az confidentialledger
Note
This command group has commands that are defined in two or more extensions. Each extension will automatically install the first time you run an extension command. Learn more about extensions.
Manage Confidential Ledger.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az confidentialledger check-name-availability |
To check whether a resource name is available. |
Extension | GA |
| az confidentialledger create |
Create a Confidential Ledger with the specified ledger parameters. |
Extension | GA |
| az confidentialledger delete |
Delete an existing Confidential Ledger. |
Extension | GA |
| az confidentialledger list |
List the properties of all Confidential Ledgers. |
Extension | GA |
| az confidentialledger managedccfs |
Deploy and manage the Azure Managed CCF instances. |
Extension | Preview |
| az confidentialledger managedccfs create |
Create an instance of the Azure Managed CCF service. |
Extension | Preview |
| az confidentialledger managedccfs delete |
Delete a Managed CCF instance. |
Extension | Preview |
| az confidentialledger managedccfs list |
View the Azure Managed CCF instances in a resource group. |
Extension | Preview |
| az confidentialledger managedccfs show |
View the details of an instance. |
Extension | Preview |
| az confidentialledger managedccfs update |
Patch a Managed CCF instance. |
Extension | Preview |
| az confidentialledger managedccfs wait |
Place the CLI in a waiting state until a condition is met. |
Extension | Preview |
| az confidentialledger show |
Get the properties of a Confidential Ledger. |
Extension | GA |
| az confidentialledger update |
Update a Confidential Ledger with the specified ledger parameters. |
Extension | GA |
| az confidentialledger wait |
Place the CLI in a waiting state until a condition is met. |
Extension | GA |
az confidentialledger check-name-availability
To check whether a resource name is available.
az confidentialledger check-name-availability [--name]
[--type]Examples
CheckNameAvailability
az confidentialledger check-name-availability --type Microsoft.ConfidentialLedger/ledgers --name sample-nameOptional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
The name of the resource for which availability needs to be checked.
| Property | Value |
|---|---|
| Parameter group: | NameAvailabilityRequest Arguments |
The resource type.
| Property | Value |
|---|---|
| Parameter group: | NameAvailabilityRequest Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az confidentialledger create
Create a Confidential Ledger with the specified ledger parameters.
az confidentialledger create --ledger-name --name
--resource-group
[--aad-based-security-principals --aad-based-users]
[--application-type {CodeTransparency, ConfidentialLedger}]
[--cert-based-security-principals --cert-based-users]
[--enclave-platform {AmdSevSnp, IntelSgx}]
[--host-level]
[--ledger-sku {Basic, Standard, Unknown}]
[--ledger-type {Private, Public, Unknown}]
[--location]
[--max-body-size-in-mb]
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--node-count]
[--running-state {Active, Paused, Pausing, Resuming, Unknown}]
[--subject-name]
[--tags]
[--worker-threads]
[--write-lb-address-prefix --write-lb-prefix]Examples
ConfidentialLedgerCreate with cert-based-security-principals
az confidentialledger create --resource-group DummyResourceGroupName --ledger-name DummyLedgerName --ledger-type Public --ledger-sku Standard --location EastUS --aad-based-security-principals "[{principal-id:34621747-6fc8-4771-a2eb-72f31c461f2e,tenant-id:bce123b9-2b7b-4975-8360-5ca0b9b1cd08,ledger-role-name:Administrator}]" --tags "{additionalProps1:'additional properties'}"ConfidentialLedgerCreate with cert-based-security-principals
az confidentialledger create --resource-group DummyResourceGroupName --ledger-name DummyLedgerName --ledger-type Public --ledger-sku Standard --location EastUS --cert-based-security-principals "[{cert:'-----BEGIN CERTIFICATE-----MIIBsjCCATigAwIBAgIUZWIbyG79TniQLd2UxJuU74tqrKcwCgYIKoZIzj0EAwMwEDEOMAwGA1UEAwwFdXNlcjAwHhcNMjEwMzE2MTgwNjExWhcNMjIwMzE2MTgwNjExWjAQMQ4wDAYDVQQDDAV1c2VyMDB2MBAGByqGSM49AgEGBSuBBAAiA2IABBiWSo/j8EFit7aUMm5lF+lUmCu+IgfnpFD+7QMgLKtxRJ3aGSqgS/GpqcYVGddnODtSarNE/HyGKUFUolLPQ5ybHcouUk0kyfA7XMeSoUA4lBz63Wha8wmXo+NdBRo39qNTMFEwHQYDVR0OBBYEFPtuhrwgGjDFHeUUT4nGsXaZn69KMB8GA1UdIwQYMBaAFPtuhrwgGjDFHeUUT4nGsXaZn69KMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwMDaAAwZQIxAOnozm2CyqRwSSQLls5r+mUHRGRyXHXwYtM4Dcst/VEZdmS9fqvHRCHbjUlO/+HNfgIwMWZ4FmsjD3wnPxONOm9YdVn/PRD7SsPRPbOjwBiE4EBGaHDsLjYAGDSGi7NJnSkA-----END CERTIFICATE-----',ledger-role-name:Reader}]" --tags "{additionalProps1:'additional properties'}"Required Parameters
Name of the Confidential Ledger.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Array of all AAD based Security Principals. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Application type of the Confidential Ledger.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
| Accepted values: | CodeTransparency, ConfidentialLedger |
Array of all cert based Security Principals. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Enclave platform of the Confidential Ledger.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
| Accepted values: | AmdSevSnp, IntelSgx |
CCF Property for the logging level for the untrusted host: Trace, Debug, Info, Fail, Fatal.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
SKU associated with the ledger.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
| Accepted values: | Basic, Standard, Unknown |
Type of Confidential Ledger.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
| Accepted values: | Private, Public, Unknown |
The geo-location where the resource lives When not specified, the location of the resource group will be used.
| Property | Value |
|---|---|
| Parameter group: | ConfidentialLedger Arguments |
CCF Property for the maximum size of the http request body: 1MB, 5MB, 10MB.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
Number of CCF nodes in the ACC Ledger.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Object representing RunningState for Ledger.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
| Accepted values: | Active, Paused, Pausing, Resuming, Unknown |
CCF Property for the subject name to include in the node certificate. Default: CN=CCF Node.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Resource tags. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | ConfidentialLedger Arguments |
Number of additional threads processing incoming client requests in the enclave (modify with care!).
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Prefix for the write load balancer. Example: write.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az confidentialledger delete
Delete an existing Confidential Ledger.
az confidentialledger delete [--ids]
[--ledger-name --name]
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--resource-group]
[--subscription]
[--yes]Examples
ConfidentialLedgerDelete
az confidentialledger delete --resource-group DummyResourceGroupName --ledger-name DummyLedgerNameOptional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of the Confidential Ledger.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Do not prompt for confirmation.
| Property | Value |
|---|---|
| Default value: | False |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az confidentialledger list
List the properties of all Confidential Ledgers.
az confidentialledger list [--filter]
[--max-items]
[--next-token]
[--resource-group]Examples
ConfidentialLedgerListBySub
az confidentialledger listConfidentialLedgerListByResourceGroup
az confidentialledger list --resource-group DummyResourceGroupNameOptional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
The filter to apply on the list operation. eg. $filter=ledgerType eq 'Public'.
Total number of items to return in the command's output. If the total number of items available is more than the value specified, a token is provided in the command's output. To resume pagination, provide the token value in --next-token argument of a subsequent command.
| Property | Value |
|---|---|
| Parameter group: | Pagination Arguments |
Token to specify where to start paginating. This is the token value from a previously truncated response.
| Property | Value |
|---|---|
| Parameter group: | Pagination Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az confidentialledger show
Get the properties of a Confidential Ledger.
az confidentialledger show [--ids]
[--ledger-name --name]
[--resource-group]
[--subscription]Examples
ConfidentialLedgerGet
az confidentialledger show --resource-group DummyResourceGroupName --ledger-name DummyLedgerNameOptional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of the Confidential Ledger.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az confidentialledger update
Update a Confidential Ledger with the specified ledger parameters.
az confidentialledger update [--aad-based-security-principals --aad-based-users]
[--add]
[--application-type {CodeTransparency, ConfidentialLedger}]
[--cert-based-security-principals --cert-based-users]
[--enclave-platform {AmdSevSnp, IntelSgx}]
[--force-string {0, 1, f, false, n, no, t, true, y, yes}]
[--host-level]
[--ids]
[--ledger-name --name]
[--ledger-sku {Basic, Standard, Unknown}]
[--ledger-type {Private, Public, Unknown}]
[--max-body-size-in-mb]
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--node-count]
[--remove]
[--resource-group]
[--running-state {Active, Paused, Pausing, Resuming, Unknown}]
[--set]
[--subject-name]
[--subscription]
[--tags]
[--worker-threads]
[--write-lb-address-prefix --write-lb-prefix]Examples
ConfidentialLedgerUpdate
az confidentialledger update --resource-group DummyResourceGroupName --ledger-name DummyLedgerName --location EastUS --aad-based-security-principals "[{principal-id:34621747-6fc8-4771-a2eb-72f31c461f2e,tenant-id:bce123b9-2b7b-4975-8360-5ca0b9b1cd08,ledger-role-name:Contributor}]" --tags "{additionalProps1:'additional update properties'}"Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Array of all AAD based Security Principals. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.
| Property | Value |
|---|---|
| Parameter group: | Generic Update Arguments |
Application type of the Confidential Ledger.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
| Accepted values: | CodeTransparency, ConfidentialLedger |
Array of all cert based Security Principals. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Enclave platform of the Confidential Ledger.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
| Accepted values: | AmdSevSnp, IntelSgx |
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
| Property | Value |
|---|---|
| Parameter group: | Generic Update Arguments |
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
CCF Property for the logging level for the untrusted host: Trace, Debug, Info, Fail, Fatal.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of the Confidential Ledger.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
SKU associated with the ledger.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
| Accepted values: | Basic, Standard, Unknown |
Type of Confidential Ledger.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
| Accepted values: | Private, Public, Unknown |
CCF Property for the maximum size of the http request body: 1MB, 5MB, 10MB.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
Number of CCF nodes in the ACC Ledger.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.
| Property | Value |
|---|---|
| Parameter group: | Generic Update Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Object representing RunningState for Ledger.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
| Accepted values: | Active, Paused, Pausing, Resuming, Unknown |
Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.
| Property | Value |
|---|---|
| Parameter group: | Generic Update Arguments |
CCF Property for the subject name to include in the node certificate. Default: CN=CCF Node.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Resource tags. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | ConfidentialLedger Arguments |
Number of additional threads processing incoming client requests in the enclave (modify with care!).
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Prefix for the write load balancer. Example: write.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az confidentialledger wait
Place the CLI in a waiting state until a condition is met.
az confidentialledger wait [--created]
[--custom]
[--deleted]
[--exists]
[--ids]
[--interval]
[--ledger-name --name]
[--resource-group]
[--subscription]
[--timeout]
[--updated]Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Wait until created with 'provisioningState' at 'Succeeded'.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
Wait until deleted.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Wait until the resource exists.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Polling interval in seconds.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | 30 |
Name of the Confidential Ledger.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Maximum wait in seconds.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | 3600 |
Wait until updated with provisioningState at 'Succeeded'.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
