Share via


az keyvault network-rule

Manage vault network ACLs.

Commands

Name Description Type Status
az keyvault network-rule add

Add a network rule to the network ACLs for a Key Vault.

Core GA
az keyvault network-rule list

List the network rules from the network ACLs for a Key Vault.

Core GA
az keyvault network-rule remove

Remove a network rule from the network ACLs for a Key Vault.

Core GA
az keyvault network-rule wait

Place the CLI in a waiting state until a condition of the vault is met.

Core GA

az keyvault network-rule add

Add a network rule to the network ACLs for a Key Vault.

az keyvault network-rule add --name
                             [--ip-address]
                             [--no-wait]
                             [--resource-group]
                             [--subnet]
                             [--vnet-name]

Required Parameters

--name -n

Name of the Vault.

Optional Parameters

--ip-address

IPv4 address or CIDR range. Can supply a list: --ip-address ip1 [ip2]...

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--resource-group -g

Proceed only if Key Vault belongs to the specified resource group.

--subnet

Name or ID of subnet. If name is supplied, --vnet-name must be supplied.

--vnet-name

Name of a virtual network.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az keyvault network-rule list

List the network rules from the network ACLs for a Key Vault.

az keyvault network-rule list --name
                              [--resource-group]

Required Parameters

--name -n

Name of the Vault.

Optional Parameters

--resource-group -g

Proceed only if Key Vault belongs to the specified resource group.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az keyvault network-rule remove

Remove a network rule from the network ACLs for a Key Vault.

az keyvault network-rule remove --name
                                [--ip-address]
                                [--no-wait]
                                [--resource-group]
                                [--subnet]
                                [--vnet-name]

Required Parameters

--name -n

Name of the Vault.

Optional Parameters

--ip-address

IPv4 address or CIDR range. Can supply a list: --ip-address ip1 [ip2]...

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--resource-group -g

Proceed only if Key Vault belongs to the specified resource group.

--subnet

Name or ID of subnet. If name is supplied, --vnet-name must be supplied.

--vnet-name

Name of a virtual network.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az keyvault network-rule wait

Place the CLI in a waiting state until a condition of the vault is met.

az keyvault network-rule wait --name
                              [--created]
                              [--custom]
                              [--deleted]
                              [--exists]
                              [--interval]
                              [--resource-group]
                              [--timeout]
                              [--updated]

Examples

Pause CLI until the network ACLs are updated.

az keyvault network-rule wait --name MyVault --updated

Required Parameters

--name -n

Name of the Vault.

Optional Parameters

--created

Wait until created with 'provisioningState' at 'Succeeded'.

Default value: False
--custom

Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].

--deleted

Wait until deleted.

Default value: False
--exists

Wait until the resource exists.

Default value: False
--interval

Polling interval in seconds.

Default value: 30
--resource-group -g

Proceed only if Key Vault belongs to the specified resource group.

--timeout

Maximum wait in seconds.

Default value: 3600
--updated

Wait until updated with provisioningState at 'Succeeded'.

Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.