az network vnet subnet
Manage subnets in an Azure Virtual Network.
To learn more about subnets visit https://docs.microsoft.com/azure/virtual-network/virtual-network-manage-subnet.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az network vnet subnet create |
Create a subnet and associate an existing NSG and route table. |
Core | GA |
| az network vnet subnet delete |
Delete a subnet. |
Core | GA |
| az network vnet subnet list |
List the subnets in a virtual network. |
Core | GA |
| az network vnet subnet list-available-delegations |
List the services available for subnet delegation. |
Core | GA |
| az network vnet subnet list-available-ips |
List some available ips in the subnet. |
Core | Preview |
| az network vnet subnet show |
Show details of a subnet. |
Core | GA |
| az network vnet subnet update |
Update a subnet. |
Core | GA |
| az network vnet subnet wait |
Place the CLI in a waiting state until a condition is met. |
Core | GA |
az network vnet subnet create
Create a subnet and associate an existing NSG and route table.
az network vnet subnet create --name
--resource-group
--vnet-name
[--address-prefixes]
[--default-outbound {0, 1, f, false, n, no, t, true, y, yes}]
[--delegations]
[--disable-private-endpoint-network-policies {0, 1, f, false, n, no, t, true, y, yes}]
[--disable-private-link-service-network-policies {0, 1, f, false, n, no, t, true, y, yes}]
[--endpoints]
[--nat-gateway]
[--network-security-group]
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--ple-network-policies {Disabled, Enabled, NetworkSecurityGroupEnabled, RouteTableEnabled}]
[--pls-network-policies {Disabled, Enabled}]
[--route-table]
[--service-endpoint-policy]
[--service-endpoints]
[--sharing-scope {DelegatedServices, Tenant}]Examples
Create new subnet attached to an NSG with a custom route table.
az network vnet subnet create -g MyResourceGroup --vnet-name MyVnet -n MySubnet --address-prefixes 10.0.0.0/24 --network-security-group MyNsg --route-table MyRouteTableCreate new subnet attached to a NAT gateway.
az network vnet subnet create -n MySubnet --vnet-name MyVnet -g MyResourceGroup --nat-gateway MyNatGateway --address-prefixes "10.0.0.0/21"Required Parameters
The subnet name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
The virtual network (VNet) name.
Optional Parameters
Space-separated list of address prefixes in CIDR format. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Set this property to false to disable default outbound connectivity for all VMs in the subnet. This property can only be set at the time of subnet creation and cannot be updated for an existing subnet.
Space-separated list of services to whom the subnet should be delegated, e.g., Microsoft.Sql/servers. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Disable private endpoint network policies on the subnet. Please note that it will be replaced by --private-endpoint-network-policies soon.
Disable private link service network policies on the subnet. Please note that it will be replaced by --private-link-service-network-policies soon.
An array of service endpoints. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Name or ID of a NAT gateway to attach.
Name or ID of a network security group (NSG).
Do not wait for the long-running operation to finish.
Manage network policies for private endpoint.
Manage network policy for private link service.
Name or ID of a route table to associate with the subnet.
Space-separated list of names or IDs of service endpoint policies to apply. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Space-separated list of services allowed private access to this subnet. Values from: az network vnet list-endpoint-services. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Set this property to Tenant to allow sharing subnet with other subscriptions in your AAD tenant. This property can only be set if defaultOutboundAccess is set to false, both properties can only be set if subnet is empty.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network vnet subnet delete
Delete a subnet.
az network vnet subnet delete [--ids]
[--name]
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--resource-group]
[--subscription]
[--vnet-name]Examples
Delete a subnet.
az network vnet subnet delete --name MySubnet --resource-group MyResourceGroup --vnet-name MyVnetOptional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The subnet name.
Do not wait for the long-running operation to finish.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
The virtual network (VNet) name.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network vnet subnet list
List the subnets in a virtual network.
az network vnet subnet list --resource-group
--vnet-name
[--max-items]
[--next-token]Examples
List the subnets in a virtual network.
az network vnet subnet list -g MyResourceGroup --vnet-name MyVNetRequired Parameters
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
The virtual network (VNet) name.
Optional Parameters
Total number of items to return in the command's output. If the total number of items available is more than the value specified, a token is provided in the command's output. To resume pagination, provide the token value in --next-token argument of a subsequent command.
Token to specify where to start paginating. This is the token value from a previously truncated response.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network vnet subnet list-available-delegations
List the services available for subnet delegation.
az network vnet subnet list-available-delegations [--location]
[--max-items]
[--next-token]
[--resource-group]Examples
Retrieve the service names for available delegations in the West US region.
az network vnet subnet list-available-delegations -l westus --query [].serviceNameList the services available for subnet delegation. (autogenerated)
az network vnet subnet list-available-delegations --resource-group MyResourceGroupOptional Parameters
Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>. When not specified, the location of the resource group will be used.
Total number of items to return in the command's output. If the total number of items available is more than the value specified, a token is provided in the command's output. To resume pagination, provide the token value in --next-token argument of a subsequent command.
Token to specify where to start paginating. This is the token value from a previously truncated response.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network vnet subnet list-available-ips
This command is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
List some available ips in the subnet.
az network vnet subnet list-available-ips [--ids]
[--name]
[--resource-group]
[--subscription]
[--vnet-name]Examples
List some available ips in the subnet.
az network vnet subnet list-available-ips --resource-group MyResourceGroup --vnet-name MyVNet -n MySubnetOptional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The subnet name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
The virtual network (VNet) name.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network vnet subnet show
Show details of a subnet.
az network vnet subnet show [--expand]
[--ids]
[--name]
[--resource-group]
[--subscription]
[--vnet-name]Examples
Show the details of a subnet associated with a virtual network.
az network vnet subnet show -g MyResourceGroup -n MySubnet --vnet-name MyVNetOptional Parameters
Expands referenced resources. Default value is None.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The subnet name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
The virtual network (VNet) name.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network vnet subnet update
Update a subnet.
az network vnet subnet update [--add]
[--address-prefixes]
[--default-outbound {0, 1, f, false, n, no, t, true, y, yes}]
[--delegations]
[--disable-private-endpoint-network-policies {0, 1, f, false, n, no, t, true, y, yes}]
[--disable-private-link-service-network-policies {0, 1, f, false, n, no, t, true, y, yes}]
[--endpoints]
[--force-string {0, 1, f, false, n, no, t, true, y, yes}]
[--ids]
[--name]
[--nat-gateway]
[--network-security-group]
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--ple-network-policies {Disabled, Enabled, NetworkSecurityGroupEnabled, RouteTableEnabled}]
[--pls-network-policies {Disabled, Enabled}]
[--remove]
[--resource-group]
[--route-table]
[--service-endpoint-policy]
[--service-endpoints]
[--set]
[--sharing-scope {DelegatedServices, Tenant}]
[--subscription]
[--vnet-name]Examples
Associate a network security group to a subnet.
az network vnet subnet update -g MyResourceGroup -n MySubnet --vnet-name MyVNet --network-security-group MyNsgUpdate subnet with NAT gateway.
az network vnet subnet update -n MySubnet --vnet-name MyVnet -g MyResourceGroup --nat-gateway MyNatGateway --address-prefixes "10.0.0.0/21"Disable the private endpoint network policies.
az network vnet subnet update -n MySubnet --vnet-name MyVnet -g MyResourceGroup --private-endpoint-network-policies DisabledDetach a network security group in a subnet.
az network vnet subnet update -g MyResourceGroup --vnet-name MyVNet -n MySubnet --nsg nullOptional Parameters
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.
Space-separated list of address prefixes in CIDR format. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Set this property to false to disable default outbound connectivity for all VMs in the subnet. This property can only be set at the time of subnet creation and cannot be updated for an existing subnet.
Space-separated list of services to whom the subnet should be delegated, e.g., Microsoft.Sql/servers. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Disable private endpoint network policies on the subnet. Please note that it will be replaced by --private-endpoint-network-policies soon.
Disable private link service network policies on the subnet. Please note that it will be replaced by --private-link-service-network-policies soon.
An array of service endpoints. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The subnet name.
Name or ID of a NAT gateway to attach. Use null to detach it.
Name or ID of a network security group (NSG). Use null to detach it.
Do not wait for the long-running operation to finish.
Manage network policy for private endpoint.
Manage network policy for private link service.
Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of a route table to associate with the subnet. Use null to detach it.
Space-separated list of names or IDs of service endpoint policies to apply. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Space-separated list of services allowed private access to this subnet. Values from: az network vnet list-endpoint-services. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.
Set this property to Tenant to allow sharing subnet with other subscriptions in your AAD tenant. This property can only be set if defaultOutboundAccess is set to false, both properties can only be set if subnet is empty.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
The virtual network (VNet) name.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network vnet subnet wait
Place the CLI in a waiting state until a condition is met.
az network vnet subnet wait [--created]
[--custom]
[--deleted]
[--exists]
[--expand]
[--ids]
[--interval]
[--name]
[--resource-group]
[--subscription]
[--timeout]
[--updated]
[--vnet-name]Optional Parameters
Wait until created with 'provisioningState' at 'Succeeded'.
Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].
Wait until deleted.
Wait until the resource exists.
Expands referenced resources. Default value is None.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Polling interval in seconds.
The subnet name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Maximum wait in seconds.
Wait until updated with provisioningState at 'Succeeded'.
The virtual network (VNet) name.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
