Share via


az confidentialledger

Note

This command group has commands that are defined in two or more extensions. Each extension will automatically install the first time you run an extension command. Learn more about extensions.

Manage Confidential Ledger.

Commands

Name Description Type Status
az confidentialledger check-name-availability

To check whether a resource name is available.

Extension GA
az confidentialledger create

Create a Confidential Ledger with the specified ledger parameters.

Extension GA
az confidentialledger delete

Delete an existing Confidential Ledger.

Extension GA
az confidentialledger list

List the properties of all Confidential Ledgers.

Extension GA
az confidentialledger managedccfs

Deploy and manage the Azure Managed CCF instances.

Extension Preview
az confidentialledger managedccfs create

Create an instance of the Azure Managed CCF service.

Extension Preview
az confidentialledger managedccfs delete

Delete a Managed CCF instance.

Extension Preview
az confidentialledger managedccfs list

View the Azure Managed CCF instances in a resource group.

Extension Preview
az confidentialledger managedccfs show

View the details of an instance.

Extension Preview
az confidentialledger managedccfs update

Patch a Managed CCF instance.

Extension Preview
az confidentialledger managedccfs wait

Place the CLI in a waiting state until a condition is met.

Extension Preview
az confidentialledger show

Get the properties of a Confidential Ledger.

Extension GA
az confidentialledger update

Update a Confidential Ledger with the specified ledger parameters.

Extension GA
az confidentialledger wait

Place the CLI in a waiting state until a condition is met.

Extension GA

az confidentialledger check-name-availability

To check whether a resource name is available.

az confidentialledger check-name-availability [--name]
                                              [--type]

Examples

CheckNameAvailability

az confidentialledger check-name-availability --type Microsoft.ConfidentialLedger/ledgers --name sample-name

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--name

The name of the resource for which availability needs to be checked.

Property Value
Parameter group: NameAvailabilityRequest Arguments
--type

The resource type.

Property Value
Parameter group: NameAvailabilityRequest Arguments
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az confidentialledger create

Create a Confidential Ledger with the specified ledger parameters.

az confidentialledger create --ledger-name --name
                             --resource-group
                             [--aad-based-security-principals --aad-based-users]
                             [--application-type {CodeTransparency, ConfidentialLedger}]
                             [--cert-based-security-principals --cert-based-users]
                             [--enclave-platform {AmdSevSnp, IntelSgx}]
                             [--host-level]
                             [--ledger-sku {Basic, Standard, Unknown}]
                             [--ledger-type {Private, Public, Unknown}]
                             [--location]
                             [--max-body-size-in-mb]
                             [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                             [--node-count]
                             [--running-state {Active, Paused, Pausing, Resuming, Unknown}]
                             [--subject-name]
                             [--tags]
                             [--worker-threads]
                             [--write-lb-address-prefix --write-lb-prefix]

Examples

ConfidentialLedgerCreate with cert-based-security-principals

az confidentialledger create --resource-group DummyResourceGroupName --ledger-name DummyLedgerName --ledger-type Public --ledger-sku Standard --location EastUS --aad-based-security-principals "[{principal-id:34621747-6fc8-4771-a2eb-72f31c461f2e,tenant-id:bce123b9-2b7b-4975-8360-5ca0b9b1cd08,ledger-role-name:Administrator}]" --tags "{additionalProps1:'additional properties'}"

ConfidentialLedgerCreate with cert-based-security-principals

az confidentialledger create --resource-group DummyResourceGroupName --ledger-name DummyLedgerName --ledger-type Public --ledger-sku Standard --location EastUS --cert-based-security-principals "[{cert:'-----BEGIN CERTIFICATE-----MIIBsjCCATigAwIBAgIUZWIbyG79TniQLd2UxJuU74tqrKcwCgYIKoZIzj0EAwMwEDEOMAwGA1UEAwwFdXNlcjAwHhcNMjEwMzE2MTgwNjExWhcNMjIwMzE2MTgwNjExWjAQMQ4wDAYDVQQDDAV1c2VyMDB2MBAGByqGSM49AgEGBSuBBAAiA2IABBiWSo/j8EFit7aUMm5lF+lUmCu+IgfnpFD+7QMgLKtxRJ3aGSqgS/GpqcYVGddnODtSarNE/HyGKUFUolLPQ5ybHcouUk0kyfA7XMeSoUA4lBz63Wha8wmXo+NdBRo39qNTMFEwHQYDVR0OBBYEFPtuhrwgGjDFHeUUT4nGsXaZn69KMB8GA1UdIwQYMBaAFPtuhrwgGjDFHeUUT4nGsXaZn69KMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwMDaAAwZQIxAOnozm2CyqRwSSQLls5r+mUHRGRyXHXwYtM4Dcst/VEZdmS9fqvHRCHbjUlO/+HNfgIwMWZ4FmsjD3wnPxONOm9YdVn/PRD7SsPRPbOjwBiE4EBGaHDsLjYAGDSGi7NJnSkA-----END CERTIFICATE-----',ledger-role-name:Reader}]" --tags "{additionalProps1:'additional properties'}"

Required Parameters

--ledger-name --name -n

Name of the Confidential Ledger.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--aad-based-security-principals --aad-based-users

Array of all AAD based Security Principals. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Property Value
Parameter group: Properties Arguments
--application-type

Application type of the Confidential Ledger.

Property Value
Parameter group: Properties Arguments
Accepted values: CodeTransparency, ConfidentialLedger
--cert-based-security-principals --cert-based-users

Array of all cert based Security Principals. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Property Value
Parameter group: Properties Arguments
--enclave-platform

Enclave platform of the Confidential Ledger.

Property Value
Parameter group: Properties Arguments
Accepted values: AmdSevSnp, IntelSgx
--host-level

CCF Property for the logging level for the untrusted host: Trace, Debug, Info, Fail, Fatal.

Property Value
Parameter group: Properties Arguments
--ledger-sku

SKU associated with the ledger.

Property Value
Parameter group: Properties Arguments
Accepted values: Basic, Standard, Unknown
--ledger-type

Type of Confidential Ledger.

Property Value
Parameter group: Properties Arguments
Accepted values: Private, Public, Unknown
--location -l

The geo-location where the resource lives When not specified, the location of the resource group will be used.

Property Value
Parameter group: ConfidentialLedger Arguments
--max-body-size-in-mb

CCF Property for the maximum size of the http request body: 1MB, 5MB, 10MB.

Property Value
Parameter group: Properties Arguments
--no-wait

Do not wait for the long-running operation to finish.

Property Value
Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--node-count

Number of CCF nodes in the ACC Ledger.

Property Value
Parameter group: Properties Arguments
--running-state

Object representing RunningState for Ledger.

Property Value
Parameter group: Properties Arguments
Accepted values: Active, Paused, Pausing, Resuming, Unknown
--subject-name

CCF Property for the subject name to include in the node certificate. Default: CN=CCF Node.

Property Value
Parameter group: Properties Arguments
--tags

Resource tags. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Property Value
Parameter group: ConfidentialLedger Arguments
--worker-threads

Number of additional threads processing incoming client requests in the enclave (modify with care!).

Property Value
Parameter group: Properties Arguments
--write-lb-address-prefix --write-lb-prefix

Prefix for the write load balancer. Example: write.

Property Value
Parameter group: Properties Arguments
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az confidentialledger delete

Delete an existing Confidential Ledger.

az confidentialledger delete [--ids]
                             [--ledger-name --name]
                             [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                             [--resource-group]
                             [--subscription]
                             [--yes]

Examples

ConfidentialLedgerDelete

az confidentialledger delete --resource-group DummyResourceGroupName --ledger-name DummyLedgerName

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

Property Value
Parameter group: Resource Id Arguments
--ledger-name --name -n

Name of the Confidential Ledger.

Property Value
Parameter group: Resource Id Arguments
--no-wait

Do not wait for the long-running operation to finish.

Property Value
Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Property Value
Parameter group: Resource Id Arguments
--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Property Value
Parameter group: Resource Id Arguments
--yes -y

Do not prompt for confirmation.

Property Value
Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az confidentialledger list

List the properties of all Confidential Ledgers.

az confidentialledger list [--filter]
                           [--max-items]
                           [--next-token]
                           [--resource-group]

Examples

ConfidentialLedgerListBySub

az confidentialledger list

ConfidentialLedgerListByResourceGroup

az confidentialledger list --resource-group DummyResourceGroupName

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--filter

The filter to apply on the list operation. eg. $filter=ledgerType eq 'Public'.

--max-items

Total number of items to return in the command's output. If the total number of items available is more than the value specified, a token is provided in the command's output. To resume pagination, provide the token value in --next-token argument of a subsequent command.

Property Value
Parameter group: Pagination Arguments
--next-token

Token to specify where to start paginating. This is the token value from a previously truncated response.

Property Value
Parameter group: Pagination Arguments
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az confidentialledger show

Get the properties of a Confidential Ledger.

az confidentialledger show [--ids]
                           [--ledger-name --name]
                           [--resource-group]
                           [--subscription]

Examples

ConfidentialLedgerGet

az confidentialledger show --resource-group DummyResourceGroupName --ledger-name DummyLedgerName

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

Property Value
Parameter group: Resource Id Arguments
--ledger-name --name -n

Name of the Confidential Ledger.

Property Value
Parameter group: Resource Id Arguments
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Property Value
Parameter group: Resource Id Arguments
--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Property Value
Parameter group: Resource Id Arguments
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az confidentialledger update

Update a Confidential Ledger with the specified ledger parameters.

az confidentialledger update [--aad-based-security-principals --aad-based-users]
                             [--add]
                             [--application-type {CodeTransparency, ConfidentialLedger}]
                             [--cert-based-security-principals --cert-based-users]
                             [--enclave-platform {AmdSevSnp, IntelSgx}]
                             [--force-string {0, 1, f, false, n, no, t, true, y, yes}]
                             [--host-level]
                             [--ids]
                             [--ledger-name --name]
                             [--ledger-sku {Basic, Standard, Unknown}]
                             [--ledger-type {Private, Public, Unknown}]
                             [--max-body-size-in-mb]
                             [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                             [--node-count]
                             [--remove]
                             [--resource-group]
                             [--running-state {Active, Paused, Pausing, Resuming, Unknown}]
                             [--set]
                             [--subject-name]
                             [--subscription]
                             [--tags]
                             [--worker-threads]
                             [--write-lb-address-prefix --write-lb-prefix]

Examples

ConfidentialLedgerUpdate

az confidentialledger update --resource-group DummyResourceGroupName --ledger-name DummyLedgerName --location EastUS --aad-based-security-principals "[{principal-id:34621747-6fc8-4771-a2eb-72f31c461f2e,tenant-id:bce123b9-2b7b-4975-8360-5ca0b9b1cd08,ledger-role-name:Contributor}]" --tags "{additionalProps1:'additional update properties'}"

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--aad-based-security-principals --aad-based-users

Array of all AAD based Security Principals. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Property Value
Parameter group: Properties Arguments
--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.

Property Value
Parameter group: Generic Update Arguments
--application-type

Application type of the Confidential Ledger.

Property Value
Parameter group: Properties Arguments
Accepted values: CodeTransparency, ConfidentialLedger
--cert-based-security-principals --cert-based-users

Array of all cert based Security Principals. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Property Value
Parameter group: Properties Arguments
--enclave-platform

Enclave platform of the Confidential Ledger.

Property Value
Parameter group: Properties Arguments
Accepted values: AmdSevSnp, IntelSgx
--force-string

When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.

Property Value
Parameter group: Generic Update Arguments
Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--host-level

CCF Property for the logging level for the untrusted host: Trace, Debug, Info, Fail, Fatal.

Property Value
Parameter group: Properties Arguments
--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

Property Value
Parameter group: Resource Id Arguments
--ledger-name --name -n

Name of the Confidential Ledger.

Property Value
Parameter group: Resource Id Arguments
--ledger-sku

SKU associated with the ledger.

Property Value
Parameter group: Properties Arguments
Accepted values: Basic, Standard, Unknown
--ledger-type

Type of Confidential Ledger.

Property Value
Parameter group: Properties Arguments
Accepted values: Private, Public, Unknown
--max-body-size-in-mb

CCF Property for the maximum size of the http request body: 1MB, 5MB, 10MB.

Property Value
Parameter group: Properties Arguments
--no-wait

Do not wait for the long-running operation to finish.

Property Value
Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--node-count

Number of CCF nodes in the ACC Ledger.

Property Value
Parameter group: Properties Arguments
--remove

Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.

Property Value
Parameter group: Generic Update Arguments
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Property Value
Parameter group: Resource Id Arguments
--running-state

Object representing RunningState for Ledger.

Property Value
Parameter group: Properties Arguments
Accepted values: Active, Paused, Pausing, Resuming, Unknown
--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.

Property Value
Parameter group: Generic Update Arguments
--subject-name

CCF Property for the subject name to include in the node certificate. Default: CN=CCF Node.

Property Value
Parameter group: Properties Arguments
--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Property Value
Parameter group: Resource Id Arguments
--tags

Resource tags. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Property Value
Parameter group: ConfidentialLedger Arguments
--worker-threads

Number of additional threads processing incoming client requests in the enclave (modify with care!).

Property Value
Parameter group: Properties Arguments
--write-lb-address-prefix --write-lb-prefix

Prefix for the write load balancer. Example: write.

Property Value
Parameter group: Properties Arguments
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az confidentialledger wait

Place the CLI in a waiting state until a condition is met.

az confidentialledger wait [--created]
                           [--custom]
                           [--deleted]
                           [--exists]
                           [--ids]
                           [--interval]
                           [--ledger-name --name]
                           [--resource-group]
                           [--subscription]
                           [--timeout]
                           [--updated]

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--created

Wait until created with 'provisioningState' at 'Succeeded'.

Property Value
Parameter group: Wait Condition Arguments
Default value: False
--custom

Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].

Property Value
Parameter group: Wait Condition Arguments
--deleted

Wait until deleted.

Property Value
Parameter group: Wait Condition Arguments
Default value: False
--exists

Wait until the resource exists.

Property Value
Parameter group: Wait Condition Arguments
Default value: False
--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

Property Value
Parameter group: Resource Id Arguments
--interval

Polling interval in seconds.

Property Value
Parameter group: Wait Condition Arguments
Default value: 30
--ledger-name --name -n

Name of the Confidential Ledger.

Property Value
Parameter group: Resource Id Arguments
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Property Value
Parameter group: Resource Id Arguments
--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Property Value
Parameter group: Resource Id Arguments
--timeout

Maximum wait in seconds.

Property Value
Parameter group: Wait Condition Arguments
Default value: 3600
--updated

Wait until updated with provisioningState at 'Succeeded'.

Property Value
Parameter group: Wait Condition Arguments
Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False