deployment
- Fix #5720946: az webapp backup fails to set name
ARM
- az resource: Improve the examples of the resource module
- az policy assignment list: Support listing policy assignments at Management Group scope
- Add
az deployment group
andaz deployment operation group
for template deployment at resource groups. This is a duplicate ofaz group deployment
andaz group deployment operation
- Add
az deployment sub
andaz deployment operation sub
for template deployment at subscription scope. This is a duplicate ofaz deployment
andaz deployment operation
- Add
az deployment mg
andaz deployment operation mg
for template deployment at management groups - Add
az deployment tenant
andaz deployment operation tenant
for template deployment at tenant scope - az policy assignment create: Add a description to the
--location
parameter - az group deployment create: Add parameter
--aux-tenants
to support cross tenants
CDN
- Add CDN WAF commands
Compute
- az sig image-version: add --data-snapshot-luns
- az ppg show: add --colocation-status to enable fetching the colocation status of all the resources in the proximity placement group
- az vmss create/update: support automatic repairs
- [BREAKING CHANGE] az image template: rename template to builder
- az image builder create: add --image-template
Cosmos DB
- Add Sql stored procedure, udf and trigger cmdlets
- az cosmosdb create: add --key-uri to support adding key vault encryption information
KeyVault
- keyvault create: enable soft-delete by default
Monitor
- az monitor metrics alert create: support
~
in--condition
Network
- az network application-gateway rewrite-rule create: support url configuration
- az network dns zone import: --zone-name will be case insensitive in the future
- az network private-endpoint/private-link-service: remove preview label
- az network bastion: support bastion
- az network vnet list-available-ips: support list available ips in a vnet
- az network watcher flow-log create/list/delete/update: add new commands to manage watcher flow log and exposing --location to identify watcher explicitly
- az network watcher flow-log configure: deprecated
- az network watcher flow-log show: support --location and --name to get ARM-formatted result, deprecated old formatted output
Policy
- az policy assignment create: Fix the bug that automatically generated name of policy assignment exceeds the limit
RBAC
- az ad group show: fix --group value treated as regex problem
RDBMS
- Bump the azure-mgmt-rdbms SDK version to 2.0.0
- az postgres private-endpoint-connection: manage postgres private endpoint connections
- az postgres private-link-resource: manage postgres private link resources
- az mysql private-endpoint-connection: manage mysql private endpoint connections
- az mysql private-link-resource: manage mysql private link resources
- az mariadb private-endpoint-connection: manage mariadb private endpoint connections
- az mariadb private-link-resource: manage mariadb private link resources
- Updating RDBMS Private Endpoint Tests
SQL
- Sql midb Add: list-deleted, show-deleted, update-retention, show-retention
- (sql server create:) Add optional public-network-access 'Enable'/'Disable' flag to sql server create
- (sql server update:) make some customer-facing change
- Add minimal_tls_version property for MI and SQL DB
Storage
- az storage blob delete-batch: Misbehaving
--dryrun
flag - az storage account network-rule add (bug fix): add operation should be idempotent
- az storage account create/update: Add Routing Preference support
- Upgrade azure-mgmt-storage version to 8.0.0
- az storage container immutability create: add --allow-protected-append-write parameter
- az storage account private-link-resource list: Add support to list private link resources for storage account
- az storage account private-endpoint-connection approve/reject/show/delete: Support to manage private endpoint connections
- az storage account blob-service-properties update: add --enable-restore-policy and --restore-days
- az storage blob restore: Add support to restore blob ranges
February 18, 2020
Version 2.1.0
ACR
- Add a new argument
--expose-token
foraz acr login
- Fix the incorrect output of
az acr task identity show -n Name -r Registry -o table
- az acr login: Throw a CLIError if there are errors returned by docker command
ACS
- aks create/update: add
--vnet-subnet-id
validation
Aladdin
- Parse generated examples into commands' _help.py
AMS
- az ams is GA now
AppConfig
- Revise help message to exclude unsupported key/label filter
- Remove preview tag for most commands excluding managed identity and feature flags
- Add customer managed key when updating stores
AppService
- az webapp list-runtimes: Fix the bug for list-runtimes
- Add az webapp|functionapp config ssl create
- Add support for v3 function apps and node 12
ARM
- az policy assignment create: Fix the error message when the
--policy
parameter is invalid - az group deployment create: Fix "stat: path too long for Windows" error when using large parameters.json file
Backup
- Fix for item level recovery flow in OLR
- Add restore as files support for SQL and SAP Databases
Compute
- vm/vmss/availability-set update: add --ppg to allowing updating ProximityPlacementGroup
- vmss create: add --data-disk-iops and --data-disk-mbps
- az vm host: remove preview tag for
vm host
andvm host group
- [BREAKING CHANGE] Fix #10728:
az vm create
: create subnet automatically if vnet is specified and subnet not exists - Increase robustness of vm image list
Eventhub
- Azure Stack support for 2019-03-01-hybrid profile
KeyVault
- az keyvault key create: add a new value
import
for parameter--ops
- az keyvault key list-versions: support parameter
--id
for specifying keys - Support private endpoint connections
Network
- Bump to azure-mgmt-network 9.0.0
- az network private-link-service update/create: support --enable-proxy-protocol
- Add connection Monitor V2 feature
Packaging
- [BREAKING CHANGE] Drop support for Python 2.7
Profile
- Preview: Add new attributes
homeTenantId
andmanagedByTenants
to subscription accounts. Please re-runaz login
for the changes to take effect - az login: Show a warning when a subscription is listed from more than one tenants and default to the first one. To select a specific tenant when accessing this subscription, please include
--tenant
inaz login
Role
- az role assignment create: Fix the error that assigning a role to a service principal by display name yields a HTTP 400
SQL
- Update SQL Managed Instance cmdlet
az sql mi update
with two new parameters: tier and family
Storage
- [BREAKING CHANGE]
az storage account create
: Change default storage account kind to StorageV2
February 04, 2020
Version 2.0.81
ACS
- Add support to set outbound allocated ports and idle timeouts on standard load balancer
- Update to API Version 2019-11-01
ACR
- [BREAKING CHANGE]
az acr delete
will prompt - [BREAKING CHANGE] 'az acr task delete' will prompt
- Add a new command group 'az acr taskrun show/list/delete' for taskrun management
AKS
- Each cluster gets a separate service principal to improve isolation
AppConfig
- Support import/export of keyvault references from/to appservice
- Support import/export of all labels from appconfig to appconfig
- Validate key and feature names before setting and importing
- Expose sku modification for configuration store.
- Add command group for managed identity.
AppService
- Azure Stack: surface commands under the profile of 2019-03-01-hybrid
- functionapp: Add ability to create Java function apps in Linux
ARM
- Fix issue #10246:
az resource tag
crashes when the parameter--ids
passed in is resource group ID - Fix issue #11658:
az group export
command does not support--query
and--output
parameters - Fix issue #10279: The exit code of
az group deployment validate
is 0 when the verification fails - Fix issue #9916: Improve the error message of the conflict between tag and other filter conditions for
az resource list
command - Add new parameter
--managed-by
to support adding managedBy information for commandaz group create
Azure Red Hat OpenShift
- Add
monitor
subgroup to manage Log Analytics monitoring in Azure Red Hat OpensShift cluster
BotService
- Fix issue #11697:
az bot create
is not idempotent - Change name-correcting tests to run in Live-mode only
CDN
- Add support for rulesEngine feature
- Add new commands group 'cdn endpoint rule' to manage rules
- Update azure-mgmt-cdn version to 4.0.0 to use api version 2019-04-15
Deployment Manager
- Add list operation for all resources.
- Enhance step resource for new step type.
- Update azure-mgmt-deploymentmanager package to use version 0.2.0.
IoT
- Deprecate 'IoT hub Job' commands.
IoT Central
- Support app creation/update with the new sku name ST0, ST1, ST2.
Key Vault
- Add a new command
az keyvault key download
for downloading keys.
Misc
- Fix #6371: Support filename and environment variable completion in Bash
Network
- Fix #2092: az network dns record-set add/remove: add warning when record-set is not found. In the future, an extra argument will be supported to confirm this auto creation.
Policy
- Add new command
az policy metadata
to retrieve rich policy metadata resources az policy remediation create
: Specify whether compliance should be re-evaluated prior to remediation with the--resource-discovery-mode
parameter
Profile
az account get-access-token
: Add--tenant
parameter to acquire token for the tenant directly, needless to specify a subscription
RBAC
- [BREAKING CHANGE] Fix #11883:
az role assignment create
: empty scope will prompt error
Security
- Add new commands
az atp show
andaz atp update
to view and manage advanced threat protection settings for storage accounts.
SQL
sql dw create
: deprecate--zone-redundant
and--read-replica-count
parameters. These parameters do not apply to DataWarehouse.- [BREAKING CHANGE]
az sql db create
: Remove "WideWorldImportersStd" and "WideWorldImportersFull" as documented allowed values for "az sql db create --sample-name". These sample databases would always cause creation to fail. - Add New commands
sql db classification show/list/update/delete
andsql db classification recommendation list/enable/disable
to manage sensitivity classifications for SQL databases. az sql db audit-policy
: Fix for empty audit actions and groups
Storage
- Add a new command group
az storage share-rm
to use the Microsoft.Storage resource provider for Azure file share management operations. - Fix issue #11415: permission error for
az storage blob update
- Integrate Azcopy 10.3.3 and support Win32.
az storage copy
: Add--include-path
,--include-pattern
,--exclude-path
and--exclude-pattern
parametersaz storage remove
: Change--inlcude
and--exclude
parameters to--include-path
,--include-pattern
,--exclude-path
and--exclude-pattern
parametersaz storage sync
: Add--include-pattern
,--exclude-path
and--exclude-pattern
parameters
ServiceFabric
- Add new commands to manage appliaction and services.
January 13, 2020
Version 2.0.80
Compute
- disk update: Add --disk-encryption-set and --encryption-type
- snapshot create/update: Add --disk-encryption-set and --encryption-type
Storage
- Upgrade azure-mgmt-storage version to 7.1.0
az storage account create
: Add--encryption-key-type-for-table
and--encryption-key-type-for-queue
to support Table and Queue Encryption Service
January 07, 2020
Version 2.0.79
ACR
- [BREAKING CHANGE] Remove '--os' parameter for 'acr build', 'acr task create/update', 'acr run', and 'acr pack'. Use '--platform' instead.
AppConfig
- Add support for importing/exporting feature flags
- Add new command 'az appconfig kv set-keyvault' for creating keyvault reference
- Support various naming conventions when exporting feature flags to file
AppService
- Fix issue #7154: Updating documentation for command <> to use back ticks instead of single quotes
- Fix issue #11287: webapp up: By default make the app created using up 'should be 'SSL enabled'
- Fix issue #11592: Add az webapp up flag for html static sites
ARM
- Fix
az resource tag
: Recovery Services Vault tags cannot be updated
Backup
- Added new command 'backup protection undelete' to enable soft-delete feature for IaasVM workload
- Added new parameter '--soft-delete-feature-state' to set backup-properties command
- Added disk exclusion support for IaasVM workload
Compute
- Fix
vm create
failure in Azure Stack profile. - vm monitor metrics tail/list-definitions: support query metric and list definitions for a vm.
- Add new reapply command action for az vm
HDInsight
- Support for creating a Kafka cluster with Kafka Rest Proxy
- Upgrade azure-mgmt-hdinsight to 1.3.0
Misc.
- Add preview command
az version show
to show the versions of Azure CLI modules and extensions in JSON format by default or format configured by --output
Event Hubs
- [BREAKING CHANGE] Remove 'ReceiveDisabled' status option from command 'az eventhubs eventhub update' and 'az eventhubs eventhub create'. This option is not valid for Event Hub entities.
Service Bus
- [BREAKING CHANGE] Remove 'ReceiveDisabled' status option from command 'az servicebus topic create', 'az servicebus topic update', 'az servicebus queue create', and 'az servicebus queue update'. This option is not valid for Service Bus topics and queues.
RBAC
- Fix #11712:
az ad app/sp show
does not return exit code 3 when the application or service principal does not exist
Storage
az storage account create
: Remove preview flag for --enable-hierarchical-namespace parameter- Update azure-mgmt-storage version to 7.0.0 to use api version 2019-06-01
- Add new parameters
--enable-delete-retention
and--delete-retention-days
to support managing delete retention policy for storage account blob-service-properties.
December 17, 2019
2.0.78
ACR
- Added support Local context in acr task run
ACS
- [BREAKING CHANGE]az openshift create: rename
--workspace-resource-id
to--workspace-id
.
AMS
- Updated show commands to return 3 when resource not found
AppConfig
- Fixed bug when appending api-version to request url. The existing solution doesn't work with pagination.
- Added support for showing languages besides English as our backend service support unicode for globalization.
AppService
- Fixed issue #11217: webapp: az webapp config ssl upload should support slot parameter
- Fixed issue #10965: Error: Name cannot be empty. Allow remove by ip_address and subnet
- Added support for importing certificates from Key Vault
az webapp config ssl import
ARM
- Updated azure-mgmt-resource package to use 6.0.0
- Cross Tenant Support for
az group deployment create
command by adding new parameter--aux-subs
- Added new parameter
--metadata
to support adding metadata information for policy set definitions.
Backup
- Added Backup support for SQL and SAP Hana workload.
BotService
- [Breaking change] Remove '--version' flag from preview command 'az bot create'. Only v4 SDK bots are supported.
- Added name availability check for 'az bot create'.
- Added support for updating the icon URL for a bot via 'az bot update'.
- Added support for updating a Direct Line channel via 'az bot directline update'.
- Added '--enable-enhanced-auth' flag support to 'az bot directline create'.
- The following command groups are GA and not in preview: 'az bot authsetting'.
- The following commands in 'az bot' are GA and not in preview: 'create', 'prepare-deploy', 'show', 'delete', 'update'.
- Fixed 'az bot prepare-deploy' changing '--proj-file-path' value to lower case (e.g. "Test.csproj" to "test.csproj").
Compute
- vmss create/update: Added --scale-in-policy, which decides which virtual machines are chosen for removal when a VMSS is scaled-in.
- vm/vmss update: Added --priority.
- vm/vmss update: Added --max-price.
- Added disk-encryption-set command group (create, show, update, delete, list).
- disk create: Added --encryption-type and --disk-encryption-set.
- vm/vmss create: Added --os-disk-encryption-set and --data-disk-encryption-sets.
Core
- Removed support for Python 3.4
- Plug in HaTS survey in multiple commands
DLS
- Updated ADLS sdk version (0.0.48).
Install
- Install script support python 3.8
IOT
- [BREAKING CHANGE] Removed --failover-region parameter from manual-failover. Now it will failover to assigned geo-paired secondary region.
Key Vault
- Fixed #8095:
az keyvault storage remove
: improve the help message - Fixed #8921:
az keyvault key/secret/certificate list/list-deleted/list-versions
: fix the validation bug on parameter--maxresults
- Fixed #10512:
az keyvault set-policy
: improve the error message when none of--object-id
,--spn
or--upn
is specified - Fixed #10846:
az keyvault secret show-deleted
: when--id
is specified,--name/-n
is not required - Fixed #11084:
az keyvault secret download
: improve the help message of parameter--encoding
Network
- az network application-gateway probe: Added support --port option to specify a port for probing backend servers when create and update
- az network application-gateway url-path-map create/update: bug fix for
--waf-policy
- az network application-gateway: Added support
--rewrite-rule-set
- az network list-service-aliases: Added support list service aliases which can be used for Service Endpoint Policies
- az network dns zone import: Added support .@ in record name
Packaging
- Added back edge builds for pip install
- Added Ubuntu eoan package
Policy
- Added support for Policy API version 2019-09-01.
- az policy set-definition: Added support grouping within policy set definitions with
--definition-groups
parameter
Redis
- Added preview param
--replicas-per-master
toaz redis create
command - Updated azure-mgmt-redis from 6.0.0 to 7.0.0rc1
ServiceFabric
- Fixed in node-type add logic including #10963: Adding new node type with durability level Gold will always throw CLI error
- Updated ServiceFabricNodeVmExt version to 1.1 in creation template
SQL
- Added "--read-scale" and "--read-replicas" parameters to sql db create and update commands, to support read scale management.
Storage
- GA Release Large File Shares property for storage account create and update command
- GA Release User Delegation SAS token Support
- Added new commands
az storage account blob-service-properties show
andaz storage account blob-service-properties update --enable-change-feed
to manage blob service properties for storage account. - [COMING BREAKING CHANGE]
az storage copy
:*
character is no longer supported as a wildcard in URL, but new parameters --include-pattern and --exclude-pattern will be added with*
wildcard support. - Fixed issue #11043: Added support to remove whole container/share in
az storage remove
command
November 26, 2019
Version 2.0.77
ACR
- Deprecated parameter
--branch
from acr task create/update
Azure Red Hat OpenShift
- Added
--workspace-resource-id
flag to allow creation of Azure Red Hat Openshift cluster with monitoring - Added
monitor_profile
to create Azure Red Hat OpenShift cluster with monitoring
AKS
- Added support cluster certificate rotation operation using "az aks rotate-certs".
AppConfig
- Added support for using ":" for
as az appconfig kv import
separator - Fixed issue for listing key values with multiple labels including null label.
- Updated management plane sdk, azure-mgmt-appconfiguration, to version 0.3.0.
AppService
- Fixed issue #11100: AttributeError for az webapp up when create service plan
- az webapp up: Forcing the creation or deployment to a site for supported languages, no defaults used.
- Added support for App Service Environment: az appservice ase show | list | list-addresses | list-plans | create | update | delete
Backup
- Fixed issue in az backup policy list-associated-items. Added optional BackupManagementType parameter.
Compute
- Upgraded API version of compute, disks, snapshots to 2019-07-01
- vmss create: Improvement for --orchestration-mode
- sig image-definition create: Added --os-state to allow specifying whether the virtual machines created under this image are 'Generalized' or 'Specialized'
- sig image-definition create: Added --hyper-v-generation to allow specifying the hypervisor generation
- sig image-version create: Added support --os-snapshot and --data-snapshots
- image create: Added --data-disk-caching to allow specifying caching setting of data disks
- Upgraded Python Compute SDK to 10.0.0
- vm/vmss create: Added 'Spot' to 'Priority' enum property
- [Breaking change] Renamed '--max-billing' parameter to '--max-price', for both VM and VMSS, to be consistent with Swagger and Powershell cmdlets
- vm monitor log show: Added support for querying log over linked log analytics workspace.
IOT
- Fix #2531: Added convenience arguments for hub update.
- Fix #8323: Added missing parameters to create storage custom endpoint.
- Fix regression bug: Reverted the changes which overrides the default storage endpoint.
Key Vault
- Fixed #11121: When using
az keyvault certificate list
, passing--include-pending
now doesn't require a value oftrue
orfalse
NetAppFiles
- Upgraded azure-mgmt-netapp to 0.7.0 which includes some additional volume properties associated with upcoming replication operations
Network
- application-gateway waf-config: deprecated
- application-gateway waf-policy: Added subgroup managed-rules to manage managed rule sets and exclusion rules
- application-gateway waf-policy: Added subgroup policy-setting to manage global configuration of a waf-policy
- [BREAKING CHANGE] application-gateway waf-policy: Renamed subgroup rule to custom-rule
- application-gateway http-listener: Added --firewall-policy when create
- application-gateway url-path-map rule: Added --firewall-policy when create
Packaging
- Rewrote the az wrapper in Python
- Added support for Python 3.8
- Changed to Python 3 for RPM package
Profile
- Polished error when running
az login -u {} -p {}
with Microsoft account - Polished
SSLError
when runningaz login
behind a proxy with self-signed root certificate - Fixed #10578:
az login
hangs when more than one instances are launched at the same time on Windows or WSL - Fixed #11059:
az login --allow-no-subscriptions
fails if there are subscriptions in the tenant - Fixed #11238: After renaming a subscription, logging in with MSI will result in the same subscription appearing twice
RBAC
- Fixed #10996: Polish error for
--force-change-password-next-login
inaz ad user update
when--password
is not specified
Redis
- Fixed #2902: Avoid setting memory configs while updating Basic SKU cache
Reservations
- Upgraded SDK Version to 0.6.0
- Added billingplan details info after calling Get-Gatalogs
- Added new command
az reservations reservation-order calculate
to calculate the price for a reservation - Added new command
az reservations reservation-order purchase
to purchase a new reservation
Rest
- Changed
az rest
to GA
SQL
- Updated azure-mgmt-sql to version 0.15.0.
Storage
- storage account create: Added --enable-hierarchical-namespace to support filesystem semantics in blob service.
- Removed unrelated exception from error message
- Fixed issues with incorrect error message "You do not have the required permissions needed to perform this operation." when blocked by network rules or AuthenticationFailed.
November 4, 2019
Version 2.0.76
ACR
- Added a preview parameter
--pack-image-tag
to commandaz acr pack build
. - Added support for enabling auditing on creating a registry
- Added support for Repository-scoped RBAC
AKS
- Added
--enable-cluster-autoscaler
,--min-count
and--max-count
to theaz aks create
command, which enables cluster autoscaler for the node pool. - Added the above flags as well as
--update-cluster-autoscaler
and--disable-cluster-autoscaler
to theaz aks update
command, allowing updates to cluster autoscaler.
AppConfig
- Added appconfig feature command group to manage feature flags stored in an App Configuration.
- Fixed minor bug for appconfig kv export to file command. Stop reading dest file contents during export.
AppService
az appservice plan create
: Added support to set 'persitescaling' on appservice plan create.- Fixed an issue where webapp config ssl bind operation was removing existing tags from the resource
- Added
--build-remote
flag foraz functionapp deployment source config-zip
to support remote build action during function app deployment. - Changed default node version on function apps to ~10 for Windows
- Added
--runtime-version
property toaz functionapp create
ARM
az deployment/group deployment validate
: Added--handle-extended-json-format
parameter to support multiline and comments in json template when deployment.- Bumped azure-mgmt-resource to 2019-07-01
Backup
- Added AzureFiles backup support
Compute
az vm create
: Added warning when specifying accelerated networking and an existing NIC together.az vm create
: Added--vmss
to specify an existing virtual machine scale set that the virtual machine should be assigned to.az vm/vmss create
: Added a local copy of image alias file so that it can be accessed in a restricted network environment.az vmss create
: Added--orchestration-mode
to specify how virtual machines are managed by the scale set.az vm/vmss update
: Added--ultra-ssd-enabled
to allow updating ultra SSD setting.- [BREAKING CHANGE]
az vm extension set
: Fixed bug where users could not set an extension on a VM with--ids
. - Added new commands
az vm image terms accept/cancel/show
to manage Azure Marketplace image terms. - Updated VMAccessForLinux to version 1.5
CosmosDB
- [BREAKING CHANGE]
az sql container create
: Changed--partition-key-path
to required parameter - [BREAKING CHANGE]
az gremlin graph create
: Changed--partition-key-path
to required parameter az sql container create
: Added--unique-key-policy
and--conflict-resolution-policy
az sql container create/update
: Updated the--idx
default schemagremlin graph create
: Added--conflict-resolution-policy
gremlin graph create/update
: Updated the--idx
default schema- Fixed typo in help message
- database: Added deprecation information
- collection: Added deprecation information
IoT
- Added new routing source type: DigitalTwinChangeEvents
- Fixed missing features in
az iot hub create
Key Vault
- Fixed an unexpected error when certificate file does not exist
- Fixed
az keyvault recover/purge
not working
NetAppFiles
Upgraded azure-mgmt-netapp to 0.6.0 to use API version 2019-07-01. This new API version includes:
- Volume creation
--protocol-types
accepts now "NFSv4.1" not "NFSv4" - Volume export policy property now named 'nfsv41' not 'nfsv4'
- Volume
--creation-token
renamed to--file-path
- Snapshot creation date now named just 'created'
- Volume creation
Network
az network private-dns link vnet create/update
: Support cross-tenant virtual network linking.- [BREAKING CHANGE]
az network vnet subnet list
: Changed--resource-group
and--vnet-name
to be required now. az network public-ip prefix create
: Added support to specify IP address version (IPv4, IPv6) when creation- Bumped azure-mgmt-network to 7.0.0 and api-version to 2019-09-01
az network vrouter
: Added support for new service virtual router and virtual router peeringaz network express-route gateway connection
: Added support for--internet-security
Profile
- Fixed
az account get-access-token --resource-type ms-graph
not working - Removed warning from
az login
RBAC
- Fixed
az ad app update --id {} --display-name {}
doesn't work
ServiceFabric
az sf cluster create
: Fixed an issue by modifying service fabric linux and windows template.json compute vmss from standard to managed disks
SQL
- Added
--compute-model
,--auto-pause-delay
, and--min-capacity
parameters to support CRUD operations for new SQL Database offering: Serverless compute model.
Storage
az storage account create/update
: Added --enable-files-adds parameter and Azure Active Directory Properties Argument group to support Azure Files Active Directory Domain Service Authentication- Expanded
az storage account keys list/renew
to support listing or regenerating Kerberos keys of storage account.
October 15, 2019
Version 2.0.75
AKS
- Changed
--load-balancer-sku
default value tostandard
if supported by the kubernetes version - Changed
--vm-set-type
default value tovirtualmachinescalesets
if supported by the kubernetes version
AMS
- [BREAKING CHANGE] Changed the name of
job start
tojob create
- [BREAKING CHANGE] Changed the
--ask
parameter ofcontent-key-policy create
to use a 32-character hex string instead of UTF8
AppService
- Added commands
webapp config access-restriction show|set|add|remove
- Added better error handling to
webapp up
- Added support for
Isolated
SKU toappservice plan update
ARM
- Added
--handle-extended-json-format
parameterdeployment create
to support multiline and comments in json template
Compute
- Added
--enable-agent
parameter tovm create
- Changed
vm create
to use standard public IP SKU automatically when using zones - Changed
vm create
to automatically create a valid computer name for a VM if none is provided - Added
--computer-name-prefix
parameter tovmss create
to support custom computer name prefix of virtual machines in the VMSS - Add
--workspace
parameter tovm create
to enable log analytics workspace automatically - Updated galleries API version to 2019-07-01
Core
- Added syntax check for
--set
parameter in generic update command
IoT
- Fixed an issue where
iot hub show
would incorrectly error with "resource not found"
Monitor
- Added support for CRUD to
monitor log-analytics workspace
Network
- Added support for cross-tenant virtual linking to
network private-dns link vnet [create|update]
- [BREAKING CHANGE] Changed
network vnet subnet list
to require--resource-group
and--vnet-name
parameters
SQL
- Added commands to
sql mi ad-admin
that support setting an AAD administrator on managed instances
Storage
- Added
--preserve-s2s-access-tier
parameterstorage copy
to preserve access tier during service to service copy - Added
--enable-large-file-share
parameter tostorage account [create|update]
to support large file shares for storage account
September 24, 2019
Version 2.0.74
ACR
- Added a required
--type
parameter toacr config retention update
- [BREAKING CHANGE] Renamed parameter
--name -n
changed to--registry -r
foracr config
command group
AKS
- Added
--load-balancer-sku
parameter toaks create
command, which allows for creating AKS cluster with SLB - Added
--load-balancer-managed-outbound-ip-count
,--load-balancer-outbound-ips
and--load-balancer-outbound-ip-prefixes
parameters toaks [create|update]
commands, which allow for updating load balancer profile of an AKS cluster with SLB - Added
--vm-set-type
parameter toaks create
command, which allows to specify vm types of an AKS Cluster (vmas or vmss)
ARM
- Added
--handle-extended-json-format
parameter togroup deployment create
command to support multiline and comments in json template
Compute
- Added
--terminate-notification-time
parameter tovmss [create|update]
commands to support terminate scheduled event configurability - Added
--enable-terminate-notification
parameter tovmss update
command to support terminate scheduled event configurability - Added
--priority,
--eviction-policy,
--max-billing
parameters to[vm|vmss] create
commands - Changed
disk create
to allow specifying the exact size of the disk upload - Added support for incremental snapshots for managed disks to
snapshot create
Cosmos DB
- Added
--type <key-type>
parameter tocosmosdb keys list
command to show key, read only keys or connection strings - Added
cosmosdb keys regenerate
command - [DEPRECATED] Deprecated
cosmosdb list-connection-strings
,cosmosdb regenerate-key
andcosmosdb list-read-only-keys
commands
EventGrid
- Fixed the endpoint help text to refer to the right parameter
Key Vault
- Fixed issue where logging in with a tenant (
login -t
) could causekeyvault create
to fail
Monitor
- Fixed issue where
:
character was not allowed in--condition
argument tomonitor metrics alert create
Policy
- Added support for Policy API version 2019-06-01
- Added
--enforcement-mode
parameter topolicy assignment create
command
Storage
- Added
--blob-type
parameter toaz storage copy
command
September 10, 2019
ACR
- Added command group
acr config retention
to configure retention policy
AKS
- Added support for ACR integration with the following commands:
- Added
--attach-acr
parameter toaks [create|update]
to attach an ACR to an AKS cluster - Added
--detach-acr
parameter toaks update
to detach the ACR from an AKS cluster
- Added
ARM
- Updated to use API version 2019-05-10
Batch
- Added new JSON configuration settings to
--json-file
forbatch pool create
:- Added
MountConfigurations
for file system mounts (see Request Body for details) - Added optional property
publicIPs
onNetworkConfiguration
for public IPs on pools (see Request Body for details)
- Added
- Added support for shared image galleries to
--image
- [BREAKING CHANGE] Changed default value of
--start-task-wait-for-success
onbatch pool create
to betrue
- [BREAKING CHANGE] Changed default value for
Scope
onAutoUserSpecification
to always be Pool (wasTask
on Windows nodes,Pool
on Linux nodes)- This argument can only be set from a JSON configuration with
--json-file
- This argument can only be set from a JSON configuration with
HDInsight
- GA release
- [BREAKING CHANGE] Changed parameter
--workernode-count/-c
ofaz hdinsight resize
to be required.
Key Vault
- Fixed issue where subnets couldn't be deleted from network rules
- Fixed issue where duplicated subnets and IP addresses could be added to network rules
Network
- Added
--interval
parameter tonetwork watcher flow-log
to set traffic analysis interval value - Added
network application-gateway identity
to manage gateway identity - Added support for setting Key Vault ID to
network application-gateway ssl-cert
- Added
network express-route peering peer-connection [show|list]
Policy
- Updated to use API version 2019-01-01
August 27, 2019
Version 2.0.72
ACR
- [BREAKING CHANGE] Removed support for the
classic
SKU
API Management
- [PREVIEW] Added
apim
command group
AppService
- Fixed issue with
webapp webjob continuous start
command when specifying a slot - Changed
webapp up
to detectenv
folder and remove it from the file used for deployment
Keyvault
- Fixed a bug in
keyvault secret set
that igored the--expires
argument
Network
- Added support for IPv6 addresses to
--private-ip-address-version
arguments - Added new commands
network private-endpoint [create|update|list-types]
for private endpoint management - Added command group
network private-link-service
- Added
--private-endpoint-network-policies
and--private-link-service-network-policies
arguments tonetwork vnet subnet update
RBAC
- Fixed issue with
ad app update --homepage
where homepage would not be updated
ServiceFabric
- Added support for mixed-case Key Vault names
- Fixed issue when using certificates in Key Vault
- Fixed issue with using PFX certificate files
- Fixed issue with
sf cluster certificate add
when Key Vault resource group wasn't specified - Fixed issue with
sf cluster set
not working
SignalR
- Added new commands:
signalr cors
: Manage SignalR CORSsignalr restart
: Restart a SignalR servicesignalr update
: Update a SignalR service
- Added
--service-mode
argument tosignalr create
Storage
- Added
storage account revoke-delegation-keys
command
August 13, 2019
Version 2.0.71
AppService
- Fixed issue where
webapp webjob continuous
commands were failing for slots
BotService
- [BREAKING CHANGE] Removed support for creating v3 SDK bots
CognitiveServices
- Added
cognitiveservices account network-rule
commands
Cosmos DB
- Removed warning when updating multiple write locations
- Added CRUD commands for CosmosDB SQL, MongoDB, Cassandra, Gremlin and Table resources and resource's throughput
HDInsight
This release contains a large number of breaking changes.
- [BREAKING CHANGE] Renamed parameters for
hdinsight create
:- Renamed
--storage-default-container
to--storage-container
- Renamed
--storage-default-filesystem
to--storage-filesystem
- Renamed
- [BREAKING CHANGE] Changed the
--name
argument ofapplication create
to represent the application name instead of the cluster name - Added
--cluster-name
argument toapplication create
to replace old--name
functionality - [BREAKING CHANGE] Renamed parameters for
application create
:- Renamed
--application-type
to--type
- Renamed
--marketplace-identifier
to--marketplace-id
- Renamed
--https-endpoint-access-mode
to--access-mode
- Renamed
--https-endpoint-destination-port
to--destination-port
- Renamed
- [BREAKING CHANGE] Removed parameters for
application create
:--https-endpoint-location
--https-endpoint-public-port
--ssh-endpoint-destination-port
--ssh-endpoint-location
--ssh-endpoint-public-port
- [BREAKING CHNAGE] Renamed
--target-instance-count
to--workernode-count
forhdinsight resize
- [BREAKING CHANGE] Changed all commands in the
hdinsight script-action
group to use the--name
parameter as the name of the script action. - Added
--cluster-name
argument to allhdinsight script-action
commands to replace old--name
functionality - [BREAKING CHANGE] Renamed
--script-execution-id
to--execution-id
for allhdinsight script-action
commands - [BREAKING CHANGE] Renamed
hdinsight script-action show
tohdinsight script-action show-execution-details
- [BREAKING CHNAGE] Changed parameters to
hdinsight script-action execute --roles
to be space-separated instead of comma-separated - [BREAKING CHANGE] Removed the
--persisted
parameter ofhdinsight script-action list
- Changed the
hdinsight create --cluster-configurations
parameter to accept a path to a local JSON file or a JSON string - Added command
hdinsight script-action list-execution-history
- Changed
hdinsight monitor enable --workspace
to accept a Log Analytics workspace ID or workspace name - Added the
hdinsight monitor enable --primary-key
argument, which is needed if a workspace ID is provided as the parameter - Added more examples and updated descriptions for help messages
Interactive
- Fixed a loading error
Kubernetes
- Changed to use
https
if dashboard container port is usinghttps
Network
- Added
--yes
argumentnetwork dns record-set cname delete
Profile
- Added
--resource-type
argument toaccount get-access-token
to get resource access tokens
ServiceFabric
- Added all supported os version for sf cluster create
- Fixed primary certificate validation bug
Storage
- Added command
storage copy
July 30, 2019
Version 2.0.70
ACR
- Fixed issue #9952 (a regression in the
acr pack build
command) - Removed the default builder image name in
acr pack build
Appservice
- Changed
webapp config ssl
to show a message if a resource is not found - Fixed issue where
functionapp create
does not acceptStandard_RAGRS
storage account type - Fixed an issue where
webapp up
would fail if run using older versions of python
Network
- Removed invalid parameter
--ids
fromnetwork nic ip-config add
(fixes #9861) - Fixes #9604. Added
--root-certs
parameter tonetwork application-gateway http-settings [create|update]
to support user associate trusted root certificates. - Fixed arguent
--subscription
fornetwork dns record-set ns create
(#9965)
RBAC
- Added
user update
command - [DEPRECATED] Deprecated
--upn-or-object-id
from user-related commands- Use replacement argument
--id
- Use replacement argument
- Added
--id
argument to user-related commands
SQL
- Added management commands for managed instance keys and TDE protector
Storage
- Added
storage remove
command - Fixed an issue with
storage blob update
VM
- Changed
list-skus
to use newer api-version to output zone details - Changed default of
--single-placement-group
tofalse
forvmss create
- Added ability to select ZRS storage SKUs for
[snapshot|disk] create
- Added new command group
vm host
to support dedicated hosts - Added parameters
--host
and--host-group
onvm create
to set VM dedicated host
July 16, 2019
Version 2.0.69
Appservice
- Changed
webapp identity
commands to return a proper error message if ResourceGroupName or App name are invalid - Fixed
webapp list
to return the correct value for numberOfSites if no ResourceGroup was provided - Fixed side-effects of
appservice plan create
andwebapp create
Core
- Fixed issue where
--subscription
would appear despite being not applicable
Batch
- [BREAKING CHANGE] Replaced
batch pool node-agent-skus list
withbatch pool supported-images list
- Added support for security rules blocking network access to a pool based on the source port of the traffic when using the
--json-file
option ofbatch pool create network
- Added support for executing the task in the container working directory or in the Batch task working directory when using the
--json-file
option ofbatch task create
- Fixed error in
--application-package-references
option ofbatch pool create
where it would only work with defaults
Eventhubs
- Added validation for parameter
--rights
ofauthorizationrule
commands
RDBMS
- Added optional parameter to specify replica SKU for create replica command
- Fixed the issue with CI test failure with creating MySQL replica
Relay
- Fixed issue with hybrid connection when client authroization disabled #8775
- Added parameter
--requires-transport-security
torelay wcfrelay create
Servicebus
- Added validation for parameter
--rights
ofauthorizationrule
commands
Storage
- Enable Files AADDS for storage account update
- Fixed issue
storage blob service-properties update --set
July 2, 2019
Version 2.0.68
Core
- Command modules are now consolidated into a single Python distributable. This deprecates direct use of many
azure-cli-
packages on PyPI. This should reduce install size and only affect users who have directly installed viapip
.
ACR
- Added support for Timer Triggers to Task
Appservice
- Changed
functionapp create
to enable application insights by default - [BREAKING CHANGE] Removed deprecated
functionapp devops-build
command.- Use the new command
az functionapp devops-pipeline
instead
- Use the new command
- Added Linux Consumption function app plan support to
functionapp deployment config-zip
Cosmos DB
- Added support for disabling TTL
DLS
- Updated ADLS version (0.0.45)
Feedback reference
- When reporting a failed extension command,
az feedback
now attempts to open the browser to the project/repo url of the extension from the index
HDInsight
- [BREAKING CHANGE] Changed
oms
command group name tomonitor
- [BREAKING CHANGE] Made
--http-password/-p
a required parameter - Added completers for
--cluster-admin-account
andcluster-users-group-dns
parameters completer - Changed
cluster-users-group-dns
parameter to be required when—esp
is present - Added a timeout for all existing argument auto-completers
- Added a timeout for transforming resource name to resource id
- Changed Auto-completers to select resources from any resource group. It can be a different resource group than the one specified with
-g
- Added support for
--sub-domain-suffix
and--disable_gateway_auth
parameters in thehdinsight application create
command
Managed Services
- Introducing managed service command module in preview
Profile
- Suppress
--subscription
argument for logout command
RBAC
- [BREAKING CHANGE] Removed
--password
argument forcreate-for-rbac
- Added
--assignee-principal-type
parameter tocreate
command to avoid intermittent failures caused by AAD graph server replication latency - Fixed a crash in
ad signed-in-user
when listing owned objects - Fixed issue where
ad sp
would not find the right application from a service principal
RDBMS
- Added support for replication for MariaDB
SQL
- Documented allowed values for
sql db create --sample-name
Storage
- Added user delegation SAS token support with
--as-user
tostorage blob generate-sas
- Added user delegation SAS token support with
--as-user
tostorage container generate-sas
VM
- Fixed bug where
vmss create
returns an error message when run with--no-wait
- Removed client-side validation for
vmss create --single-placement-group
. Does not fail if--single-placement-group
is set totrue
and--instance-count
is greater than 100 or availability zones are specified, but leaves this validation to the compute service - Fixed bug where
[vm|vmss] extension image list
fails when used with--latest
June 18, 2019
Version 2.0.67
Core
This release introduces a new [Preview] tag to more clearly communicate to customers when a command group, command or argument is in preview status. This was previously called out in help text or communicated implicitly by the command module version number. The CLI will be removing version numbers for individual packages in the future. If a command is in preview, all of its arguments are as well. If a command group is labeled as being in preview, then all commands and arguments are considered to be in preview as well.
As a result of this change, several command groups may seem to "suddenly" appear to be in a preview status with this release. What actually happened is that most packages were in a preview status, but are being deemed GA with this release
ACR
- Added 'acr check-health' command
- Improved error handling for AAD tokens and for retrieving external commands
ACS
- Deprecated ACS commands are now hidden from help view
AMS
- [BREAKING CHANGE] Changed to return ISO 8601 time strings for archive-window-length and key-frame-interval-duration
AppService
- Added location based routing for
webapp deleted list
andwebapp deleted restore
- Fixed issue where webapp up logged target URL ("You can launch the app at...") was not clickable in Azure Cloud Shell
- Fixed an issue where creating apps with the some SKUs was failing with an AlwaysOn error
- Added pre-validation to
[appservice|webapp] create
- Fixed
[webapp|functionapp] traffic-routing
to use the correct actionHostName - Added slot support to
functionapp
commands
Batch
- Fixed AAD auth regression caused by over-aggressive error reporting for Shared Key Auth
BatchAI
- BatchAI commands are now deprecated and hidden
BotService
- Added "discontinued support"/"maintenance mode" warning messages for commands that support the v3 SDK
CosmosDB
- [DEPRECATED] Deprecated the
cosmosdb list-keys
command - Added the
cosmosdb keys list
command - replacescosmosdb list-keys
cosmsodb create/update
: Added new format for --location to allow setting "isZoneRedundant" property. Deprecated old format
EventGrid
- Added
eventgrid domain
commands for domain CRUD operations - Added
eventgrid domain topic
commands for domain topics CRUD operations - Added
--odata-query
argument toeventgrid [topic|event-subscription] list
for filtering results using OData syntax event-subscription create/update
: Added servicebusqueue as new values for the--endpoint-type
parameter- [BREAKING CHANGE] Removed support for
--included-event-types All
witheventgrid event-subscription [create|update]
HDInsight
- Added support for
--ssh-public-key
parameter inhdinsight create
command
IoT
- Added support to regenerate authorization policy keys
- Added SDK and support for DigitalTwin Repository Provisioning Service
Network
- Added Zone support for Nat Gateway
- Added command
network list-service-tags
- Fixed issue with
dns zone import
where users could not import wildcard A records - Fixed issue with
watcher flow-log configure
where flow logging could not be enabled in certain regions
Resource
- Added
az rest
command for making REST calls - Fixed error when using
policy assignment list
with a resource group or subscription level--scope
ServiceBus
- Fixed issue with
servicebus topic create --max-size
#9319
SQL
- Changed
--location
to be optional forsql [server|mi] create
- uses resource group location if not specified - Fixed "'NoneType' object is not iterable" error for
sql db list-editions --available
SQLVm
- [BREAKING CHNAGE] Changed
sql vm create
to require--license-type
parameter - Changed to allow setting SQL image SKU when creating or updating a sql vm
Storage
- Fixed issue with missing account key for
storage container generate-sas
- Fixed issue with
storage blob sync
on Linux
VM
- [PREVIEW] Added
vm image template
commands to build VM images
June 4, 2019
Version 2.0.66
Core
- Fixed bug where commands fail if
--output yaml
is used with--query
ACR
- Added 'acr pack' command group for creating quick build Tasks using Buildpacks.
ACS
- Allow enabling/disabling AKS kube-dashboard addon
- Print a friendly message when the subscription is not approved to use Azure Red Hat OpenShift
Batch
IoT
- Added support for manual failover
Network
- Added
network application-gateway waf-policy
commands to support custom WAF rules. - Added
--waf-policy
and--max-capacity
arguments tonetwork application-gateway [create|update]
Resource
- Improved error message from
deployment create
when there is no TTY available
Role
- Updated help text.
Compute
- Added support to
vm create
for VMs from a managed image with data-disk luns that do not start from 0 or that skip numbers
May 21, 2019
Version 2.0.65
Core
- Added better feedback for authentication errors
- Fixed issue where the CLI would load extensions that were not compatible with its core version
- Fixed issue with launching when
clouds.config
is corrupted
ACR
- Added support for Managed Identities to Tasks
ACS
- Fixed
openshift create
command when used with customer AAD client
AppService
- [DEPRECATED] Deprecated
functionapp devops-build
command - will be removed in next release - Changed
functionapp devops-pipeline
to fetch build log from Azure DevOps in verbose mode - [BREAKING CHANGE] Removed
--use_local_settings
flag fromfunctionapp devops-pipeline
command - was a no-op - Changed
webapp up
to return JSON output if--logs
is not used - Added support for writing default resources to local config for
webapp up
- Added support to
webapp up
for redeploying an app without using the--location
argument - Fixed an issue where for Linux Free SKU ASP creation use Free as SKU value was not working
BotService
- Changed to allow all casing for
--lang
parameters for commands - Updated description for command module
Consumption
- Added missing required parameter when running
consumption usage list --billing-period-name
IoT
- Added support to list all keys
Network
- [BREAKING CHANGE]: Removed
network interface-endpoints
command group - usenetwork private-endpoints
- Added
--nat-gateway
argument tonetwork vnet subnet [create|update]
for attaching to a NAT gateway - Fixed issue with
dns zone import
where record names could not match a record type
RDBMS
- Added postgres and mysql support for geo replication
RBAC
- Added support for management group scope to
role assignment
Storage
storage blob sync
: add sync command for storage blob
Compute
- Added
--computer-name
tovm create
for setting a VM's computer name - Renamed
--ssh-key-value
renamed to--ssh-key-values
for[vm|vmss] create
- can now accept multiple ssh public key values or paths- Note: This is not a breaking change -
--ssh-key-value
will be parsed correctly as it matches only--ssh-key-values
- Note: This is not a breaking change -
- Changed the
--type
argument ofppg create
to be optional
May 6, 2019
Version 2.0.64
ACS
- [BREAKING CHANGE] Removed
--fqdn
flag onopenshift
commands - Changed to use Azure Red Hat Openshift GA API Version
- Added
customer-admin-group-id
flag toopenshift create
- [GA] Removed
(PREVIEW)
fromaks create
option--network-policy
Appservice
- [DEPRECATED] Deprecated
functionapp devops-build
command- Renamed to
functionapp devops-pipeline
- Renamed to
- Fixed getting the correct username for cloudshell which was causing
webapp up
to fail - Updated
appservice plan --sku
documentation updated to reflect the supported appserviceplans - Added optional arguments for resource group and plan to
webapp up
- Added support to
webapp ssh
to respectAZURE_CLI_DISABLE_CONNECTION_VERIFICATION
environment variable - Added
appserviceplan create
support for Linux Free SKU - Changed
webapp up
to have a 30s sleep after settingSCM_DO_BUILD_DURING_DEPLOYMENT=true
appsetting to handle kudu cold start - Added support for
powershell
runtime tofunctionapp create
on Windows - Added
create-remote-connection
command
Batch
- Fixed bug in validator for
--application-package-references
options
Botservice
- [BREAKING CHANGE] Changed
bot create -v v4 -k webapp
to create an empty Web App Bot by default (i.e. no bot is deployed to the App Service) - Added
--echo
flag tobot create
to use the old behavior with-v v4
- [BREAKING CHANGE] Changed the default value of
--version
tov4
- NOTE:
bot prepare-publish
still uses the its old default
- NOTE:
- [BREAKING CHANGE] Changed
--lang
to no longer default toCsharp
. If the command requires--lang
and it is not provided, the command will now error out - [BREAKING CHANGE] Changed the
--appid
and--password
args forbot create
to be required and can now be created viaad app create
- Added
--appid
and--password
validation - [BREAKING CHANGE] Changed
bot create -v v4
to not create or use a Storage Account or Application Insights - [BREAKING CHANGE] Changed
bot create -v v3
to require a region where Application Insights is available - [BREAKING CHANGE] Changed
bot update
to now affect only specific properties of a bot - [BREAKING CHANGE] Changed
--lang
flags to acceptJavascript
instead ofNode
- [BREAKING CHANGE] Removed
Node
as an allowed--lang
value - [BREAKING CHANGE] Changed
bot create -v v4 -k webapp
to no longer setSCM_DO_BUILD_DURING_DEPLOYMENT
to true. All deployments through Kudu will act according to their default behavior - Changed
bot download
for bots without.bot
files to create the language-specific configuration file with values from the Application Settings for the bot - Added
Typescript
support tobot prepare-deploy
- Added warning message to
bot prepare-deploy
forJavascript
andTypescript
bots for when--code-dir
does not containpackage.json
- Changed
bot prepare-deploy
to returntrue
if successful - Added verbose logging to
bot prepare-deploy
- Added more available Application Insights regions to
az bot create -v v3
Configure
- Added support for folder based argument default value configurations
Eventhubs
- Added
namespace network-rule
commands - Added
--default-action
argument for network rules tonamespace [create|update]
Network
- [BREAKING CHANGE] Replaced
--cache
arugment with--defer
forvnet [create|update]
Policy Insights
- Added support for
--expand PolicyEvaluationDetails
to query policy evaluation details on the resource
Role
- [DEPRECATED] Changed
create-for-rbac
hide '--password' argument - support will be removed in May 2019
Service Bus
- Added
namespace network-rule
commands - Added
--default-action
argument for network rules tonamespace [create|update]
- Fixed
topic [create|update]
to allow--max-size
support for 10, 20, 40 and 80GB values with premium SKU
SQL
- Added
sql virtual-cluster [list|show|delete]
commands
VM
- Added
--protect-from-scale-in
and--protect-from-scale-set-actions
tovmss update
to enable updates to the protection policy of VMSS VM instances - Added
--instance-id
tovmss update
to enable generic update of VMSS VM instances - Added
--instance-id
tovmss wait
- Added new
ppg
command group for managing Proximity Placement Groups - Added
--ppg
to[vm|vmss] create
andvm availability-set create
for managing PPGs - Added
--hyper-v-generation
parameter toimage create
April 23, 2019
Version 2.0.63
ACS
- Changed
aks get-credentials
to prompt to overwrite duplicated values - Removed
(PREVIEW)
from Dev Spaces commands "aks use-dev-spaces" and "aks remove-dev-spaces"
AMS
- Fixed bug with asset and account filters update
AppService
- Added support for ASE and timeout to
webapp ssh
- Added support for establishing CI CD to an Azure DevOps pipeline from a Github repository to Function apps
- Added
--github-pat
argument tofunctionapp devops-build create
to accept Github personal access token - Added
--github-repository
argument tofunctionapp devops-build create
to accept Github repository that contains a functionapp source code - Fixed issue where
az webapp up --logs
was failing with a error and updating default .NETCORE version to 2.1 - Removed unnecessary functionapp settings when creating a function app with consumption plan
- Changed
webapp up
so the default asp string now appends number at the end to create a new ASP based on SKU options - Added
-b
as an option towebapp up
to launch the app in the browser - Changed
webapp deployment source config zip
to handleAZURE_CLI_DISABLE_CONNECTION_VERIFICATION
environment variable
Deployment Manager
- [PREVIEW] Create and manage artifacts that support rollouts
Lab
- Fixed bug which would cause an early exit
Network
- Added auto name server delegation to
dns zone create
in parent during child zone creation
Resource
- [DEPRECATED] Deprecated
--link-id
,--target-id
and--filter-string
arguments ofresource link
- Use the arguments
--link
,--target
, and--filter
instead
- Use the arguments
- Fixed issue where
resource link [create|update]
commands would not work - Fixed an issue where deleting using a resource ID could crash on error
SQL
- Added support for custom time zone on managed instances
- Changed to allow elastic pool name to be used with
sql db update
- Added
--no-wait
support tosql server [create|update]
- Added command
sql server wait
Storage
- Fixed issue with double-encoded SAS tokens in
storage blob generate-sas
VM
- Added
--skip-shutdown
flag tovm|vmss stop
to power-off VMs without shutdown - Added
--storage-account-type
argument tosig image-version create
to set the publishing profile's account type - Added
--target-regions
argument tosig image-version create
to allow setting region-specific storage account types
April 9, 2019
Core
- Fixed issue where some extensions showed a version of
Unknown
and could not be updated
ACR
- Added support running an image contextlessly
AMS
- [DEPRECATED]: Deprecated the
--bitrate
parameter ofaccount-filter
andasset-filter
- [BREAKING CHANGE]: Renamed the
--bitrate
parameter to--first-quality
- Added new encryption parameters support in
ams streaming-policy create
- Added new paramter
--filters
toams streaming-locator create
AppService
- Added
--logs
support towebapp up
- Fixed
functionapp devops-build create
commandazure-pipelines.yml
generation issues - Improved
unctionapp devops-build create
error handling and indicators - [BREAKING CHANGE] Removed the
--local-git
flag fordevops-build
command, local git detection and handling are compulsory for creating Azure DevOps pipelines - Added support for Linux functions plan creation
- Added ability to switch a plan underneath a function app using
functionapp update --plan
- Added support for Azure Functions premium plan scale out settings
CDN
- Added support for
Microsoft_Standard
andStandard_ChinaCdn
Feedback reference
- Changed
feedback
to show metadata on recently run commands - Changed
feedback
to prompt user to assist in issue creation process by opening a brower and using an issue template - Changed
feedback
to print out issue body when run with '--verbose'
Monitor
- Fixed issue where "count" was not a permitted value with
metrics alert [create|update]
Network
- Fixed table format not displaying with
vnet-gateway list-bgp-peer-status
- Added
list-request-headers
andlist-response-headers
commands toapplication-gateway rewrite-rule
- Added
list-server-variables
command toapplication-gateway rewrite-rule condition
- Fixed an issue where updating link state on an express-route port would throw an unknown attribute exception
express-route port update
PrivateDNS
- Added
network private-dns
for Private DNS zones
Resource
- Fixed issue with
deployment create
andgroup deployment create
where a parameters file with an empty set of parameters would not work
Role
- Fixed
create-for-rbac
to handle--years
correctly - [BREAKING CHANGE] Changed
role assignment delete
to prompt when deleting all assignments under the subscription unconditionally
SQL
- Updated
sql mi [create|update]
with the properties proxyOverride and publicDataEndpointEnabled
Storage
- [BREAKING CHANGE] Removed result of
storage blob delete
- Added
--full-uri
tostorage blob generate-sas
to create the full uri for the blob with sas - Added
--file-snapshot
tostorage file copy start
to copy file from snapshot - Changed
storage blob copy cancel
to only show the error instead of exception for NoPendingCopyOperation
March 26, 2019
Core
- Fixed issues with dev extension incompatibility
- Error handling now points customers to issues page
Cloud
- Fixed a 'subscription not found' error in
cloud set
ACR
- Fixed redundant sources in image import
- Added
--auth-mode
toacr build
,acr run
,acr task create
, andacr task update
commands - Added 'acr task credential' command group for managing credentials for a Task
- Added '--no-wait' to
acr build
command
AppService
- Fixed bug where
webapp up
was not handling running from empty directory or unknown code scenario correctly - Fixed bug where slots didn't work for
[webapp|functionapp] config ssl bind
BOT Service
- Added
bot prepare-deploy
to prepare for deploying bots viawebapp
- Changed
bot create --kind registration
to show password if the password is not provided - [BREAKING CHANGE] Changed
--endpoint
inbot create --kind registration
to default to an empty string instead of being required - Added
SCM_DO_BUILD_DURING_DEPLOYMENT
to ARM template's Application Settings for v4 Web App Bots
CDN
- Added support for
--no-wait
tocdn endpoint [create|update|start|stop|delete|load|purge]
- [BREAKING CHANGE]: Changed
cdn endpoint create
default query string caching behaviour. No longer defaults to "IgnoreQueryString". It is now set by the service
Cosmosdb
- Added support for
--enable-multiple-write-locations
on account update - Added
network-rule
subgroup with commandsadd
,remove
, andlist
for managing VNET rules of a Cosmos DB account
Interactive
- Fixed incompatibility with Interactive extension installed through azdev
Monitor
- Changed to allow dimension value
*
formonitor metrics alert [create|update]
Network
- Added
rewrite-rule
command group toapplication-gateway
Profile
- Added tenant level account support for managed service identity to
login
Postgres
- Added postgresql
replica
commands andrestart server
command - Changed to get default location from resource group when not provided for creating servers and add validation for retention days
Resource
- Improved table output for
deployment [create|list|show]
- Fixed issue with
deployment [create|validate]
where type secureObject was not recognized
Graph
- Added support for
--end-date
toad [app|sp] credential reset
- Added support to add permissions with
ad app permission add
- Fixed a bug with
ad app permission list
when there were no permissions - Changed
ad sp delete
to skip role assignment delete if the current account has no subscription - Changed
ad app create
to have--identifier-uris
default to empty list if not provided
storage
- Added
--snapshot
tostorage file download-batch
to download from a share snapshot - Changed
storage blob [download-batch|upload-batch]
progress bar to be less verbose and indicate current blob - Fixed issue with
storage account update
when updating encryption parameters - Fixed issue where
storage blob show
would fail when using oauth (--auth-mode=login
)
VM
- Added
image update
command
March 12, 2019
Version 2.0.60
Core
- Fixed an incorrect error in
cloud set
about subscription not found
ACR
- Fixed redundant sources in image import
ACS
- Changed to ignore the
--listen-address
parameter foraks browse
if it is not supported by kubectl
AppService
- Added
[webapp|functionapp] deployment list-publishing-credentials
to get the Kudu publishing url and its credentials - Removed erroneous print statement for
webapp auth update
- Fixed
functionapp
to set the correct image for runtime in Linux App Service plans - Removed preview tag for
webapp up
and added improvements to the command
Botservice
- Added
SCM_DO_BUILD_DURING_DEPLOYMENT
to ARM template's Application Settings for v4 Web App Bots - Added
Microsoft-BotFramework-AppId
andMicrosoft-BotFramework-AppPassword
to ARM template's Application Settings for v4 Web App Bots - Removed single quotes from
bot publish
command output at end ofbot create
- Changed
bot publish
to be asynchronous
Container
- Added
--no-wait
argument tocontainer [start|restart]
EventHub
- Added
--skip-empty-archives
flag toeventhub create|update
to support empty archives in capture
Find
- Major functionality update
HDInsight
- Added the
--storage-account-managed-identity
parameter tohdinsight create
to support ADLS Gen2 MSI
Network
- Fixed issue with
vpn-connection update
where updating a VPN connection between gateways in different subscriptions would fail
Rdbms
- Minor fixes to get default location from resource group when not provided for creating servers and add validation for retention days
Role
- Fixed
role definition update
to use ID to resolve definition correctly - Changed
ad app credential reset
to remove the assumption that app's service principal always exists
Service Fabric
- Fixed issue with
sf cluster list
was not iterable
February 26, 2019
Version 2.0.59
Core
- Fixed issue where in some instances using
--subscription NAME
would throw an exception
ACR
- Added
--target
parameter foracr build
,acr task create
andacr task update
commands - Improved error handling for runtime commands when not logged into Azure
ACS
- Added
--listen-address
option toaks port-forward
AppService
- Added
functionapp devops-build
command
Batch
- [BREAKING CHANGE] Removed the
batch pool upgrade os
command - [BREAKING CHANGE] Removed the
Pacakges
property fromApplication
responses - Added the
batch application package list
command to list packages of an application - [BREAKING CHANGE] Changed
--application-id
to--application-name
in allbatch application
commands, - Added the
--json-file
argument to commands for requesting the raw API response - Updated validation to automatically include
https://
in all endpoints if missing
CosmosDB
- Added
network-rule
subgroup with commandsadd
,remove
, andlist
for managing VNET rules of a Cosmos DB account
Kusto
- [BREAKING CHANGE] Changed
hot_cache_period
andsoft_delete_period
types for database to ISO8601 duration format
Network
- Added
--express-route-gateway-bypass
argument tovpn-connection [create|update]
- Added command groups from
express-route
extensions - Added
express-route gateway
andexpress-route port
command groups - Added argument
--legacy-mode
toexpress-route peering [create|update]
- Added arguments
--allow-classic-operations
and--express-route-port
toexpress-route [create|update]
- Added
--gateway-default-site
argument tovnet-gateway [create|update]
- Added
ipsec-policy
commands tovnet-gateway
Resource
- Fixed issue with
deployment create
where type field was case-sensitive - Added support for URI-based parameters file to
policy assignment create
- Added support for URI-based parameters and definitions to
policy set-definition update
- Fixed handling of parameters and rules for
policy definition update
- Fixed issue with
resource show/update/delete/tag/invoke-action
where cross-subscription IDs did not properly honor the subscription ID
Role
- Added support for app roles to
ad app [create|update]
VM
- Fixed issue with
vm create where
--accelerated-networking` was not enabled by default for Ubuntu 18.0
February 12, 2019
Version 2.0.58
Core
az --version
now displays a notification if you have packages that can be updated- Fixed regression where
--ids
could no longer be used with JSON output
ACR
- [BREAKING CHANGE] Removed
acr build-task
command group - [BREAKING CHANGE] Removed
--tag
and--manifest
options from fromacr repository delete
ACS
- Added support for case-insensitive names to
aks [enable-addons|disable-addons]
- Added support for Azure Active Directory updating operation using
aks update-credentials --reset-aad
- Added clarification that
--output
is ignored foraks get-credentials
AMS
- Added
ams streaming-endpoint [start | stop | create | update] wait
commands - Added
ams live-event [create | start | stop | reset] wait
commands
Appservice
- Added ability to create and configure functions using ACR containers
- Added support for updating webapp configurations through json
- Improved help for
appservice-plan-update
- Added support for app insights on functionapp create
- Fixed issues with webapp SSH
Botservice
- Improved UX for
bot publish
- Added warning for timeouts when running
npm install
duringaz bot publish
- Removed invalid char
.
from--name
inaz bot create
- Changed to stop randomizing resource names when creating Azure Storage, App Service Plan, Function/Web App and Application Insights
- [DEPRECATED] Deprecated
--proj-name
argument in favor of--proj-file-path
- Changed
az bot publish
to remove fetched IIS Node.js deployment files if they did not already exist - Added
--keep-node-modules
argument toaz bot publish
to not deletenode_modules
folder on App Service - Added
"publishCommand"
key-value pair to output fromaz bot create
when creating an Azure Function or Web App bot- The value of
"publishCommand"
is anaz bot publish
command prepopulated with the required parameters to publish the newly created bot
- The value of
- Updated
"WEBSITE_NODE_DEFAULT_VERSION"
in ARM template for v4 SDK bots to use 10.14.1 instead of 8.9.4
Key Vault
- Fixed issue with
keyvault secret backup
where some users received anunexpected_keyword
error when using--id
Monitor
- Changed
monitor metrics alert [create|update]
to allow dimension value*
Network
- Changed
dns zone export
to ensure exported CNAMEs are FQDNs - Added
--gateway-name
parameter tonic ip-config address-pool [add|remove]
to support application gateway backend address pools - Added
--traffic-analytics
and--workspace
arguments tonetwork watcher flow-log configure
to support traffic analytics through a Log Analytics workspace - Added
--idle-timeout
and--floating-ip
tolb inbound-nat-pool [create|update]
Policy Insights
- Added
policy remediation
commands to support resource policy remediation features
RDBMS
- Improved help message and command parameters
Redis
- Added commands for managing firewall-rules (create, update, delete, show, list)
- Added commands for managing server-link (create, delete, show, list)
- Added commands for managing patch-schedule (create, update, delete, show)
- Added support for Availability Zones and Minimum TLS Version to `redis create
- [BREAKING CHANGE] Removed
redis update-settings
andredis list-all
commands - [BREAKING CHANGE] Parameter for
redis create
: 'tenant settings' is not accepted in key[=value] format - [DEPRECATED] Added warning message for deprecating
redis import-method
command
Role
- [BREAKING CHANGE] Moved
az identity
command here fromvm
commands
SQL VM
- [DEPRECATED] Deprecated
--boostrap-acc-pwd
argument due to typo
VM
- Changed
vm list-skus
to allow use of--all
in place of--all true
- Added
vmss run-command [invoke | list | show]
- Fixed bug where
vmss encryption enable
would fail if run previously - [BREAKING CHANGE] Moved
az identity
command torole
commands
January 31, 2019
Version 2.0.57
Core
- Hot Fix for issue 8399.
January 28, 2019
Version 2.0.56
ACR
- Added support for VNet/IP rules
ACS
- Added Virtual Nodes Preview
- Added Managed OpenShift commands
- Added support for service principal updates operation with
aks update-credentials -reset-service-principal
AMS
- [BREAKING CHANGE] Renamed
ams asset get-streaming-locators
toams asset list-streaming-locators
- [BREAKING CHANGE] Renamed
ams streaming-locator get-content-keys
toams streaming-locator list-content-keys
Appservice
- Added support for app insights on
functionapp create
- Added support for app service plan creation (including Elastic Premium) to Function Apps
- Fixed app setting issues with Elastic Premium plans
Container
- Added
container start
command - Changed to allow using decimal values for CPU during container creation
EventGrid
- Added
--deadletter-endpoint
parameter toevent-subscription [create|update]
- Added storagequeue and hybridconnection as new values for 'event-subscription [create|update] --endpoint-type`
- Added
--max-delivery-attempts
and--event-ttl
parameters toevent-subscription create
to specify the retry policy for events - Added a warning message to
event-subscription [create|update]
when webhook as destination is used for an event subscription - Added source-resource-id parameter for all event subscription related commands and mark all other source resource related parameters as deprecated
HDInsight
- [BREAKING CHANGE] Removed the
--virtual-network
and--subnet-name
parameters fromhdinsight [application] create
- [BREAKING CHANGE] Changed
hdinsight create --storage-account
to accept name or id of storage account instead of blob endpoints - Added
--vnet-name
and--subnet-name
parameters tohdinsight create
- Added support for Enterprise Security Package and disk encryption to
hdinsight create
- Added
hdinsight rotate-disk-encryption-key
command - Added
hdinsight update
command
IoT
- Added encoding format to routing-endpoint command
Kusto
- Preview release
Monitor
- Changed ID comparison to be case insensitive
Profile
- Enable tenant level account for managed service identity for
login
Network
- Fixed issue with
express-route update
: where--bandwidth
argument was ignored - Fixed issue with
ddos-protection update
where set comprehension caused stack trace
Resource
- Added support for URI parameters file to
group deployment create
- Added support for managed identity to
policy assignment [create|list|show]
SQL Virtual Machine
- Preview release
Storage
- Changed fix to update only properties that are changed on the same object
- Fixed #8021, binary data is encoded in base 64 when returned
VM
- Changed
vm encryption enable
to validate disk encryption keyvault and that key encryption keyvault exists - Added
--force
flag tovm encryption enable
January 15, 2019
Version 2.0.55
ACR
- Changed to allow force push a helm chart that doesn't exist
- changed to allow runtime operations without ARM requests
- [DEPRECATED] Deprecated
--resource-group
parameter in the commands:acr login
acr repository
acr helm
ACS
- Added support for new ACI regions
Appservice
- Fixed issue with uploading certificates for apps that are hosted on an ASE, where the ASE RG & App RG are different
- Changed
webapp up
to use SKU P1V1 as default for Linux - Fixed
[webapp|functionapp] deployment source config-zip
to show the right error message when a deployment fails - Added
webapp ssh
command
Botservice
- Added deployment status updates to
bot create
Configure
- Added
none
as a configurable output format
CosmosDB
- Added support for creating database with shared throughput
HDInsight
- Added commands for managing applications
- Added commands for managing script actions
- Added commands for managing Operations Management Suite (OMS)
- Added support to list regional usage to
hdinsight list-usage
- [BREAKING CHANGE] Removed default cluster type from
hdinsight create
Network
- Added
--custom-headers
and--status-code-ranges
arguments totraffic-manager profile [create|update]
- Added new routing types: Subnet and Multivalue
- Added
--custom-headers
and--subnets
arguments totraffic-manager endpoint [create|update]
- Fixed issue where supplying
--vnets ""
toddos-protection update
caused an error
Role
- [DEPRECATED] Deprecated
--password
argument forcreate-for-rbac
. Use secure passwords generated by the CLI instead
Security
- Initial Release
Storage
- [BREAKING CHANGE] Changed
storage [blob|file|container|share] list
default number of results to be 5,000. Use--num-results *
for original behavior of returning all results - Added
--marker
parameter tostorage [blob|file|container|share] list
- Added log marker for next page to STDERR for
storage [blob|file|container|share] list
- Added
storage blob service-properties update
command with support for static websites
VM
- Changed
vm [disk|unmanaged-disk]
andvmss disk
to have more consistent parameters - Added support for cross tenant image referencing to
[vm|vmss] create
- Fixed bug with default configuration in
vm diagnostics get-default-config --windows-os
- Added argument
--provision-after-extensions
tovmss extension set
to define what extensions must be provisioned before the extension being set - Added argument
--replica-count
tosig image-version update
for setting the default replication count - Fixed bug with
image create --source
where source os disk is mistaken for a VM with the same name, even if the full resource ID is provided
December 20, 2018
Version 2.0.54
Appservice
- Fixed issue where
webapp up
would fail to redeploy - Added support for listing and restoring webapp snapshots
- Added support for
--runtime
flag to Windows function apps
IoTCentral
- Fixed update command API call
Role
- [BREAKING CHANGE] Changed
ad [app|sp] list
to only list the first 100 objects by default
SQL
- Added support for custom collation on managed instances
VM
- Added
---os-type
parameter todisk create
December 18, 2018
Version 2.0.53
ACR
- Added support for image import from external Container Registries
- Condensed the table layout for task list
- Added support for Azure DevOps URLs
ACS
- Added Virtual Nodes Preview
- Removed "(PREVIEW)" from AAD arguments to
aks create
- [DEPRECATED] Deprecated
az acs
commands. The ACS service will retire on January 31, 2020 - Added support of Network Policy when creating new AKS clusters
- Removed requirement of
--nodepool-name
argument foraks scale
if there's only one nodepool
Appservice
- Fixed issue where
webapp config container
did not honor--slot
parameter
Botservice
- Added support for
.bot
file parsing when callingbot show
- Fixed AppInsights provisioning bug
- Fixed whitespace bug when dealing with file paths
- Reduced Kudu network calls
- General command UX improvements
Consumption
- Fixed bugs for budget API to show notifications
CosmosDB
- Added support for updating account from multi-master to single-master
Maps
- Added support for the S1 SKU to
maps account [create|update]
Network
- Added support for
--format
and--log-version
towatcher flow-log configure
- Fixed issue with
dns zone update
where using "" to clear resolution and registration VNets didn't work
Resource
- Fixed handling of scope parameter for management groups in
policy assignment [create|list|delete|show|update]
- Added new command
resource wait
Storage
- Added ability to update log schema version for storage services in
storage logging update
VM
- Fixed crash in
vm identity remove
when the specified vm has no assigned managed service identities
December 4, 2018
Version 2.0.52
Core
- Added support for cross tenant resource provisioning for multi-tenant service principal
- Fixed bug where ids piped from a command with tsv output was improperly parsed
Appservice
- [PREVIEW] Added
webapp up
command that helps in creating & deploying contents to app - Fixed a bug on container based windows app due to backend change
Network
- Added
--exclusion
argument toapplication-gateway waf-config set
to support WAF exclusions
Role
- Added support for custom identifiers for password credential
VM
- [DEPRECATED] Deprecated
vm extension [show|wait] --expand
parameter - Added
--force
parameter tovm restart
to redeploy unresponsive VMs - Changed
[vm|vmss] create --authentication-type
to accept "all" to create a VM with both password and ssh authentication - Added
image create --os-disk-caching
parameter to set os disk caching for an image
November 20, 2018
Version 2.0.51
Core
- Changed MSI login to not reuse subscription name in identity
ACR
- Added context token to task step
- Added support for setting secrets in acr run to mirror acr task
- Improved support for
--top
and--orderby
forshow-tags
andshow-manifests
commands
Appservice
- Changed zip deployment default timeout to poll for the status increased to 5 mins, also adding a timeout property to customize this value
- Updated the default
node_version
. Resetting slot swap action, during a two phase swap preserves all the appsettings & connection strings - Removed client-side SKU check for Linux app service plan create
- Fixed error when trying to get zipdeploy status
IotCentral
- Added subdomain availability check when creating an IoT Central application
KeyVault
- Fixed bug where errors may have been ignored
Network
- Added
root-cert
subcommands toapplication-gateway
to handle trusted root certifcates - Added
--min-capacity
and--custom-error-pages
options toapplication-gateway [create|update]
: - Added
--zones
for availability zone support toapplication-gateway create
- Added arguments
--file-upload-limit
,--max-request-body-size
and--request-body-check
toapplication-gateway waf-config set
Rdbms
- Added mariadb vnet commands
Rbac
- Fixed an issue with attempting to update immutable credentials in
ad app update
- Added output warnings to communicate breaking changes in the near future for
ad [app|sp] list
Storage
- Improved handling of corner cases for storage copy commands
- Fixed issue with
storage blob copy start-batch
not using login credentials when the destination and source accounts are the same - Fixed bug with
storage [blob|file] url
wheresas_token
wasn't incorporated into URL - Added breaking change warning to
[blob|container] list
: will soon output only first 5000 results by default
VM
- Added support to
[vm|vmss] create --storage-sku
to specify the storage account SKU for managed OS and data disks separately - Changed version name parameters to
sig image-version
to be--image-version -e
- Deprecated
sig image-version
argument--image-version-name
, replaced by--image-version
- Added support to use local OS disk to
[vm|vmss] create --ephemeral-os-disk
- Added support for
--no-wait
tosnapshot create/update
- Added
snapshot wait
command - Added support for using instance name with
[vm|vmss] extension set --extension-instance-name
November 6, 2018
Version 2.0.50
Core
- Added support for service principal sn+issuer auth
ACR
- Added support for commit and pull request git events for Task source trigger
- Changed to use default Dockerfile if it's not specified in build command
ACS
- [BREAKING CHANGE] Removed
enable_cloud_console_aks_browse
to enable 'az aks browse' by default
Advisor
- GA release
AMS
- Added new command groups:
ams account-filter
ams asset-filter
ams content-key-policy
ams live-event
ams live-output
ams streaming-endpoint
ams mru
- Added new commands:
ams account check-name
ams job update
ams asset get-encryption-key
ams asset get-streaming-locators
ams streaming-locator get-content-keys
- Added encryption parameters support to
ams streaming-policy create
- Added support to
ams transform output remove
now can be performed by passing the output index to remove - Added
--correlation-data
and--label
arguments toams job
command group - Added
--storage-account
and--container
arguments toams asset
command group - Added default values for expiry time (Now+23h) and permissions (Read) in
ams asset get-sas-url
command - [BREAKING CHANGE] Replaced
ams streaming locator
command withams streaming-locator
- [BREAKING CHANGE] Updated
--content-keys
argument ofams streaming locator
- [BREAKING CHANGE] Renamed
--content-policy-name
to--content-key-policy-name
inams streaming locator
command - [BREAKING CHANGE] Replaced
ams streaming policy
command withams streaming-policy
- [BREAKING CHANGE] Replaced
--preset-names
argument with--preset
inams transform
command group. Now you can only set 1 output/preset at a time (to add more you have to runams transform output add
). Also, you can set custom StandardEncoderPreset by passing the path to your custom JSON - [BREAKING CHANGE] Renamed
--output-asset-names
to--output-assets
inams job start
command. Now it accepts a space-separated list of assets in 'assetName=label' format. An asset without label can be sent like this: 'assetName='
AppService
- Fixed a bug in
az webapp config backup update
that prevents setting a backup schedule if one is not already set
Configure
- Added YAML to output format options
Container
- Changed to show identity when exporting a container group to yaml
EventHub
- Added
--enable-kafka
flag to support Kafka ineventhub namespace [create|update]
Interactive
- Interactive now installs the
interactive
extension, which will allow for faster updates and support
Monitor
- Added support for metric names which include characters forward-slash (/) and period (.) to
--condition
inmonitor metrics alert [create|update]
Network
- Deprecated
network interface-endpoint
command names in favor ofnetwork private-endpoint
- Fixed issue with where
--peer-circuit
argument inexpress-route peering connection create
would not accept an ID - Fixed issue where
--ip-tags
did not work correctly withpublic-ip create
Profile
- Added
--use-cert-sn-issuer
toaz login
for service principal login with cert auto-rolls
RDBMS
- Added mysql replica commands
Resource
- Added support for management groups and subscriptions to
policy definition|set-definition
commands
Role
- Added support for API permission management, signed-in-user, and application password & certificate credential management
- Changed
ad sp create-for-rbac
to clarify the confusion between displayName and service principal name - Added support to grant permissions to AAD apps
Storage
- Added support to connect to storage services only with SAS and endpoints (without an account name or a key) as described in Configure Azure Storage connection strings.
VM
- Added
storage-sku
argument toimage create
for setting the image's default storage account type - Fixed bug with
vm resize
where--no-wait
option causes command to crash - Changed
vm encryption show
table output format to show status - Changed
vm secret format
to require json/jsonc output. Warns user and defaults to json output if an undesired output format is selected - Improved argument validation for
vm create --image
October 23, 2018
Version 2.0.49
Core
- Fixed issue with
--ids
where--subscription
would take precedence over the subscription in--ids
- Added explicit warnings when parameters would be ignored by use of
--ids
ACR
- Fixed an ACR Build encoding issue in Python2
CDN
- [BREAKING CHANGE] Changed
cdn endpoint create
's default query string caching behaviour to no longer defaults to "IgnoreQueryString". It is now set by the service
Container
- Added
Private
as a valid type to pass to '--ip-address' - Changed to allow using only subnet ID to setup a virtual network for the container group
- Changed to allow using vnet name or resource id to enable using vnets from different resource groups
- Added
--assign-identity
for adding a MSI identity to a container group - Added
--scope
to create a role assignment for the system assigned MSI identity - Added a warning when creating a container group with an image without a long running process
- Fixed table output issues for
list
andshow
commands
CosmosDB
- Added
--enable-multiple-write-locations
support tocosmosdb create
Interactive
- Changed to ensure global subscription parameter appears in parameters
IoT Central
- Added template and display name options for IoT Central Application creation
- [BREAKING CHANGE] Removed support for the F1 SKU; Use S1 SKU instead
Monitor
- Changes to
monitor activity-log list
:- Added support for listing all events at the subscription level
- Added
--offset
parameter to more easily create time queries - Improved validation for
--start-time
and--end-time
to use wider range of ISO8601 formats and more user-friendly datetime formats - Added
--namespace
as alias for deprecated option--resource-provider
- Deprecated
--filters
because no values other than those with strongly-typed options are supported by the service
- Changes to
monitor metrics list
:- Added
--offset
parameter to more easily create time queries - Improved validation for
--start-time
and--end-time
to use wider range of ISO8601 formats and more user-friendly datetime formats
- Added
- Improved validation for
--event-hub
and--event-hub-rule
arguments tomonitor diagnostic-settings create
Network
- Added
--app-gateway-address-pools
and--gateway-name
arguments tonic create
, to support adding application gateway backend address pools to a NIC - Added
--app-gateway-address-pools
and--gateway-name
arguments tonic ip-config create/update
, to support adding application gateway backend address pools to a NIC
ServiceBus
- Added Read-Only
migration_state
to MigrationConfigProperties to show current Service Bus Standard to Premium namespace migration state
SQL
- Fixed
sql failover-group create
andsql failover-group update
to work with Manual failover policy
Storage
- Fixed
az storage cors list
output formatting, all items show correct "Service" key - Added
--bypass-immutability-policy
parameter for immutability-policy blocked container deletion
VM
- Enforce disk caching mode be
None
for Lv/Lv2 series of machines in[vm|vmss] create
- Updated supported size list supporting networking accelerator for
vm create
- Added strong typed arguments for ultrassd iops and mbps configs for
disk create
October 16, 2018
Version 2.0.48
VM
- Fixed SDK issue that caused Homebrew instllation to fail
October 9, 2018
Version 2.0.47
Core
- Improved error handling for "Bad Request" errors
ACR
- Added support for similar table format as helm client
ACS
- Added
aks [create|scale] --nodepool-name
to configure nodepool name, truncated to 12 characters, default - nodepool1 - Fixed to fall back to 'scp' when Parimiko fails
- Changed
aks create
to no longer require--aad-tenant-id
- Improved merging of Kubernetes credentials when duplicate entries are present
Container
- Changed
functionapp create
to support creating a Linux consumption plan type with a specific runtime - [PREVIEW] Added support for hosting webapps on Windows containers
Event Hub
- Fixed
eventhub update
command - [BREAKING CHANGE] Changed
list
commands to handle errors for resource(s) NotFound(404) in the typical way instead of showing empty list
Extensions
- Fixed issue with attempting to add an extension that is already installed
HDInsight
- Initial release
IoT
- Added extension installation comand to first-run banner
KeyVault
- Changed to restrict keyvault storage commmands to the latest API profile
Network
- Fixed
network dns zone create
: Command succeeds even if the user has configured a default location. See #6052 - Deprecated
--remote-vnet-id
fornetwork vnet peering create
- Added
--remote-vnet
tonetwork vnet peering create
which accepts a name or ID - Added support for multiple subnet prefixes to
network vnet create
with--subnet-prefixes
- Added support for multiple subnet prefixes to
network vnet subnet [create|update]
with--address-prefixes
- Fixed issue with
network application-gateway create
that prevented creating gateways withWAF_v2
orStandard_v2
SKU - Added
--service-endpoint-policy
convenience argument tonetwork vnet subnet update
Role
- Added support for listing Azure AD app owners to
ad app owner
- Added support for listing Azure AD service principal owners to
ad sp owner
- Changed to ensure role definition create & update commands accept multiple permission configurations
- Changed
ad sp create-for-rbac
to ensure home page URI is always "https"
Service Bus
- [BREAKING CHANGE] Changed
list
commands to handle errors for resource(s) NotFound(404) in the typical way instead of showing empty list
VM
- Fixed empty
accessSas
field indisk grant-access
- Changed
vmss create
to reserve large enough frontend port range to handle overprovisioning - Fixed update commands for
sig
- Added
--no-wait
support for managing image versions insig
- Changed
vm list-ip-addresses
to show availability zone of public IP addresses - Changed
[vm|vmss] disk attach
to set disk's default lun to the first available spot
September 21, 2018
Version 2.0.46
ACR
- Added ACR Task commands
- Added quick run command
- Deprecated
build-task
command group - Added
helm
command group to support managing helm charts with ACR - Added support for idempotent create for managed registry
- Added a no-format flag for displaying build logs
ACS
- Changed the
install-connector
command to set the AKS Master FQDN - Fixed creating role assignment for vnet-subnet-id when not specifying service principal and skip-role-assignemnt
AppService
- Added support for webjobs (continuous and triggered) operations management
- az webapp config set supports --fts-state propertyAlso added support fot az functionapp config set & show
- Added support for bring your own storage for webapps
- Added support for listing and restoring deleted webapps
Batch
- Changed adding tasks through
--json-file
to support AddTaskCollectionParameter syntax - Updated documentation of accepted
--json-file
formats - Added
--max-tasks-per-node-option
tobatch pool create
- Changed behavior of
batch account
to show currently logged in account if no options are specified
Batch AI
- Fixed auto storage account creation failure in
batchai cluster create
command
Cognitive Services
- Added completer for
--sku
,--kind
,--location
arguments - Added command
cognitiveservices account list-usage
- Added command
cognitiveservices account list-kinds
- Added command
cognitiveservices account list
- Deprecated
cognitiveservices list
- Changed
--name
to be optional forcognitiveservices account list-skus
Container
- Added ability to restart and stop a running container group
- Added
--network-profile
for passing in a network profile - Added
--subnet
,--vnet_name
, to allow creating container groups in a VNET - Changed table output to show the status of the container group
Datalake
- Added commands for virtual network rules
Interactive Shell
- Fixed error on Windows where commands fail to run properly
- Fixed command loading problem in interactive that was caused by deprecated objects
IoT
- Added support for routing IoT Hubs
Key Vault
- Fixed Key Vault key import for RSA keys
Network
- Add
network public-ip prefix
commands to support public IP prefixes features - Add
network service-endpoint
commands to support service endpoint policy features - Add
network lb outbound-rule
commands to support creation of Standard Load Balancer outbound rules - Add
--public-ip-prefix
tonetwork lb frontend-ip create/update
to support frontend IP configurations using public IP prefixes - Add
--enable-tcp-reset
tonetwork lb rule/inbound-nat-rule/inbound-nat-pool create/update
- Add
--disable-outbound-snat
tonetwork lb rule create/update
- Allow
network watcher flow-log show/configure
to be used with classic NSGs - Add
network watcher run-configuration-diagnostic
command - Fix
network watcher test-connectivity
command and add--method
,--valid-status-codes
and--headers
properties network express-route create/update
: Add--allow-global-reach
flagnetwork vnet subnet create/update
: Add support for--delegation
- Added
network vnet subnet list-available-delegations
command network traffic-manager profile create/update
: Added support for--interval
,--timeout
and--max-failures
for Monitor configuration Deprecated options--monitor-path
,--monitor-port
and--monitor-protocol
in favor of--path
,--port
,--protocol
network lb frontend-ip create/update
: Fixed the logic for setting private IP allocation methodIf a private IP address is provided, the allocation will be staticIf no private IP address is provided, or empty string is provided for private IP address, allocation is dynamic.dns record-set * create/update
: Add support for--target-resource
- Add
network interface-endpoint
commands to query interface endpoint objects - Add
network profile show/list/delete
for partial management of network profiles - Add
network express-route peering connection
commands to manage peering connections between ExpressRoutes
RDBMS
- Added support for MariaDB service
Reservation
- Added CosmosDb in the reserved resource enum type
- Added name property in Patch model
Manage App
- Fixed bug in
managedapp create --kind MarketPlace
causing instance creation of a Marketplace managed app to crash - Changed
feature
commands to be restricted to supported profiles
Role
- Added support for listing user's group memberships
SignalR
- First release
Storage
- Added
--auth-mode login
parameter for use of user's login credentials for blob and queue authorization - Added
storage container immutability-policy/legal-hold
to manage immutable storage
VM
- Fixed issue where
vm create --generate-ssh-keys
overwrites private key file if public key file is missing (#4725, #6780) - Added support for shared image gallery through
az sig
August 28, 2018
Version 2.0.45
Core
- Fixed issue of loading empty configuration file
- Added support for profile
2018-03-01-hybrid
for Azure Stack
ACR
- Added a workaround for runtime operations without ARM requests
- Changed to exclude version control files (eg, .git, .gitignore) from uploaded tar by default in
build
command
ACS
- Changed
aks create
to defaults toStandard_DS2_v2
VMs - Changed
aks get-credentials
to now call new apis to get cluster credential
AppService
- Added support for CORS on functionapp & webapp
- Added ARM tag support on create commands
- Changed
[webapp|functionapp] identity show
to exit with code 3 upon a missing resource
Backup
- Changed
backup vault backup-properties show
to exit with code 3 upon a missing resource
Bot Service
- Initial Bot Service CLI Release
Cognitive Services
- Added new parameter
--api-properties,
which is required for creating some of the services
IoT
- Fixed issue with associating linked hubs
Monitor
- Added
monitor metrics alert
commands for near-realtime metric alerts - Deprecated
monitor alert
commands
Network
- Changed
network application-gateway ssl-policy predefined show
to exit with code 3 upon a missing resource
Resource
- Changed
provider operation show
to exit with code 3 upon a missing resource
Storage
- Changed
storage share policy show
to exit with code 3 upon a missing resource
VM
- Changed
vm/vmss identity show
to exit with code 3 upon a missing resource - Deprecated
--storage-caching
forvm create
Auguest 14, 2018
Version 2.0.44
Core
- Fixed numeric display in
table
output - Added YAML output format
Telemetry
- Improved telemetry reporting
ACR
- Added
content-trust policy
commands - Fixed issue where
.dockerignore
was not handled properly
ACS
- Changed
az acs/aks install-cli
to install under%USERPROFILE%\.azure-kubectl
on Windows - Changed
az aks install-connector
to detect if the cluster has RBAC and configure ACI Connector appropriately - Changed to role assignment to the subnet when it's provided
- Added new option to "skip role assignment" for subnet when it's provided
- Changed to skip role assignment to subnet when assignment already exists
AppService
- Fixed a bug that prevent from creating a function-app using storage accounts in external resource groups
- Fixed a crash on zip deployment
BatchAI
- Changed logger output for auto-storage account creation to specifies "resource group".
Container
- Added
--secure-environment-variables
for passing secure environment variables to a container
IoT
- [BREAKING CHANGE] Removed deprecated commands which have moved to the iot extension
- Updated elements to not assume
azure-devices.net
domain
Iot Central
- Initial release of IoT Central module
KeyVault
- Added commands for managing storage accounts and sas-definitions
- Added commands for network-rules
- Added
--id
parameter to secret, key, and certificate operations - Added support for KV mgmt multi-api version
- Added support for KV data plane multi-api version
Relay
- Initial release
Sql
- Added
sql failover-group
commands
Storage
- [BREAKING CHANGE] Changed
storage account show-usage
to require--location
parameter and will list by region - Changed
--resource-group
parameter to be optional forstorage account
commands - Removed 'Failed precondition' warnings for individual failures in batch commands for single aggregated message
- Changed
[blob|file] delete-batch
commands to no longer output array of nulls - Changed
blob [download|upload|delete-batch]
commands to read sas-token from container url
VM
- Added common filters to
vm list-skus
for ease of use
July 31, 2018
Version 2.0.43
ACR
- Added
--with-secure-properties
flag toacr build-task show
command - Added
acr build-task update-build
command
ACS
- Changed to return return 0 (success) when ending
az aks browse
by pressing [Ctrl+C]
Batch
- Fixed bug when showing AAD token in cloudshell
Container
- Removed requirement for
--log-analytics-workspace-key
for name or ID when in set subscription
Network
- Added dns support to 2017-03-09-profile for Azure Stack
Resource
- Added
--rollback-on-error
togroup deployment create
to execute a known-good deployment on error - Fixed issue where
--parameters {}
withgroup deployment create
resulted in an error
Role
- Added support for stack profile 2017-03-09-profile
- Fixed issue where generic update parameters to
app update
would not work correctly
Search
- Added commands for Azure Search service
Service Bus
- Added migration command group to migrate a namespace from Service Bus Standard to Premium
- Added new optional properties to Service Bus queue and Subscription
--enable-batched-operations
and--enable-dead-lettering-on-message-expiration
inqueue
--dead-letter-on-filter-exceptions
insubscriptions
Storage
- Added support for download of large files using a single connection
- Converted
show
commands that were missed from failing with exit code 3 upon a missing resource
VM
- Added support to list availability sets by subscription
- Added support for
StandardSSD_LRS
- Added support for application security group on creating VM scale set
- [BREAKING CHANGE] Changed
[vm|vmss] create
,[vm|vmss] identity assign
, and[vm|vmss] identity remove
to output user assigned identities in dictionary format
July 18, 2018
Version 2.0.42
Core
- Added support for browser-based login in WSL bash window
- Added
--force-string
flag to all generic update commands - [BREAKING CHANGE] Changed 'show' commands to log error message and fail with exit code of 3 upon a missing resource
ACR
- [BREAKING CHANGE] Updated '--no-push' to a pure flag in 'acr build' command
- Added
show
andupdate
commands underacr repository
group - Added
--detail
flag forshow-manifests
andshow-tags
to show more detailed information - Added
--image
parameter to support get build details or logs by an image
ACS
- Changed
az aks create
to error out if--max-pods
is less than 5
AppService
- Added support for PremiumV2 skus
Batch
- Fixed bug on using token credential on cloud shell mode
- Changed JSON input to be case-insensitive
Batch AI
- Fixed
az batchai job exec
command
Container
- Removed the requirement for username and password for non dockerhub registries
- Fixed error when creating container groups from yaml file
Network
- Added
--no-wait
support tonetwork nic [create|update|delete]
- Added
network nic wait
- Deprecated
--ids
argument fornetwork vnet [subnet|peering] list
- Added
--include-default
flag to include default security rules in the output ofnetwork nsg rule list
Resource
- Added
--no-wait
support togroup deployment delete
- Added
--no-wait
support todeployment delete
- Added
deployment wait
command - Fixed issue where the subscription-level
az deployment
commands erroneously appeared for profile 2017-03-09-profile
SQL
- Fixed 'The provided resource group name ... did not match the name in the Url' error when specifying elastic pool name for
sql db copy
andsql db replica create
commands - Allow configuring default sql server by executing
az configure --defaults sql-server=<name>
- Implemented table formatters for
sql server
,sql server firewall-rule
,sql list-usages
, andsql show-usage
commands
Storage
- Added
pageRanges
property tostorage blob show
output that will be populated for page blobs
VM
- [BREAKING CHANGE] Changed
vmss create
to useStandard_DS1_v2
as the default instance size - Added
--no-wait
support tovm extension [set|delete]
andvmss extension [set|delete]
- Added
vm extension wait
July 3, 2018
Version 2.0.41
AKS
- Changed monitoring to use subscription ID
Version 2.0.40
Core
- Added a new authorization code flow for interactive login
ACR
- Added polling build status
- Added support for case-insensitive enum values
- Added
--top
and--orderby
parameters forshow-manifests
ACS
- [BREAKING CHANGE] Enable Kubernetes role-based access control by default
- Added
--disable-rbac
argument and deprecated--enable-rbac
since it's the default now - Updated options for
aks browse
command. Added--listen-port
support - Updated the default helm chart package for
aks install-connector
command. Use virtual-kubelet-for-aks-latest.tgz - Added
aks enable-addons
andaks disable-addons
commands to update an existing cluster
AppService
- Added support for disabling identity via
webapp identity remove
- Removed
preview
tag for Identity feature
Backup
- Updated module definition
BatchAI
- Fixed table output for
batchai cluster node list
andbatchai job node list
commands
Cloud
- Added
acr login
server suffix to cloud config
Container
- Changed
container create
to default to long running operation - Added Log Analytics parameters
--log-analytics-workspace
and--log-analytics-workspace-key
- Added
--protocol
parameter to specify which network protocol to use
Extension
- Changed
extension list-available
to only show extensions compatible with CLI version
Network
- Fixed issue where record types were case-sensitive (#6602)
Rdbms
- Added
[postgres|myql] server vnet-rule
commands
Resource
- Added new operation group
deployment
VM
- Added support for removing system assigned identity
June 25, 2018
Version 2.0.39
CLI
- Updated file trimming in MSI installer to fix extension installation issue
June 19, 2018
Version 2.0.38
Core
- Added global support for
--subscription
to most commands
ACR
- Added
azure-storage-blob
as dependency - Changed default CPU configuration with
acr build-task create
to use 2 cores
ACS
- Updated options of
aks use-dev-spaces
command. Added--update
support - Changed
aks get-credentials --admin
to not eplace the user context in$HOME/.kube/config
- Exposed read-only
nodeResourceGroup
property on managed clusters - Fixed
acs browse
command error - Made
--connector-name
optional foraks install-connector
,aks upgrade-connector
andaks remove-connector
- Added new Azure Container Instance regions for
aks install-connector
- Added the normalized location into the helm release name and node name to
aks install-connector
AppService
- Added support for newer versions of urllib
- Added support to
functionapp create
to use appservice plan from external resource groups
Batch
- Removed
azure-batch-extensions
dependency
Batch AI
- Added support for workspaces. Workspaces allow to group clusters, file-servers and experiments in groups removing limitation on number of resources can be created
- Added support for experiments. Experiments allow to group jobs in collections removing limitation on number of created jobs
- Added support to configure
/dev/shm
for jobs running in a docker container - Added
batchai cluster node exec
andbatchai job node exec
commands. These commands allow to execute any commands directly on nodes and provide functionality for port forwarding. - Added support for
--ids
tobatchai
commands - [BREAKING CHANGE] All clusters and fileservers must be created under workspaces
- [BREAKING CHANGE] Jobs must be created under experiments
- [BREAKING CHANGE] Removed
--nfs-resource-group
fromcluster create
andjob create
commands. To mount an NFS belonging to a different workspace/resource group provide file server's ARM ID via--nfs
option - [BREAKING CHANGE] Removed
--cluster-resource-group
fromjob create
command. To submit a job on a cluster belonging to a different workspace/resource group provide cluster's ARM ID via--cluster
option - [BREAKING CHANGE] Removed
location
attribute from jobs, cluster and file servers. Location now is an attribute of a workspace. - [BREAKING CHANGE] Removed
--location
fromjob create
,cluster create
andfile-server create
commands - [BREAKING CHANGE] Changed names of short options to make interface more consistent:
- Renamed [
--config
,-c
] to [--config-file
,-f
] - Renamed [
--cluster
,-r
] to [--cluster
,-c
] - Renamed [
--cluster
,-n
] to [--cluster
,-c
] - Renamed [
--job
,-n
] to [--job
,-j
]
- Renamed [
Maps
- [BREAKING CHANGE] Changed
maps account create
to require accepting Terms of Service either by interactive prompt or--accept-tos
flag
Network
- Added support for
https
tonetwork lb probe create
#6571 - Fixed issue where
--endpoint-status
was case sensitive. #6502
Reservations
- [BREAKING CHANGE] Added required parameter
ReservedResourceType
toreservations catalog show
- Added parameter
Location
toreservations catalog show
- [BREAKING CHANGE] Removed
kind
fromReservationProperties
- [BREAKING CHANGE] Renamed
capabilities
tosku_properties
inCatalog
- [BREAKING CHANGE] Removed
size
andtier
properties fromCatalog
- Added parameter
InstanceFlexibility
toreservations reservation update
Role
- Improved error handling
SQL
- Fixed confusing error when running
az sql db list-editions
for a location that is not available to your subscription
Storage
- Changed table output for
storage blob download
to be more readable
VM
- Improved refine vm size check for accelerated networking support in
vm create
- Added warning for
vmss create
that the default vm size will be switched fromStandard_D1_v2
toStandard_DS1_v2
- Added
--force-update
to[vm|vmss] extension set
to update the extension even when the configuration has not changed
June 13, 2018
Version 2.0.37
Core
- Improved interactive telemetry
Version 2.0.36
AKS
- Added advanced networking options to
aks create
- Added arguments to
aks create
to enable monitoring and HTTP routing - Added
--no-ssh-key
argument toaks create
- Added
--enable-rbac
argument toaks create
- [PREVIEW] Added support for Azure Active Directory authentication to
aks create
AppService
- Fixed an issue with incompatible urllib versions
June 5, 2018
Version 2.0.35
Interactive
- Added limits to the dependencies of interactive mode
Version 2.0.34
Core
- Added support for cross tenant resource referencing
- Improved telemetry upload reliability
ACR
- Added support for VSTS as a remote source location
- Added
acr import
command
AKS
- Changed
aks get-credentials
to create the kube config file with more secure filesystem permissions
Batch
- Fixed bug in Pool list table formatting [Issue #4378]
IOT
- Added support for creating Basic Tier IoT Hubs
Network
- Improved
network vnet peering
Policy Insights
- Initial Release
ARM
- Added
account management-group
commands.
SQL
- Added new managed instance commands:
sql mi create
sql mi show
sql mi list
sql mi update
sql mi delete
- Added new managed database commands:
sql midb create
sql midb show
sql midb list
sql midb restore
sql midb delete
Storage
- Added extra mimetypes for json and javascript to be inferred from file extensions
VM
- Changed
vm list-skus
to use fixed columns and add warning thatTier
andSize
will be removed - Added
--accelerated-networking
option tovm create
- Added
--tags
toidentity create
May 22, 2018
Version 2.0.33
Core
- Added support for expanding
@
in file names
ACS
- Added new Dev-Spaces commands
aks use-dev-spaces
andaks remove-dev-spaces
- Fixed typo in help message
AppService
- Improved generic update commands
- Added async support for
webapp deployment source config-zip
Container
- Added support for exporting a container group in yaml format
- Added support for using a yaml file to create / update a container group
Extension
- Improved removal of extensions
Interactive
- Changed logging to mute parser for completions
- Improved handling of bad help caches
KeyVault
- Fixed keyvault commands to work in cloud shell or VMs with identity
Network
- Fix issue where
network watcher show-topology
would not work with vnet and/or subnet name #6326 - Fix issue where some
network watcher
commands would claim Network Watcher is not enabled for regions when it actually is #6264
SQL
- [BREAKING CHANGE] Changed response objects returned from
db
anddw
commands:- Renamed
serviceLevelObjective
property tocurrentServiceObjectiveName
- Removed
currentServiceObjectiveId
andrequestedServiceObjectiveId
properties - Changed
maxSizeBytes
property to be an integer value instead of a string
- Renamed
- [BREAKING CHANGE] Changed the following
db
anddw
properties to be read-only:requestedServiceObjectiveName
. To update, use the--service-objective
parameter or set thesku.name
propertyedition
. To update, use the--edition
parameter or set thesku.tier
propertyelasticPoolName
. To update, use the--elastic-pool
parameter or set theelasticPoolId
property
- [BREAKING CHANGE] Changed the following
elastic-pool
properties to be read-only:edition
. To update, use the--edition
parameterdtu
. To update, use the--capacity
parameterdatabaseDtuMin
. To update, use the--db-min-capacity
parameterdatabaseDtuMax
. To update, use the--db-max-capacity
parameter
- Added
--family
and--capacity
parameters todb
,dw
, andelastic-pool
commands. - Added table formatters to
db
,dw
, andelastic-pool
commands.
Storage
- Added completer for
--account-name
argument - Fixed problem with
storage entity query
VM
- [BREAKING CHANGE] Removed
--write-accelerator
fromvm create
. The same support can be accessed throughvm update
orvm disk attach
- Fixed extension image matching in
[vm|vmss] extension
- Added
--boot-diagnostics-storage
tovm create
to capture boot log - Added
--license-type
to[vm|vmss] update
May 7, 2018
Version 2.0.32
Core
- Fixed an unhandled exception when retrieving secrets from a service principal account with cert
- Added limited support for positional arguments
- Fix issue where
--query
could not be used with--ids
. #5591 - Improved piping scenarios from commands when using
--ids
. Supports-o tsv
with a query specified or-o json
without specifying a query - Added command suggestions on error if users have typo in their commands
- Improved error when users type
az ''
- Added support custom resource types for command modules and extensions
ACR
- Added ACR Build commands
- Improved resource not found error messages
- Improved resource creation performance and error handling
- Improved acr login in non-standard consoles and WSL
- Improved repository commands error messages
- Updated table columns and ordering
ACS
- Added warning that
az aks
is a preview service - Fixed the permission issue in
aks install-connector
when--aci-resource-group
is not specified
AMS
- Initial release - Manage Azure Media Services resources
Appservice
- Fixed a bug in
webapp delete
when--slot
is provided - Removed
--runtime-version
fromwebapp auth update
- Added support for min_tls_version & https2.0
- Added support for multicontainers
Batch AI
- Changed
batchai create cluster
to respect vm priority configured in the cluster's configuration file
Cognitive Services
- Fixed typo in example for
cognitiveservices account create
#5603
Consumption
- Added new commands for budget API
Container
- Removed requirement for
--registry-server
forcontainer create
when a registry server is included in the image name
Cosmos DB
- Introducing VNET support for Azure CLI - Cosmos DB
DMS
- Initial release - Adds support for the SQL to Azure SQL migration scenario
Extension
- Fixed bug where extension metadata stopped being shown
Interactive
- Allow interactive completers to function with positional arguments
- More user-friendly output when users type ''
- Fixed completions for parameters with no help
- Fixed descriptions for command-groups
Lab
- Fixed regressions from knack conversion
Network
- [BREAKING CHANGE] Removed the
--ids
parameter for:express-route auth list
express-route peering list
nic ip-config list
nsg rule list
route-filter rule list
route-table route list
traffic-manager endpoint list
Profile
- Fixed
disk create
source detection - [BREAKING CHANGE] Removed
--msi-port
and--identity-port
as they are no longer used - Fixed typo in
account get-access-token
short summary
Redis
- Deprecated
redis patch-schedule patch-schedule show
in favor ofredis patch-schedule show
- Deprecated
redis list-all
. This functionality has been folded intoredis list
- Deprecated
redis import-method
in favor ofredis import
- Added support for
--ids
to various commands
Role
- [BREAKING CHANGE] Removed deprecated
ad sp reset-credentials
Storage
- Allow destination sas-token to apply to source for blob copy if source sas and account key are unspecified
- Exposed --socket-timeout for blob uploads and downloads
- Treat blob names that start with path separators as relative paths
- Allow
storage blob copy --source-sas
with starting query char, '?' - Fixed
storage entity query --marker
to accept list of key=values
VM
- Fixed an invalid detection logic on unmanaged blob uri
- Added support disk encryption w/o user provided service principals
- [BREAKING CHANGE] Do not use VM 'ManagedIdentityExtension' for MSI support
- Added support for eviction policy to
vmss
- [BREAKING CHANGE] Removed
--ids
from:vm extension list
vm secret list
vm unmanaged-disk list
vmss nic list
- Added write accelerator support
- Added
vmss perform-maintenance
- Fixed
vm diagnostics set
to detect VM's OS type reliably - Changed
vm resize
to check if the requested size is different than currently set and update only on change
April 10, 2018
Version 2.0.31
ACR
- Improved error handling of wincred fallback
ACS
- Changed aks created SPNs to be valid for 5 years
Appservice
- [BREAKING CHANGE]: Removed
assign-identity
- Fixed uncaught exception for nonexistant webapp plans
BatchAI
Added support for 2018-03-01 API
- Job level mounting
- Environment variables with secret values
- Performance counters settings
- Reporting of job specific path segment
- Support for subfolders in list files api
- Usage and limits reporting
- Allow to specify caching type for NFS servers
- Support for custom images
- Added pyTorch toolkit support
Added
job wait
command which allows to wait for the job completion and reports job exit codeAdded
usage show
command to list current Batch AI resources usage and limits for different regionsNational clouds are supported
Added job command line arguments to mount filesystems on the job level in addition to config files
Added more options to customize clusters - vm priority, subnet, initial nodes count for auto-scale clusters, specifying custom image
Added command line option to specify caching type for Batch AI managed NFS
Simplified specifying mount filesystem in config files. Now you can omit credentials for Azure File Share and Azure Blob Containers - CLI will populate missing credentials using storage account key provided via command line parameters or specified via environment variable or will query the key from Azure Storage (if the storage account belongs to the current subscription)
Job file stream command now auto-completes when the job is completed (succeeded, failed, terminated or deleted)
Improved
table
output forshow
operationsAdded
--use-auto-storage
option for cluster creation. This option make it simpler to manage storage accounts and mount Azure File Share and Azure Blob Containers to clustersAdded
--generate-ssh-keys
option tocluster create
andfile-server create
Added ability to provide node setup task via command line
[BREAKING CHANGE] Moved
job stream-file
andjob list-files
commands underjob file
group[BREAKING CHANGE] Renamed
--admin-user-name
to--user-name
infile-server create
command to be consistent withcluster create
command
Billing
- Added enrollment account commands
Consumption
- Added
marketplace
commands - [BREAKING CHANGE] Renamed
reservations summaries
toreservation summary
- [BREAKING CHANGE] Renamed
reservations details
toreservation detail
- [BREAKING CHANGE] Removed
--reservation-order-id
and--reservation-id
short options forreservation
commands - [BREAKING CHANGE] Removed
--grain
short options forreservation summary
commands - [BREAKING CHANGE] Removed
--include-meter-details
short options forpricesheet
commands
Container
- Added git repo volume mount parameters
--gitrepo-url
--gitrepo-dir
--gitrepo-revision
and--gitrepo-mount-path
- Fixed #5926:
az container exec
failing when --container-name specified
Extension
- Changed distribution check message to be debug-level
Interactive
- Changed to stop completions upon unrecognized commands
- Added event hooks before and after command subtree is created
- Added completion for
--ids
parameters
Network
- Fixed #5936:
application-gateway create
tags could not bet set - Added argument
--auth-certs
to attach authentication certificates forapplication-gateway http-settings [create|update]
. #4910 - Added
ddos-protection
commands to create DDoS protection plans - Added support for
--ddos-protection-plan
tovnet [create|update]
to associate a VNet to a DDoS protection plan - Fixed issue with
--disable-bgp-route-propagation
flag innetwork route-table [create|update]
- Removed dummy arguments
--public-ip-address-type
and--subnet-type
fornetwork lb [create|update]
- Added support for TXT records with RFC 1035 escape sequences to
network dns zone [import|export]
andnetwork dns record-set txt add-record
Profile
- Added support for Azure Classic accounts in
account list
- [BREAKING CHANGE] Removed
--msi
&--msi-port
arguments
RDBMS
- Added
georestore
command - Removed storage size restriction from
create
command
Resource
- Added support for
--metadata
topolicy definition create
- Added support for
--metadata
,--set
,--add
,--remove
topolicy definition update
SQL
- Added
sql elastic-pool op list
andsql elastic-pool op cancel
Storage
- Improved error messages for malformed connection strings
VM
- Added support to configure platform fault domain count to
vmss create
- Changed
vmss create
to default to Standard LB for zonal, large or single-placement-group disabled scale-set - [BREAKING CHANGE]: Removed
vm assign-identity
,vm remove-identity and
vm format-secret` - Added support for Public-IP SKU to
vm create
- Added
--keyvault
and--resource-group
arguments tovm secret format
to support scenarios where the command is unable to resolve the vault ID. #5718 - Better errors for
[vm|vmss create]
when a resource group's location has no zone support
March 27, 2018
Version 2.0.30
Core
- Show message for extensions marked as preview in help
ACS
- Fix SSL certificate verification error for
aks install-cli
in Cloud Shell
Appservice
- Added HTTPS-only support to
webapp update
- Added support for slots to
az webapp identity [assign|show]
andaz functionapp identity [assign|show]
Backup
- Added new command
az backup protection isenabled-for-vm
. This command can be used to check if a VM is backed up by any vault in the subscription - Enabled Azure object IDs for
--resource-group
and--vault-name
parameters for the following commands:backup container show
backup item set-policy
backup item show
backup job show
backup job stop
backup job wait
backup policy delete
backup policy get-default-for-vm
backup policy list-associated-items
backup policy set
backup policy show
backup protection backup-now
backup protection disable
backup protection enable-for-vm
backup recoverypoint show
backup restore files mount-rp
backup restore files unmount-rp
backup restore restore-disks
backup vault delete
backup vault show
- Changed
--name
parameters to accept the output format frombackup ... show
commands
Container
- Added
container exec
command. Executes commands in a container for a running container group - Allow table output for creating and updating a container group
Extension
- Added message for
extension add
if extension is in preview - Changed
extension list-available
to show full extension data with--show-details
- [BREAKING CHANGE] Changed
extension list-available
to show simplified extension data by default
Interactive
- Changed completions to activate as soon as command table loading is done
- Fixed bug with using
--style
parameter - Interactive lexer instantiated after command table dump if missing
- Improved completer support
Lab
- Fixed bugs with
create environment
command
Monitor
- Added support for
--top
,--orderby
and--namespace
tometrics list
#5785 - Fixed #4529:
metrics list
Accepts a space-separated list of metrics to retrieve - Added support for
--namespace
tometrics list-definitions
#5785
Network
- Added support for Private DNS zones
Profile
- Added warning for
--identity-port
and--msi-port
tologin
RDBMS
- Added business model GA API version 2017-12-01
Resource
- [BREAKING CHANGE]: Changed
provider operation [list|show]
to not require--api-version
Role
- Added support for required access configurations and native clients to
az ad app create
- Changed
rbac
commands to return less than 1000 IDs on object resolution - Added credential management commands
ad sp credential [reset|list|delete]
- [BREAKING CHANGE] Removed 'properties' from
az role assignment [list|show]
output - Added support for
dataActions
andnotDataActions
permissions torole definition
Storage
- Fixed issue when uploading file with size between 195GB and 200GB
- Fixed #4049: Problems with append blob uploads ignoring condition parameters
VM
- Added warning to
vmss create
for upcoming breaking changes for sets with 100+ instances - Added zone resilient support to
vm [snapshot|image]
- Changed disk instance view to report better encryption status
- [BREAKING CHANGE] Changed
vm extension delete
to no longer return output
March 13, 2018
Version 2.0.29
ACR
- Added support for
--image
parameter torepository delete
- Deprecated
--manifest
and--tag
parameters of therepository delete
command - Added
repository untag
command to remove a tag without deleting data
ACS
- Added
aks upgrade-connector
command to upgrade an existing connector - Changed
kubectl
config files to use a more readable block-style YAML
Advisor
- [BREAKING CHANGE] Renamed
advisor configuration get
toadvisor configuration list
- [BREAKING CHANGE] Renamed
advisor configuration set
toadvisor configuration update
- [BREAKING CHANGE] Removed
advisor recommendation generate
- Added
--refresh
parameter toadvisor recommendation list
- Added
advisor recommendation show
command
Appservice
- Deprecated
[webapp|functionapp] assign-identity
- Added managed identity commands
webapp identity [assign|show]
andfunctionapp identity [assign|show]
Eventhubs
- Initial release
Extension
- Added check to warn user if used distro is different then the one stored in package source file, as this may lead into errors
Interactive
- Fixed #5625: Persist history across different sessions
- Fixed #3016: History not recorded while in scope
- Fixed #5688: Completions did not appear if command table loading encountered an exception
- Fixed progress meter for long running operations
Monitor
- Deprecated the
monitor autoscale-settings
commands - Added
monitor autoscale
commands - Added
monitor autoscale profile
commands - Added
monitor autoscale rule
commands
Network
- [BREAKING CHANGE] Removed
--tags
parameter fromroute-filter rule create
- Removed some erroneous default values for the following commands:
network express-route update
network nsg rule update
network public-ip update
traffic-manager profile update
network vnet-gateway update
- Added
network watcher connection-monitor
commands` - Added
--vnet
and--subnet
parameters tonetwork watcher show-topology
Profile
- Deprecated
--msi
parameter foraz login
- Added
--identity
parameter foraz login
to replace--msi
RDBMS
- [PREVIEW] Changed to use the API 2017-12-01-preview
Service Bus
- Initial release
Storage
- Fixed #4971:
storage blob copy
now supports other Azure clouds - Fixed #5286: Batch commands
storage blob [delete-batch|download-batch|upload-batch]
no longer throw an error upon precondition failures
VM
- Added support to
[vm|vmss] create
to attach unmanaged data disks and configure caching - Deprecated
[vm|vmss] assign-identity
and[vm|vmss] remove-identity
- Added
vm identity [assign|remove|show]
andvmss identity [assign|remove|show]
commands to replace deprecated commands - Changed default priority in
vmss create
to None
February 27, 2018
Version 2.0.28
Core
- Fixed #5184: Homebrew install issue
- Added support for extension telemetry with custom keys
- Added HTTP logging to
--debug
ACS
- Changed to use the the
virtual-kubelet-for-aks
Helm chart foraks install-connector
by default - Fixed issue: Insuffient permission for service principals to create ACI container group issue
- Added
--aci-container-group
,--location
, and--image-tag
parameters toaks install-connector
- Removed deprecation notice from
aks get-versions
Appservice
- Updates for new SDK version (azure-mgmt-web 0.35.0)
- Fixed #5538:
Free
reported as invalid SKU
Cognitive Services
- Updated the 'notice' when creating a new Cognitive Services account
Consumption
- Added new commands for pricesheet API
- Updated the existing Usage Details and Reservation Details formats
Container
- Added
--secrets
and--secrets-mount-path
arguments tocontainer create
to use secrets in ACI
Network
- Fixed #5559: Missing client in
network vnet-gateway vpn-client generate
Resource
- Changed
group deployment export
to display a partial template and errors on failure
Role
- Added
role assignment list-changelogs
to allow auditing of service principal roles
SQL
- Added zone redundancy support for databases and elastic pools on creation and update
Storage
- Enabled specifying destination-path/prefix for
storage blob [upload-batch|download-batch]
VM
- Added suport for attaching/detatching disks on a single VMSS instance
February 13, 2018
Version 2.0.27
Core
- Changed authentication to key on both subscription ID and name on MSI login
ACS
- [BREAKING CHANGE] Renamed
aks get-versions
toaks get-upgrades
in the interest of accuracy - Changed
aks get-versions
to show Kubernetes versions available foraks create
- Changed
aks create
defaults to letting the server choose the version of Kubernetes - Updated help messages referring to the service principal generated by AKS
- Changed default node sizes for
aks create
from "Standard_D1_v2" to "Standard_DS1_v2" - Improved reliability when locating the dashboard pod for
az aks browse
- Fixed
aks get-credentials
to handle Unicode errors when loading Kubernetes configuration files - Added a message to
az aks install-cli
to help getkubectl
in$PATH
Appservice
- Fixed issue where
webapp [backup|restore]
failed because of a null reference - Added support for default app service plans through
az configure --defaults appserviceplan=my-asp
CDN
- Added
cdn custom-domain [enable-https|disable-https]
commands
Container
- Added
--follow
option toaz container logs
for streaming logs - Added
container attach
command that attaches local standard output and error streams to a container in a container group
CosmosDB
- Added support for setting capabilities
Extension
- Added support for
--pip-proxy
parameter toaz extension [add|update]
commands - Added support for
--pip-extra-index-urls
argument toaz extension [add|update]
commands
Feedback reference
- Added extension information to telemetry data
Interactive
- Fixed issue where user is prompted to login when using interactive mode in Cloud Shell
- Fixed regression with missing parameter completions
IoT
- Fixed issue where
iot dps access policy [create|update]
would return a 'not found' error on success - Fixed issue where
iot dps linked-hub [create|update]
would return a 'not found' error on success - Added
--no-wait
support toiot dps access policy [create|update]
andiot dps linked-hub [create|update]
- Changed
iot hub create
to allow specifying the number of partitions
Monitor
- Fixed
az monitor log-profiles create
command
Network
- Fixed the
--tags
option for the following commands:network public-ip create
network lb create
network local-gateway create
network nic create
network vnet-gateway create
network vpn-connection create
Profile
- Enabled
az login
in from interactive mode
Resource
- Added back
feature show
Role
- Added
--available-to-other-tenants
argument toad app update
SQL
- Added
sql server dns-alias
commands - Added
sql db rename
- Added support for the
--ids
argument to all sql commands
Storage
- Added
storage blob service-properties delete-policy
andstorage blob undelete
commands to enable soft-delete
VM
- Fixed a crash when VM encryption may not be fully initialized
- Added principal ID output on enabling MSI
- Fixed
vm boot-diagnostics get-boot-log
January 31, 2018
Version 2.0.26
Core
- Added support raw token retrival in MSI context
- Removed polling indicator string after finishing LRO on Windows cmd.exe
- Added a warning that appears when using a configured default has been changed to an INFO level entry. Use
--verbose
to see - Add a progress indicator for wait commands
ACS
- Clarified
--disable-browser
argument - Improved tab completion for
--vm-size
arguments
Appservice
- Fixed
webapp log [tail|download]
- Removed the
kind
check on webapps and functions
CDN
- Fixed missing client issue with
cdn custom-domain create
CosmosDB
- Fixed parameter description for failover policies
Interactive
- Fixed issue where command option completions no longer appeared
Network
- Added protection for
--cert-password
toapplication-gateway create
- Fixed issue with
application-gateway update
where--sku
erroneously applied a default value - Added protection for
--shared-key
and--authorization-key
tovpn-connection create
- Fixed missing client issue with
asg create
- Added
--file-name / -f
parameter for exported names todns zone export
- Fixed the following issues with
dns zone export
:- Fixed issue where long TXT records were incorrectly exported
- Fixed issue where quoted TXT records were incorrectly exported without escaped quotes
- Fixed issue where certain records were imported twice with
dns zone import
- Restored
vnet-gateway root-cert
andvnet-gateway revoked-cert
commands
Profile
- Fixed
get-access-token
to work inside a VM with identity
Resource
- Fixed bug with
deployment [create|validate]
where warning was incorrectly displayed when a template 'type' field contained uppercase values
Storage
- Fixed issue with migrating Storage V1 accounts to Storage V2
- Added progress reporting for all upload/download commands
- Fixed bug preventing "-n" arg option with
storage account check-name
- Added 'snapshot' column to table output for
blob [list|show]
- Fixed bugs with various parameters that needed to be parsed as ints
VM
- Added
vm image accept-terms
command to allow creating VMs from images with additional charges - Fixed
[vm|vmss create]
to ensure commands can run under proxy with unsigned certificates - [PREVIEW] Added support for "low" priority to VMSS
- Added protection for
--admin-password
to[vm|vmss] create
January 17, 2018
Version 2.0.25
ACR
- Added acr login fallback on Windows credential errors
- Enabled registry logs
ACS
- Fixed
get-credentials
command - Removed SPN role requirement
Appservice
- Fixed bug with
config ssl upload
wherehosting_environment_profile
was null - Added support for custom URLs to
browse
- Fixed slot support for
log tail
Backup
- Changed
--container-name
option ofbackup item list
to be optional - Added storage account options to
backup restore restore-disks
- Fixed location check in
backup protection enable-for-vm
to be case insensitive - Fixed issue where commands failed with an invalid container name
- Changed
backup item list
to include 'Health Status' by default
Batch
- Changed
batch login
to return authentication details
Cloud
- Changed to not require endpoints when setting
--profile
on a cloud
Consumption
- Added new commands for reservations:
consumption reservations summaries
andconsumption reservations details
Event Grid
- [BREAKING CHANGE] Moved the
az eventgrid topic event-subscription
commands toeventgrid event-subscription
- [BREAKING CHANGE] Moved the
az eventgrid resource event-subscription
commands toeventgrid event-subscription
- [BREAKING CHANGE] Removed the
eventgrid event-subscription show-endpoint-url
command. Useeventgrid event-subscription show --include-full-endpoint-url
instead - Added command
eventgrid topic update
- Added command
eventgrid event-subscription update
- Added
--ids
parameter foreventgrid topic
commands - Added tab completion support for topic names
Interactive
- Fixed issue where interactive mode did not work with Python 2.x
- Fixed errors on startup
- Fixed issue with some commands not running in interactive mode
IoT
- Added support for device provisioning service
- Added deprecation messages in commands and command help
- Added IoT check to inform users of the IoT Extension
Monitor
- Added multi-diagnostic setting support. The
--name
parameter is now required foraz monitor diagnostic-settings create
- Added command
monitor diagnostic-settings categories
to get diagnostic settings category
Network
- Fixed issue when trying to change to/from active-standby mode with
vnet-gateway update
- Added support for HTTP2 to
application-gateway [create|update]
Profile
- Added support for login with user assigned identities
Role
- Added
--assignee-object-id
argument torole assignment create
to bypass graph query
Service Fabric
- Added detailed errors to validation response when creating cluster
- Fixed missing client issue with several commands
VM
- [PREVIEW] Cross-zone support for
vmss
- [BREAKING CHANGE] Changed single-zone
vmss
default to "Standard" load balancer - [BREAKING CHANGE] Changed
externalIdentities
touserAssignedIdentities
for EMSI - [PREVIEW] Added support for OS disk swap
- Added support for using VM images from other subscriptions
- Added
--plan-name
,--plan-product
,--plan-promotion-code
and--plan-publisher
arguments to[vm|vmss] create
- Fixed error issues with
[vm|vmss] create
- Fixed excessive resource usage caused by
vm image list --all
December 19, 2017
Version 2.0.23
- Added support for login with user assigned identities
Container
- Fixed incorrect order of parameters for container logs
Network
- Added
--disable-bgp-route-propagation
argument toroute-table [create|update]
- Added
--ip-tags
argument topublic-ip [create|update]
Storage
- Added support for storage V2
VM
- [PREVIEW] Added support for user-assigned identities for VMs and VMSSes
December 5, 2017
Version 2.0.22
- Removed
az component
commands. Useaz extension
instead
Core
- Modified the
AZURE_US_GOV_CLOUD
AAD authority endpoint from login.microsoftonline.com to login.microsoftonline.us - Fixed issue where telemetry would continuously resend
ACS
- Added
aks install-connector
andaks remove-connector
commands - Improved error reporting for
acs create
- Fixed usage of
aks get-credentials -f
without fully-qualified path
Advisor
- Initial release
Appservice
- Fixed cert name generation with
webapp config ssl upload
- Fixed
webapp [list|show]
andfunctionapp [list|show]
to display correct apps - Added default value for
WEBSITE_NODE_DEFAULT_VERSION
Consumption
- Aded support for API version 2017-11-30
Container
- Fixed default ports regression
Monitor
- Added multi-dimension support to metrics command
Resource
- Added
--include-response-body
argument toresource show
Role
- Added display of default assignments for "classic" administraors to
role assignment list
- Added suport to
ad sp reset-credentials
for adding credentials instead of overwriting - Improved error reporting for
ad sp create-for-rbac
SQL
- Added
sql db list-usages
andsql db show-usage
commands - Added
sql server conn-policy show
andsql server conn-policy update
commands
VM
- Added zone information to
az vm list-skus
November 14, 2017
Version 2.0.21
ACR
- Added support for creating webhooks in replication regions
ACS
- Changed all wording of "agent" to "node" in AKS
- Deprecated
--orchestrator-release
option foracs create
- Changed default VM size for AKS to
Standard_D1_v2
- Fixed
az aks browse
on Windows - Fixed
az aks get-credentials
on Windows
Appservice
- Added deployment source
config-zip
for webapps and function apps - Added
--docker-container-logging
option toaz webapp log config
- Removed the
storage
option from the parameter--web-server-logging
ofaz webapp log config
- Improved error messages for
deployment user set
- Added support for creating Linux function apps
- Fixed
list-locations
Batch
- Fixed bug in pool create command when a resource ID was used with the
--image
flag
Batchai
- Added short option,
-s
, for--vm-size
when providing VM size infile-server create
command - Added storage account name and key arguments to
cluster create
parameters - Fixed documentation for
job list-files
andjob stream-file
- Added short option,
-r
, for--cluster-name
when providing cluster name injob create
command
Cloud
- Changed
cloud [register|update]
to prevent registering clouds that have missing required endpoints
Container
- Added support to open multiple ports
- Added container group restart policy
- Added support to mount Azure File share as a volume
- Updated helper docs
Data Lake Analytics
- Changed
[job|account] list
to return more concise information
Data Lake Store
- Changed
account list
to return more concise information
Extension
- Added
extension list-available
to allow listing official Microsoft extensions - Added
--name
toextension [add|update]
to allow installing extensions by name
IoT
- Added support for certificate authorities (CA) and certificate chains
Monitor
- Added
activity-log alert
commands
Network
- Added support for CAA DNS records
- Fixed issue where endpoints could not be updated with
traffic-manager profile update
- Fixed issue where
vnet update --dns-servers
didn't work depending on how the VNET was created - Fixed issue where relative DNS names were incorrectly imported by
dns zone import
Reservations
- Initial preview release
Resource
- Added support for resource IDs to
--resource
parameter and resource-level locks
SQL
- Added
--ignore-missing-vnet-service-endpoint
parameter tosql server vnet-rule [create|update]
Storage
- Changed
storage account create
to use SKUStandard_RAGRS
as default - Fixed bugs when dealing with file/blob names that include non-ascii chars
- Fixed bug that prevented using
--source-uri
withstorage [blob|file] copy start-batch
- Added commands to glob and delete multiple objects with
storage [blob|file] delete-batch
- Fixed issue when enabling metrics with
storage metrics update
- Fixed issue with files over 200GB when using
storage blob upload-batch
- Fixed issue where
--bypass
and--default-action
were ignored bystorage account [create|update]
VM
- Fixed a bug with
vmss create
that prevented using theBasic
size tier - Added
--plan
arguments to[vm|vmss] create
for custom images with billing information - Added
vm secret
[add|remove|list]` commands - Renamed
vm format-secret
tovm secret format
- Added
--encrypt format
argument tovm encryption enable
October 24, 2017
Version 2.0.20
Core
- Updated
2017-03-09-profile
to consumeMGMT_STORAGE
API version2016-01-01
ACR
- Updated resource management to point to
2017-10-01
API version - Changed 'bring your own storage' SKU to Classic
- Renamed registry SKUs to Basic, Standard, and Premium
ACS
- [PREVIEW] Added
az aks
commands - Fixed kubernetes
get-credentials
Appservice
- Fixed issue where downloaded
webapp
logs may be invalid
Component
- Added clearer deprecation message for all installers and confirmation prompt
Monitor
- Added
action-group
commands
Resource
- Fixed incompatibility with most recent version of msrest dependency in
group export
- Fixed
policy assignment create
to work with built in policy definitions and policy set definitions
VM
- Added
--accelerated-networking
argument tovmss create
October 9, 2017
Version 2.0.19
Core
- Added handling of ADFS authority URLs with a trailing slash to Azure Stack
Appservice
- Added generic update with new command
webapp update
Batch
- Updated to Batch SDK 4.0.0
- Updated
--image
option of VirtualMachineConfiguration to support ARM image references in addition to publish:offer:sku:version - Added support for the new CLI extension model for Batch Extensions commands
- Removed Batch support from the component model
Batchai
- Initial release of Batch AI module
Keyvault
- Fixed Key Vault authentication issue when using ADFS on Azure Stack. (#4448)
Network
- Changed
--server
argument ofapplication-gateway address-pool create
to be optional, allowing for empty address pools - Updated
traffic-manager
to support latest features
Resource
- Added support for
--resource-group/-g
options for resource group name togroup
- Added commands for
account lock
to work with subscription-level locks - Added commands for
group lock
to work with group-level locks - Added commands for
resource lock
to work with resource-level locks
Sql
- Added support for SQL Transparent Data Encryption (TDE) and TDE with Bring Your Own Key
- Added
db list-deleted
command anddb restore --deleted-time
parameter, allowing the ability to find and restore deleted databases - Added
db op list
anddb op cancel
, allowing the ability to list and cancel in-progress operations on database
Storage
- Added support for file share snapshot
Vm
- Fixed a bug in
vm show
where using-d
caused a crash on missing private ip addresses - [PREVIEW] Added support for rolling upgrade to
vmss create
- Added support for updating encryption settings with
vm encryption enable
- Added
--os-disk-size-gb
parameter tovm create
- Added
--license-type
parameter for Windows tovmss create
September 22, 2017
Version 2.0.18
Resource
- Added support for showing built-in policy definitions
- Added support mode parameter for creating policy definitions
- Added support for UI definitions and templates to
managedapp definition create
- [BREAKING CHANGE] Changed
managedapp
resource type fromappliances
toapplications
andapplianceDefinitions
toapplicationDefinitions
Network
- Added support for availability zone to
network lb
andnetwork public-ip
subcommands - Added support for IPv6 Microsoft Peering to
express-route
- Added
asg
application security group commands - Added
--application-security-groups
argument tonic [create|ip-config create|ip-config update]
- Added
--source-asgs
and--destination-asgs
arguments tonsg rule [create|update]
- Added
--ddos-protection
and--vm-protection
arguments tovnet [create|update]
- Added
network [vnet-gateway|vpn-client|show-url]
commands
Storage
- Fixed issue where
storage account network-rule
commands may fail after updating the SDK
Eventgrid
- Updated Azure Event Grid Python SDK to use newer API version "2017-09-15-preview"
SQL
- Changed
sql server list
argument--resource-group
to be optional. If not specified, all sql servers in the subscription will be returned - Added
--no-wait
param todb [create|copy|restore|update|replica create|create|update]
anddw [create|update]
Keyvault
- Added support for Keyvault commands from behind a proxy
VM
- Added for support to availability zone to
[vm|vmss|disk] create
- Fixed issue where using
--app-gateway ID
withvmss create
would cause a failure - Added
--asgs
argument tovm create
- Added support for running commands on VMs with
vm run-command
- [PREVIEW] Added support for VMSS disk encryption with
vmss encryption
- Added support for performing maintenance on VMs with
vm perform-maintenance
ACS
- [PREVIEW] Added
--orchestrator-release
argument toacs create
for ACS preview regions
Appservice
- Added ability to update and show authentication settings with
webapp auth [update|show]
Backup
- Preview release
September 11, 2017
Version 2.0.17
Core
- Enabled command module to set its own correlation ID in telemetry
- Fixed JSON dump issue when telemetry is set to diagnostics mode
Acs
- Added
acs list-locations
command - Made
ssh-key-file
come with expected default value
Appservice
- Added ability to create a webapp in a resource group other than the active service plan's
CDN
- Fixed 'CustomDomain is not interable' bug for
cdn custom-domain create
Extension
- Initial Release
Keyvault
- Fixed issue where permissions were case sensitive for
keyvault set-policy
Network
- Renamed
vnet list-private-access-services
tovnet list-endpoint-services
- Renamed
--private-access-services
argument to--service-endpoints
forvnet subnet create/update
- Added support for multiple IP ranges and port ranges to
nsg rule create/update
- Added support for SKU to
lb create
- Added support for SKU to
public-ip create
Resource
- Allow passing in resource policy parameter definitions in
policy definition create
, andpolicy definition update
- Allow passing in parameter values for
policy assignment create
- Allow for passing JSON or file for all params
- Incremented API version
SQL
- Added
sql server vnet-rule
commands
VM
- Fixed: Don't assign access unless
--scope
is provided - Fixed: Use the same extension naming as portal does
- Removed
subscription
from the[vm|vmss] create
output - Fixed:
[vm|vmss] create
storage SKU is not applied on data disks with an image - Fixed:
vm format-secret --secrets
would not accept newline separated IDs
August 31, 2017
Version 2.0.16
Keyvault
- Fixed bug when trying to automatically resolve secret encoding with
secret download
Sf
- Deprecating all commands in favor of Service Fabric CLI (sfctl)
Storage
- Fixed issue where storage accounts could not be created in regions that don't support the NetworkACLs feature
- Determine content type and content encoding during blob and file upload if neither content type and content encoding are specified
August 28, 2017
Version 2.0.15
CLI
- Added legal note to
--version
ACS
- Corrected preview regions
- Formatted default
dns_name_prefix
properly - Optimized acs command output
Appservice
- [BREAKING CHANGE] Fixed inconsistencies in the output of
az webapp config appsettings [delete|set]
- Added a new alias of
-i
foraz webapp config container set --docker-custom-image-name
- Exposed
az webapp log show
- Exposed new arguments from
az webapp delete
to retain app service plan, metrics or dns registration - Fixed: Detect slot settings correctly
IoT
- Fixed #3934: Policy creation no longer clears existing policies
Network
- [BREAKING CHANGE] Renamed
vnet list-private-access-services
tovnet list-endpoint-services
- [BREAKING CHANGE] Renamed option
--private-access-services
to--service-endpoints
forvnet subnet [create|update]
- Added support for multiple IP and port ranges to
nsg rule [create|update]
- Added support for SKU to
lb create
- Added support for SKU to
public-ip create
Profile
- Exposed
--msi
and--msi-port
to login using a virtual machine's identity
Service Fabric
- Preview release
- Simplified registry user/password rules for command
- Fixed password prompt for user even after passing in the param
- Added support for empty
registry_cred
Storage
- Enabled setting blob tier
- Added
--bypass
and--default-action
arguments tostorage account [create|update]
to support service tunneling - Added commands to add VNET rules and IP based rules to
storage account network-rule
- Enabled service encryption by customer managed key
- [BREAKING CHANGE] Renamed
--encryption
option to--encryption-services
foraz storage account create and az storage account update
command - Fixed #4220:
az storage account update encryption
- syntax mismatch
VM
- Fixed issue where extra, erroneous information was displayed for
vmss get-instance-view
when using--instance-id *
- Added support for
--lb-sku
tovmss create
: - Removed human names from the admin names disallowed for
[vm|vmss] create
- Fixed issue where
[vm|vmss] create
would throw an error if unable to extract plan information from an image - Fixed a crash when creating a vmms scaleset with an internal LB
- Fixed issue where
--no-wait
argument did not work wthvm availability-set create
August 15, 2017
Version 2.0.14
ACS
- Corrected sshMaster0 port number for kubernetes
Appservice
- Fixed an exception when creatng a new git based Linux webapp
Event Grid
- Added SDK dependencies
August 11, 2017
Version 2.0.13
ACS
- Added more preview regions
Batch
- Updated to Batch SDK 3.1.0 and Batch Management SDK 4.1.0
- Added a new command show the task counts of a job
- Fixed bug in resource file SAS URL processing
- Batch account endpoint now supports optional 'https://' prefix
- Support for adding lists of more than 100 tasks to a job
- Added debug logging for loading Extensions command module
Component
- Added deprecation warning to 'az component' commands
Container
create
: Fixed issue where equals sign was not allowed inside an environment variable
Data Lake Store
- Enabled progress control
Event Grid
- Initial release
Network
lb
: Fixed issue where the certain child resource names did not resolve correctly when omittedapplication-gateway {subresource} delete
: Fixed issue where--no-wait
was not honoredapplication-gateway http-settings update
: Fixed issue where--connection-draining-timeout
could not be turned off- Fixed error unexpected keyword argument
sa_data_size_kilobyes
withaz network vpn-connection ipsec-policy add
Profile
account list
: Added--refresh
to sync up the latest subscriptions from server
Storage
- Enable update storage account with system assigned identity
VM
availability-set
: Exposed fault domain count on convert- Exposed
list-skus
command - Support to assign identity w/o creating role assignments
- Apply storage sku on attaching data disks
- Removed default os-disk name and storage SKU when using managed disks
July 28, 2017
Version 2.0.12
- Added container commands
- Added billing and consumption modules
azure-cli (2.0.12)
acr (2.0.9)
acs (2.0.11)
appservice (0.1.11)
batch (3.0.3)
billing (0.1.3)
cdn (0.0.6)
cloud (2.0.7)
cognitiveservices (0.1.6)
command-modules-nspkg (2.0.1)
component (2.0.6)
configure (2.0.10)
consumption (0.1.3)
container (0.1.7)
core (2.0.12)
cosmosdb (0.1.11)
dla (0.0.10)
dls (0.0.11)
feedback (2.0.6)
find (0.2.6)
interactive (0.3.7)
iot (0.1.10)
keyvault (2.0.8)
lab (0.0.9)
monitor (0.0.8)
network (2.0.11)
nspkg (3.0.1)
profile (2.0.9)
rdbms (0.0.5)
redis (0.2.7)
resource (2.0.11)
role (2.0.9)
sf (1.0.5)
sql (2.0.8)
storage (2.0.11)
vm (2.0.11)
Core
- Output sdk auth info for service principals with certificates
- Fixed deployment progress exceptions
- Use arm endpoint from the current cloud to create subscription client
- Improved concurrent handling of clouds.config file (#3636)
- Refresh client request id for each command execution
- Create subscription clients with right SDK profile (#3635)
- Progress Reporting for template deployments (#3510)
- Added support for picking table output fields through jmespath query (#3581)
- Improved the muting of parse args and append history with gestures (#3434)
- Create subscription clients with right SDK profile
- Move all existing recording files to latest folder
- Fixed idempotency for VM/VMSS create (#3586)
- Command paths are no longer case sensitive
- Certain boolean-type parameters are no longer case sensitive
- Support login to ADFS on prem server like Azure Stack
- Fixed concurrent writes to clouds.config (#3255)
ACR
- Added
show-usage
command for managed registries - Support SKU update for managed registries
- Added managed registries with managed SKU
- Added webhooks for managed registries with acr webhook command module
- Added AAD authentication with acr login command
- Added delete command for docker repositories, manifests, and tags
ACS
- Support for API version 2017-07-01
Appservice
- Fixed bug where listing Linux webapp would return nothing
- Support to retrieve creds from acr
- Remove all commands under
appservice web
- Mask docker registry passwords from command output (#3656)
- Ensure default browser is used on macOS without errors (#3623)
- Improve the help of
webapp log tail
andwebapp log download
(#3624) - Exposed
traffic-routing
command to configure static routing (#3566) - Added reliability fixes in configuring source control (#3245)
- Removed unsupported
--node-version
argument fromwebapp config update
for Windows webapps. Instead usewebapp config appsettings set --settings WEBSITE_NODE_DEFAULT_VERSION=...
Batch
- Updated to Batch SDK 3.0.0 with support for low-priority VMs in pools
- Renamed
pool create
option--target-dedicated
to--target-dedicated-nodes
- Added
pool create
options--target-low-priority-nodes
and--application-licenses
CDN
- Provided a better error message for
cdn endpoint list
when the profile specified by--profile-name
does not exist
Cloud
- Changed API version of cloud metadata endpoint to YYYY-MM-DD format
- Gallery endpoint isn't required
- Support for registering cloud just with ARM resource manager endpoint
- Provided an option for
cloud set
to choose the profile while selecting current cloud - Exposed
endpoint_vm_image_alias_doc
CosmosDB
- Fixed allowing creation of collection with custom partition key
- Added support for collection default TTL
Data Lake Analytics
- Added commands for compute policy management under the
dla account compute-policy
heading - Added
dla job pipeline show
- Added
dla job recurrence list
Data Lake Store
- Added support for user managed key vault key rotation in
dls account update
- Updated underlying Data Lake Store filesystem SDK version, addressing a performance issue
- Added command
dls enable-key-vault
. This command attempts to enable a user provided Key Vault for use encrypting the data ina Data Lake Store account
Interactive
- Improved the start up time by using cached commands
- Increased test coverage
- Enhanced the '?' gesture to also inject into the next command
- Fixed interactive errors with the profile 2017-03-09-profile-preview (#3587)
- Allowed
--version
as a parameter for interactive mode (#3645) - Stop interactive mode throwing errors from validation completions (#3570)
- Progress reporting for template deployments (#3510)
- Added
--progress
flag - Removed
--debug
and--verbose
from completions - Removed
interactive
from completions (#3324)
IoT
- Fixed policy creation no longer clears existing policies. (#3934)
Key vault
- Added commands for key vault recovery features:
keyvault
subcommandspurge
,recover
,keyvault list-deleted
keyvault secret
subcommandsbackup
,restore
,purge
,recover
,list-deleted
keyvault certificate
subcommandspurge
,recover
,list-deleted
keyvault key
subcommandspurge
,recover
,list-deleted
- Added service principal key vault integration (#3133)
- Updated key vault dataplane to 0.3.2. (#3307)
Lab
- Added support for claiming any vm in the lab through
az lab vm claim
- Added table output formatter for
az lab vm list
andaz lab vm show
Monitor
- Fix for template file with
monitor autoscale-settings get-parameters-template
command (#3349) - Renamed
monitor alert-rule-incidents list
tomonitor alert list-incidents
- Renamed
monitor alert-rule-incidents show
tomonitor alert show-incident
- Renamed
monitor metric-defintions list
tomonitor metrics list-definitions
- Renamed
monitor alert-rules
tomonitor alert
- Changed
monitor alert create
:condition
andaction
subcommands no longer accept JSON- Add numerous parameters to simplify the rule creation process
location
no longer required- Add name and ID support for target
- Remove
--alert-rule-resource-name
- Rename
is-enabled
toenabled
, no longer required description
defaults now based on the supplied condition- Add examples to help clarifiy the new format
- Support names or IDs for
monitor metric
commands - Added convenience arguments and examples to
monitor alert rule update
Network
- Added
list-private-access-services
command - Added
--private-access-services
argument tovnet subnet create
andvnet subnet update
- Fixed issue where
application-gateway redirect-config create
would fail - Fixed issue where
application-gateway redirect-config update
with--no-wait
would not work - Fixed bug when using
--servers
argument withapplication-gateway address-pool create
andapplication-gateway address-pool update
- Added
application-gateway redirect-config
commands - Added commands to
application-gateway ssl-policy
:list-options
,predefined list
,predefined show
- Added arguments to
application-gateway ssl-policy set
:--name
,--cipher-suites
,--min-protocol-version
- Added arguments to
application-gateway http-settings create
andapplication-gateway http-settings update
:--host-name-from-backend-pool
,--affinity-cookie-name
,--enable-probe
,--path
- Added arguments to
application-gateway url-path-map create
andapplication-gateway url-path-map update
:--default-redirect-config
,--redirect-config
- Added argument
--redirect-config
toapplication-gateway url-path-map rule create
- Added support for
--no-wait
toapplication-gateway url-path-map rule delete
- Added arguments to
application-gateway probe create
andapplication-gateway probe update
:--host-name-from-http-settings
,--min-servers
,--match-body
,--match-status-codes
- Added argument
--redirect-config
toapplication-gateway rule create
andapplication-gateway rule update
- Added support for
--accelerated-networking
tonic create
andnic update
- Removed
--internal-dns-name-suffix
argument fromnic create
- Added support for
--dns-servers
tonic update
andnic create
: Add support for --dns-servers - Fixed bug where
local-gateway create
ignored--local-address-prefixes
- Added support for
--dns-servers
tovnet update
- Fixed bug when creating a peering without route filtering with
express-route peering create
- Fixed bug where
--provider
and--bandwidth
arguments did not work withexpress-route update
- Fixed bug with
network watcher show-topology
defaulting logic - Improved output formatting for
network list-usages
- Use default frontend IP for
application-gateway http-listener create
if only one exists - Use default address pool, HTTP settings, and HTTP listener for
application-gateway rule create
if only one exists - Use default frontend IP and backend pool for
lb rule create
if only one exists - Use default frontend IP for
lb inbound-nat-rule create
if only one exists
Profile
- Support login inside a VM with a managed identity
- Support output for
account show
in SDK auth file format - Show deprecation warnings when using '--expanded-view'
- Added
get-access-token
command to provide raw AAD token - Support login with a user account with no associated subscriptions
RDBMS
- Support listing servers across a subscription (#3417)
- Fixed
%s
not processed because of missing% server_type
(#3393) - Fixed doc source map and added CI task to verify (#3361)
- Fixed MySQL and PostgreSQL help (#3369)
Resource
- Improved prompts for missing parameters for
group deployment create
- Improved parsing of
--parameters KEY=VALUE
syntax - Fixed issues where
group deployment create
parameter files were no longer recognized using@<file>
syntax - Support
--ids
argument forresource
andmanagedapp
commands - Fixed up some parsing and error messages (#3584)
- Fixed
--resource-type
parsing for thelock
command to accept<resource-namespace>
and<resource-type>
- Added parameter checking for template link templates (#3629)
- Added support for specifying deployment parameters using
KEY=VALUE
syntax
Role
- Support output in SDK auth file format for
create-for-rbac
- Cleaned up role assignments and related AAD application when deleting a service principal (#3610)
- Include time format in
app create
args--start-date
and--end-date
descriptions - Show deprecation warnings when using
--expanded-view
- Added key vault integration to the
create-for-rbac
andreset-credentials
commands
Service Fabric
- Fixed an issue with large files in applications being truncated on upload (#3666)
- Added tests for Service Fabric commands (#3424)
- Fixed numerous Service Fabric commands (#3234)
SQL
- Removed broken
sql server create
--identity
parameter - Removed password values from
sql server create
andsql server update
command output - Added commands
sql db list-editions
andsql elastic-pool list-editions
Storage
- Removed
--marker
option fromstorage blob list
,storage container list
, andstorage share list
commands (#3745) - Enabled creating an https-only storage account
- Updated storage metrics, logging and cors commands (#3495)
- Rephrased exception message from CORS add (#3638) (#3362)
- Converted generator to a list in download batch command dry run mode (#3592)
- Fixed blob download batch dryrun issue (#3640) (#3592)
VM
- Support configuring nsg
- Fixed a bug where the DNS server would not be configured correctly
- Support managed service identities
- Fixed issue where
cmss create
with an existing load balancer required--backend-pool-name
- Make datadisks created with
vm image create
lun start with 0
May 10, 2017
Version 2.0.6
- documentdb renamed to cosmosdb
- Add rdbms (mysql, postgres)
- Include Data Lake Analytics and Data Lake Store modules
- Include Cognitive Services module
- Include Service Fabric module
- Include Interactive module (rename of az-shell)
- Add support for CDN commands
- Remove Container module
- Add 'az -v' as shortcut for 'az --version' (#2926)
- Improve performance of package load and command execution (#2819)
azure-cli (2.0.6)
acr (2.0.4)
acs (2.0.6)
appservice (0.1.6)
batch (2.0.4)
cdn (0.0.2)
cloud (2.0.2)
cognitiveservices (0.1.2)
command-modules-nspkg (2.0.0)
component (2.0.4)
configure (2.0.6)
core (2.0.6)
cosmosdb (0.1.6)
dla (0.0.6)
dls (0.0.6)
feedback (2.0.2)
find (0.2.2)
interactive (0.3.1)
iot (0.1.5)
keyvault (2.0.4)
lab (0.0.4)
monitor (0.0.4)
network (2.0.6)
nspkg (3.0.0)
profile (2.0.4)
rdbms (0.0.1)
redis (0.2.3)
resource (2.0.6)
role (2.0.4)
sf (1.0.1)
sql (2.0.3)
storage (2.0.6)
vm (2.0.6)
Core
- core: capture exceptions caused by unregistered provider and auto-register it
- perf: persist adal token cache in memory till process exits (#2603)
- Fix bytes returned from hex fingerprint -o tsv (#3053)
- Enhanced Key Vault Certificate Download and AAD SP Integration (#3003)
- Add Python location to ‘az —version’ (#2986)
- login: support login when there are no subscriptions (#2929)
- core: fix a failure when login using a service principal twice (#2800)
- core: Allow file path of accessTokens.json to be configurable through an env var (#2605)
- core: Allow configured defaults to apply on optional args (#2703)
- core: Improved performance
- core: Custom CA Certs - Support setting REQUESTS_CA_BUNDLE environment variable
- core: Cloud configuration - use 'resource manager' endpoint if 'management' endpoint not set
ACS
- fix the master and agent count to be integer instead of string
- expose 'az acs create --no-wait' and 'az acs wait' for async creation
- expose 'az acs create --validate' for dry-run validations
- remove windows profile before PUT call for scale command (#2755)
AppService
- functionapp: add full functionapp supports, including create, show, list, delete, hostname, ssl, etc
- Adding Team Services (vsts) as a continuous delivery option to "appservice web source-control config"
- Create "az webapp" to replace "az appservice web" (for backward compat, "az appservice web" will stay for 2 releases)
- Expose arguments to configure deployment and "runtime stacks" on webapp create
- Expose "webapp list-runtimes"
- support configure connection strings (#2647)
- support slot swap with preview
- Polish errors from appservice commands (#2948)
- Use the app service plan's resource group for cert operations (#2750)
CosmosDB
- Rename documentdb module to cosmosdb
- Added support for documentdb data-plane APIs: database and collection management
- Added support for enabling automatic failover on database accounts
- Added support for new consistency policy ConsistentPrefix
Data Lake Analytics
Fix a bug where filtering on result and state for job lists would throw an error
Add support for new catalog item type: package. accessed through:
az dla catalog package
Made it possible to list the following catalog items from within a database (no schema specification required):
- Table
- Table valued function
- View
- Table Statistics. This can also be listed with a schema, but without specifying a table name
Data Lake Store
- Update the version of the underlying filesystem SDK, which gives better support for handling server side throttling scenarios
- Improve performance of package load and command execution (#2819)
- missed help for access show. adding it. (#2743)
Find
- improve search results and allow for versioning of the search index
KeyVault
- BC:
az keyvault certificate download
change -e from string or binary to PEM or DER to better represent the options - BC: Remove --expires and --not-before from
keyvault certificate create
as these parameters are not supported by the service - Adds the --validity parameter to
keyvault certificate create
to selectively override the value in --policy - Fixes issue in
keyvault certificate get-default-policy
where 'expires' and 'not_before' were exposed but 'validity_in_months' was not - keyvault fix for import of pem and pfx (#2754)
Lab
- Adding create, show, delete & list commands for environment in the lab
- Adding show & list commands to view ARM templates in the lab
- Adding --environment flag in
az lab vm list
to filter VMs by environment in the lab - Add convenience command
az lab formula export-artifacts
to export artifact scaffold within a Lab's formula - Add commands to manage secrets within a Lab
Monitor
- Bug Fix: Modeling
--actions
ofaz alert-rules create
to consume JSON string (#3009) - Bug fix - diagnostic settings create does not accept logs/metrics from show commands (#2913)
Network
- Add
network watcher test-connectivity
command - Add support for
--filters
parameter fornetwork watcher packet-capture create
- Add support for Application Gateway connection draining
- Add support for Application Gateway WAF rule set configuration
- Add support for ExpressRoute route filters and rules
- Add support for TrafficManager geographic routing
- Add support for VPN connection policy-based traffic selectors
- Add support for VPN connection IPSec policies
- Fix bug with
vpn-connection create
when using the--no-wait
or--validate
parameters - Add support for active-active VNet gateways
- Remove nulls values from output of
network vpn-connection list/show
commands - BC: Fix bug in the output of
vpn-connection create
- Fix bug where '--key-length' argument of 'vpn-connection create' was not parsed correctly
- Fix bug in
dns zone import
where records were not imported correctly - Fix bug where
traffic-manager endpoint update
did not work - Add 'network watcher' preview commands
Profile
- Support login when there are no subscriptions found (#2560)
- Support short param name in az account set --subscription (#2980)
Redis
- Adding update command which also adds the ability to scale for redis cache
- Deprecates the 'update-settings' command
Resource
- Add managedapp and managedapp definition commands (#2985)
- Support 'provider operation' commands (#2908)
- Support generic resource create (#2606)
- Fix resource parsing and api version lookup. (#2781)
- Add docs for az lock update. (#2702)
- Error out if you try to list resources for a group that doesn't exist. (#2769)
- [Compute] Fix issues with VMSS and VM availability set update. (#2773)
- Fix lock create and delete if parent-resource-path is None (#2742)
Role
- create-for-rbac: ensure SP's end date will not exceed certificate's expiration date (#2989)
- RBAC: add full support for 'ad group' (#2016)
- role: fix issues on role definition update (#2745)
- create-for-rbac: ensure user provided password is picked up
SQL
- Added az sql server list-usages and az sql db list-usages commands
- SQL - ability to connect directly to resource provider (#2832)
Storage
- Default location to resource group location for
storage account create
- Add support for incremental blob copy
- Add support for large block blob upload
- Change block size to 100MB when file to upload is larger than 200GB
VM
avail-set: make UD&FD domain counts optional
note: VM commands in sovereign clouds Please avoid managed disk related features, including the following:
- az disk/snapshot/image
- az vm/vmss disk
- Inside "az vm/vmss create", use "—use-unmanaged-disk" to avoid managed disk Other commands should work
vm/vmss: improve the warning text when generates ssh key pairs
vm/vmss: support create from a market place image which requires plan info (#1209)
April 3, 2017
Version 2.0.2
We released the ACR, Batch, KeyVault, and SQL components in this release
azure-cli (2.0.2)
acr (2.0.0)
acs (2.0.2)
appservice (0.1.2)
batch (2.0.0)
cloud (2.0.0)
component (2.0.0)
configure (2.0.2)
container (0.1.2)
core (2.0.2)
documentdb (0.1.2)
feedback (2.0.0)
find (0.0.1b1)
iot (0.1.2)
keyvault (2.0.0)
lab (0.0.1)
monitor (0.0.1)
network (2.0.2)
nspkg (2.0.0)
profile (2.0.2)
redis (0.1.1b3)
resource (2.0.2)
role (2.0.1)
sql (2.0.0)
storage (2.0.2)
vm (2.0.2)
Core
- Add acr, lab, monitor, and find modules to default list
- Login: skip erroneous tenant (#2634)
- login: set default subscription to one with the state of "Enabled" (#2575)
- Add wait commands and --no-wait support to more commands (#2524)
- core: support login using service principal with a cert (#2457)
- Add prompting for missing template parameters. (#2364)
- Support setting default values for common arguments like default resource group, default web, default vm
- Support login to specific tenant
ACS
- [ACS] Adding support for configuring a default ACS cluster (#2554)
- Add support for ssh key password prompting. (#2044)
- Add support for windows clusters. (#2211)
- Switch from Owner to Contributor role. (#2321)
AppService
- appservice: support to get external ip address used for DNS A records (#2627)
- appservice: support binding wildcard certificates (#2625)
- appservice: support list publishing profiles (#2504)
- AppService - Trigger source control sync after config (#2326)
DataLake
- Initial release of Data Lake Analytics module
- Initial release of Data Lake Store module
DocuemntDB
- DocumentDB: Adding support for listing connection strings (#2580)
VM
- [Compute] Add AppGateway support to virtual machine scale set create (#2570)
- [VM/VMSS] Improved disk caching support (#2522)
- VM/VMSS: incorporate credentials validation logic used by portal (#2537)
- Add wait commands and --no-wait support (#2524)
- Virtual machine scale set: support * to list instance view across vms (#2467)
- Add --secrets for VM and virtual machine scale set ([#2212}(https://github.com/Azure/azure-cli/pull/2212))
- Allow VM creation with specialized VHD (#2256)
February 27, 2017
Version 2.0.0
This release of Azure CLI 2.0 is the first "Generally Available" release General availability applies to these command modules:
- Container Service (acs)
- Compute (including Resource Manager, VM, virtual machine scale sets, Managed Disks)
- Networking
- Storage
These command modules can be used in production and are supported by standard Microsoft SLA
You can open issues directly with Microsoft support or on our github issues list
You can ask questions on StackOverflow using the azure-cli tag,
or contact the product team at [email protected]
You can provide feedback from the command line with the az feedback
command
The commands in these modules are stable and the syntax is not expected to change in upcoming releases of this version of Azure CLI
To verify the version of the CLI, use az --version
The output lists the version of the CLI itself (2.0.0 in this release), the individual command modules,
and the versions of Python and GCC that you're using
azure-cli (2.0.0)
acs (2.0.0)
appservice (0.1.1b5)
batch (0.1.1b4)
cloud (2.0.0)
component (2.0.0)
configure (2.0.0)
container (0.1.1b4)
core (2.0.0)
documentdb (0.1.1b2)
feedback (2.0.0)
iot (0.1.1b3)
keyvault (0.1.1b5)
network (2.0.0)
nspkg (2.0.0)
profile (2.0.0)
redis (0.1.1b3)
resource (2.0.0)
role (2.0.0)
sql (0.1.1b5)
storage (2.0.0)
vm (2.0.0)
Python (Darwin) 2.7.10 (default, Jul 30 2016, 19:40:32)
[GCC 4.2.1 Compatible Apple LLVM 8.0.0 (clang-800.0.34)]
Note
Some of the command modules have a "bn" or "rcn" postfix These command modules are still in preview and will become generally available in the future
We also have nightly preview builds of the CLI For information, see these instructions on getting the nightly builds, and these instructions on developer setup and contributing code
You can report issues with nightly preview builds in the following ways:
- Report issues in our github issues list
- Contact the product team at [email protected]
- Provide feedback from the command line with the
az feedback
command