az stack mg
Manage Deployment Stacks at management group.
Commands
Name | Description | Type | Status |
---|---|---|---|
az stack mg create |
Create or update a deployment stack at management group scope. |
Core | GA |
az stack mg delete |
Delete specified deployment stack from management group scope. |
Core | GA |
az stack mg export |
Export the template used to create the deployment stack. |
Core | GA |
az stack mg list |
List all deployment stacks in management group. |
Core | GA |
az stack mg show |
Get specified deployment stack from management group scope. |
Core | GA |
az stack mg validate |
Validate a deployment stack at management group scope. |
Core | GA |
az stack mg create
Create or update a deployment stack at management group scope.
az stack mg create --action-on-unmanage {deleteAll, deleteResources, detachAll}
--deny-settings-mode {denyDelete, denyWriteAndDelete, none}
--location
--management-group-id
--name
[--bse {false, true}]
[--cs]
[--deny-settings-excluded-actions]
[--deny-settings-excluded-principals]
[--deployment-subscription]
[--description]
[--no-wait]
[--parameters]
[--query-string]
[--tags]
[--template-file]
[--template-spec]
[--template-uri]
[--yes]
Examples
Create a deployment stack using template file and detach all resources on unmanage.
az stack mg create --name StackName --management-group-id myMg --template-file simpleTemplate.json --location westus2 --description description --deny-settings-mode None --action-on-unmanage detachAll
Create a deployment stack with parameter file and delete resources on unmanage.
az stack mg create --name StackName --management-group-id myMg --action-on-unmanage deleteResources --template-file simpleTemplate.json --parameters simpleTemplateParams.json --location westus2 --description description --deny-settings-mode None
Create a deployment stack with template spec.
az stack mg create --name StackName --management-group-id myMg --template-spec TemplateSpecResourceIDWithVersion --location westus2 --description description --deny-settings-mode None --action-on-unmanage deleteResources
Create a deployment stack using bicep file and delete all resources on unmanage.
az stack mg create --name StackName --management-group-id myMg --action-on-unmanage deleteAll --template-file simple.bicep --location westus2 --description description --deny-settings-mode None
Create a deployment stack using parameters from key/value pairs.
az stack mg create --name StackName --management-group-id myMg --template-file simpleTemplate.json --location westus --description description --parameters simpleTemplateParams.json value1=foo value2=bar --deny-settings-mode None --action-on-unmanage deleteResources
Create a deployment stack from a local template, using a parameter file, a remote parameter file, and selectively overriding key/value pairs.
az stack mg create --name StackName --management-group-id myMg --template-file azuredeploy.json --parameters @params.json --parameters https://mysite/params.json --parameters MyValue=This [email protected] --location westus --deny-settings-mode None --action-on-unmanage deleteResources
Create a deployment stack from a local template, using deny settings.
az stack mg create --name StackName --management-group-id myMg --template-file azuredeploy.json --deny-settings-mode denyDelete --deny-settings-excluded-actions Microsoft.Compute/virtualMachines/write --deny-settings-excluded-principals "test1 test2" --location westus --action-on-unmanage deleteResources
Create a deployment stack from a local template, apply deny settings to child scope.
az stack mg create --name StackName --management-group-id myMg --template-file azuredeploy.json --deny-settings-mode denyDelete --deny-settings-excluded-actions Microsoft.Compute/virtualMachines/write --deny-settings-apply-to-child-scopes --location westus --action-on-unmanage deleteResources
Required Parameters
Defines what happens to resources that are no longer managed after the stack is updated or deleted.
Define which operations are denied on resources managed by the stack.
The location to store deployment stack.
The management group id to create stack at.
The name of the deployment stack.
Optional Parameters
Flag to bypass service errors that indicate the stack resource list is not correctly synchronized.
DenySettings will be applied to child scopes.
List of role-based management operations that are excluded from the denySettings. Up to 200 actions are permitted.
List of AAD principal IDs excluded from the lock. Up to 5 principals are permitted.
The scope at which the initial deployment should be created. If a scope is not specified, it will default to the scope of the deployment stack.
The description of deployment stack.
Do not wait for the long-running operation to finish.
Parameters may be supplied from a file using the @{path}
syntax, a JSON string, or as <KEY=VALUE> pairs. Parameters are evaluated in order, so when a value is assigned twice, the latter value will be used. It is recommended that you supply your parameters file first, and then override selectively using KEY=VALUE syntax.
The query string (a SAS token) to be used with the template-uri in the case of linked templates.
Space-separated tags: key[=value] [key[=value] ...]. Use "" to clear existing tags.
A path to a template file or Bicep file in the file system.
The template spec resource id.
A uri to a remote template file.
Do not prompt for confirmation.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az stack mg delete
Delete specified deployment stack from management group scope.
az stack mg delete --action-on-unmanage {deleteAll, deleteResources, detachAll}
--management-group-id
[--bse {false, true}]
[--id]
[--name]
[--yes]
Examples
Delete stack by name.
az stack mg delete --name StackName --management-group-id myMg --action-on-unmanage detachAll
Delete stack by stack resource id.
az stack mg delete --id /providers/Microsoft.Management/managementGroups/myMg/providers/Microsoft.Resources/deploymentStacks/StackName --management-group-id myMg --action-on-unmanage deleteAll
Required Parameters
Defines what happens to resources that are no longer managed after the stack is updated or deleted.
The management group id to create stack at.
Optional Parameters
Flag to bypass service errors that indicate the stack resource list is not correctly synchronized.
The deployment stack resource id.
The deployment stack name.
Do not prompt for confirmation.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az stack mg export
Export the template used to create the deployment stack.
az stack mg export --management-group-id
[--id]
[--name]
Examples
Export template by name.
az stack mg export --name StackName --management-group-id myMg
Export template by stack resource id.
az stack mg export --id /providers/Microsoft.Management/managementGroups/myMg/providers/Microsoft.Resources/deploymentStacks/StackName --management-group-id myMg
Required Parameters
The management group id to create stack at.
Optional Parameters
The deployment stack resource id.
The deployment stack name.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az stack mg list
List all deployment stacks in management group.
az stack mg list --management-group-id
Examples
List all stacks
az stack mg list --management-group-id myMg
Required Parameters
The management group id to create stack at.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az stack mg show
Get specified deployment stack from management group scope.
az stack mg show --management-group-id
[--id]
[--name]
Examples
Get stack by name.
az stack mg show --name StackName --management-group-id myMg
Get stack by stack resource id.
az stack mg show --id /providers/Microsoft.Management/managementGroups/myMg/providers/Microsoft.Resources/deploymentStacks/StackName --management-group-id myMg
Required Parameters
The management group id to create stack at.
Optional Parameters
The deployment stack resource id.
The deployment stack name.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az stack mg validate
Validate a deployment stack at management group scope.
az stack mg validate --action-on-unmanage {deleteAll, deleteResources, detachAll}
--deny-settings-mode {denyDelete, denyWriteAndDelete, none}
--location
--management-group-id
--name
[--bse {false, true}]
[--cs]
[--deny-settings-excluded-actions]
[--deny-settings-excluded-principals]
[--deployment-subscription]
[--description]
[--parameters]
[--query-string]
[--tags]
[--template-file]
[--template-spec]
[--template-uri]
Examples
Validate a deployment stack using template file and detach all resources on unmanage.
az stack mg validate --name StackName --management-group-id myMg --template-file simpleTemplate.json --location westus2 --description description --deny-settings-mode None --action-on-unmanage detachAll
Validate a deployment stack with parameter file and delete resources on unmanage.
az stack mg validate --name StackName --management-group-id myMg --action-on-unmanage deleteResources --template-file simpleTemplate.json --parameters simpleTemplateParams.json --location westus2 --description description --deny-settings-mode None
Validate a deployment stack with template spec.
az stack mg validate --name StackName --management-group-id myMg --template-spec TemplateSpecResourceIDWithVersion --location westus2 --description description --deny-settings-mode None --action-on-unmanage deleteResources
Validate a deployment stack using bicep file and delete all resources on unmanage.
az stack mg validate --name StackName --management-group-id myMg --action-on-unmanage deleteAll --template-file simple.bicep --location westus2 --description description --deny-settings-mode None
Validate a deployment stack using parameters from key/value pairs.
az stack mg validate --name StackName --management-group-id myMg --template-file simpleTemplate.json --location westus --description description --parameters simpleTemplateParams.json value1=foo value2=bar --deny-settings-mode None --action-on-unmanage deleteResources
Validate a deployment stack from a local template, using a parameter file, a remote parameter file, and selectively overriding key/value pairs.
az stack mg validate --name StackName --management-group-id myMg --template-file azuredeploy.json --parameters @params.json --parameters https://mysite/params.json --parameters MyValue=This [email protected] --location westus --deny-settings-mode None --action-on-unmanage deleteResources
Validate a deployment stack from a local template, using deny settings.
az stack mg validate --name StackName --management-group-id myMg --template-file azuredeploy.json --deny-settings-mode denyDelete --deny-settings-excluded-actions Microsoft.Compute/virtualMachines/write --deny-settings-excluded-principals "test1 test2" --location westus --action-on-unmanage deleteResources
Validate a deployment stack from a local template, apply deny settings to child scope.
az stack mg validate --name StackName --management-group-id myMg --template-file azuredeploy.json --deny-settings-mode denyDelete --deny-settings-excluded-actions Microsoft.Compute/virtualMachines/write --deny-settings-apply-to-child-scopes --location westus --action-on-unmanage deleteResources
Required Parameters
Defines what happens to resources that are no longer managed after the stack is updated or deleted.
Define which operations are denied on resources managed by the stack.
The location to store deployment stack.
The management group id to create stack at.
The name of the deployment stack.
Optional Parameters
Flag to bypass service errors that indicate the stack resource list is not correctly synchronized.
DenySettings will be applied to child scopes.
List of role-based management operations that are excluded from the denySettings. Up to 200 actions are permitted.
List of AAD principal IDs excluded from the lock. Up to 5 principals are permitted.
The scope at which the initial deployment should be created. If a scope is not specified, it will default to the scope of the deployment stack.
The description of deployment stack.
Parameters may be supplied from a file using the @{path}
syntax, a JSON string, or as <KEY=VALUE> pairs. Parameters are evaluated in order, so when a value is assigned twice, the latter value will be used. It is recommended that you supply your parameters file first, and then override selectively using KEY=VALUE syntax.
The query string (a SAS token) to be used with the template-uri in the case of linked templates.
Space-separated tags: key[=value] [key[=value] ...]. Use "" to clear existing tags.
A path to a template file or Bicep file in the file system.
The template spec resource id.
A uri to a remote template file.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.