az webapp connection create
Note
This command group has commands that are defined in both Azure CLI and at least one extension. Install each extension to benefit from its extended capabilities. Learn more about extensions.
Create a connection between a webapp and a target resource.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az webapp connection create app-insights |
Create a webapp connection to app-insights. |
Core | GA |
| az webapp connection create appconfig |
Create a webapp connection to appconfig. |
Core | GA |
| az webapp connection create cognitiveservices |
Create a webapp connection to cognitiveservices. |
Core | GA |
| az webapp connection create confluent-cloud |
Create a webapp connection to confluent-cloud. |
Core | GA |
| az webapp connection create cosmos-cassandra |
Create a webapp connection to cosmos-cassandra. |
Core | GA |
| az webapp connection create cosmos-gremlin |
Create a webapp connection to cosmos-gremlin. |
Core | GA |
| az webapp connection create cosmos-mongo |
Create a webapp connection to cosmos-mongo. |
Core | GA |
| az webapp connection create cosmos-sql |
Create a webapp connection to cosmos-sql. |
Core | GA |
| az webapp connection create cosmos-table |
Create a webapp connection to cosmos-table. |
Core | GA |
| az webapp connection create eventhub |
Create a webapp connection to eventhub. |
Core | GA |
| az webapp connection create keyvault |
Create a webapp connection to keyvault. |
Core | GA |
| az webapp connection create mysql |
Create a webapp connection to mysql. |
Core | Deprecated |
| az webapp connection create mysql-flexible |
Create a webapp connection to mysql-flexible. |
Core | GA |
| az webapp connection create mysql-flexible (serviceconnector-passwordless extension) |
Create a webapp connection to mysql-flexible. |
Extension | GA |
| az webapp connection create postgres |
Create a webapp connection to postgres. |
Core | Deprecated |
| az webapp connection create postgres-flexible |
Create a webapp connection to postgres-flexible. |
Core | GA |
| az webapp connection create postgres-flexible (serviceconnector-passwordless extension) |
Create a webapp connection to postgres-flexible. |
Extension | GA |
| az webapp connection create redis |
Create a webapp connection to redis. |
Core | GA |
| az webapp connection create redis-enterprise |
Create a webapp connection to redis-enterprise. |
Core | GA |
| az webapp connection create servicebus |
Create a webapp connection to servicebus. |
Core | GA |
| az webapp connection create signalr |
Create a webapp connection to signalr. |
Core | GA |
| az webapp connection create sql |
Create a webapp connection to sql. |
Core | GA |
| az webapp connection create sql (serviceconnector-passwordless extension) |
Create a webapp connection to sql. |
Extension | GA |
| az webapp connection create storage-blob |
Create a webapp connection to storage-blob. |
Core | GA |
| az webapp connection create storage-file |
Create a webapp connection to storage-file. |
Core | GA |
| az webapp connection create storage-queue |
Create a webapp connection to storage-queue. |
Core | GA |
| az webapp connection create storage-table |
Create a webapp connection to storage-table. |
Core | GA |
| az webapp connection create webpubsub |
Create a webapp connection to webpubsub. |
Core | GA |
az webapp connection create app-insights
Create a webapp connection to app-insights.
az webapp connection create app-insights [--app-insights]
[--appconfig-id]
[--client-type {dotnet, dotnet-internal, go, java, nodejs, none, python}]
[--connection]
[--customized-keys]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--resource-group]
[--secret]
[--slot]
[--source-id]
[--target-id]
[--target-resource-group]
[--vault-id]Examples
Create a connection between webapp and app-insights interactively
az webapp connection create app-insightsCreate a connection between webapp and app-insights with resource name
az webapp connection create app-insights -g WebAppRG -n MyWebApp --tg AppInsightsRG --app-insights MyAppInsights --secretCreate a connection between webapp slot and app-insights with resource name
az webapp connection create app-insights -g WebAppRG -n MyWebApp --slot MySlot --tg AppInsightsRG --app-insights MyAppInsights --secretCreate a connection between webapp and app-insights with resource id
az webapp connection create app-insights --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/microsoft.insights/components/{appinsights} --secretOptional Parameters
Name of the app insights. Required if '--target-id' is not specified.
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The resource id of target service. Required if ['--target-resource-group', '--app-insights'] are not specified.
The resource group which contains the app insights. Required if '--target-id' is not specified.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create appconfig
Create a webapp connection to appconfig.
az webapp connection create appconfig [--app-config]
[--appconfig-id]
[--client-type {dotnet, dotnet-internal, java, nodejs, none, python}]
[--connection]
[--customized-keys]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and appconfig interactively
az webapp connection create appconfigCreate a connection between webapp and appconfig with resource name
az webapp connection create appconfig -g WebAppRG -n MyWebApp --tg AppconfigRG --app-config MyConfigStore --system-identityCreate a connection between webapp slot and appconfig with resource name
az webapp connection create appconfig -g WebAppRG -n MyWebApp --slot MySlot --tg AppconfigRG --app-config MyConfigStore --system-identityCreate a connection between webapp and appconfig with resource id
az webapp connection create appconfig --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.AppConfiguration/configurationStores/{config_store} --system-identityOptional Parameters
Name of the app configuration. Required if '--target-id' is not specified.
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--app-config'] are not specified.
The resource group which contains the app configuration. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create cognitiveservices
Create a webapp connection to cognitiveservices.
az webapp connection create cognitiveservices [--account]
[--appconfig-id]
[--client-type {dotnet, none, python}]
[--connection]
[--customized-keys]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--resource-group]
[--secret]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and cognitiveservices interactively
az webapp connection create cognitiveservicesCreate a connection between webapp and cognitiveservices with resource name
az webapp connection create cognitiveservices -g WebAppRG -n MyWebApp --tg CognitiveServicesRG --account MyAccount --system-identityCreate a connection between webapp slot and cognitiveservices with resource name
az webapp connection create cognitiveservices -g WebAppRG -n MyWebApp --slot MySlot --tg CognitiveServicesRG --account MyAccount --system-identityCreate a connection between webapp and cognitiveservices with resource id
az webapp connection create cognitiveservices --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.CognitiveServices/accounts/{account} --system-identityOptional Parameters
Name of the cognitive services account. Required if '--target-id' is not specified.
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--account'] are not specified.
The resource group which contains the cognitive services. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create confluent-cloud
Create a webapp connection to confluent-cloud.
az webapp connection create confluent-cloud --bootstrap-server
--kafka-key
--kafka-secret
--schema-key
--schema-registry
--schema-secret
[--appconfig-id]
[--client-type {dotnet, dotnet-internal, go, java, none, python, springBoot}]
[--connection]
[--customized-keys]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--resource-group]
[--slot]
[--source-id]
[--vault-id]Examples
Create a connection between webapp and confluent-cloud
az webapp connection create confluent-cloud -g WebAppRG -n MyWebApp --bootstrap-server xxx.eastus.azure.confluent.cloud:9092 --kafka-key Name --kafka-secret Secret --schema-registry https://xxx.eastus.azure.confluent.cloud --schema-key Name --schema-secret SecretRequired Parameters
Kafka bootstrap server url.
Kafka API-Key (key).
Kafka API-Key (secret).
Schema registry API-Key (key).
Schema registry url.
Schema registry API-Key (secret).
Optional Parameters
The app configuration id to store configuration.
The client type used on the webapp.
Name of the connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create cosmos-cassandra
Create a webapp connection to cosmos-cassandra.
az webapp connection create cosmos-cassandra [--account]
[--appconfig-id]
[--client-type {dotnet, dotnet-internal, go, java, nodejs, none, python, springBoot}]
[--connection]
[--customized-keys]
[--key-space]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--service-endpoint {false, true}]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and cosmos-cassandra interactively
az webapp connection create cosmos-cassandraCreate a connection between webapp and cosmos-cassandra with resource name
az webapp connection create cosmos-cassandra -g WebAppRG -n MyWebApp --tg CosmosRG --account MyAccount --key-space MyKeySpace --system-identityCreate a connection between webapp slot and cosmos-cassandra with resource name
az webapp connection create cosmos-cassandra -g WebAppRG -n MyWebApp --slot MySlot --tg CosmosRG --account MyAccount --key-space MyKeySpace --system-identityCreate a connection between webapp and cosmos-cassandra with resource id
az webapp connection create cosmos-cassandra --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DocumentDB/databaseAccounts/{account}/cassandraKeyspaces/{key_space} --system-identityOptional Parameters
Name of the cosmos database account. Required if '--target-id' is not specified.
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the keyspace. Required if '--target-id' is not specified.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--account', '--key-space'] are not specified.
The resource group which contains the cosmos database account. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create cosmos-gremlin
Create a webapp connection to cosmos-gremlin.
az webapp connection create cosmos-gremlin [--account]
[--appconfig-id]
[--client-type {dotnet, dotnet-internal, java, nodejs, none, php, python}]
[--connection]
[--customized-keys]
[--database]
[--graph]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--service-endpoint {false, true}]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and cosmos-gremlin interactively
az webapp connection create cosmos-gremlinCreate a connection between webapp and cosmos-gremlin with resource name
az webapp connection create cosmos-gremlin -g WebAppRG -n MyWebApp --tg CosmosRG --account MyAccount --database MyDB --graph MyGraph --system-identityCreate a connection between webapp slot and cosmos-gremlin with resource name
az webapp connection create cosmos-gremlin -g WebAppRG -n MyWebApp --slot MySlot --tg CosmosRG --account MyAccount --database MyDB --graph MyGraph --system-identityCreate a connection between webapp and cosmos-gremlin with resource id
az webapp connection create cosmos-gremlin --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DocumentDB/databaseAccounts/{account}/gremlinDatabases/{database}/graphs/{graph} --system-identityOptional Parameters
Name of the cosmos database account. Required if '--target-id' is not specified.
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the database. Required if '--target-id' is not specified.
Name of the graph. Required if '--target-id' is not specified.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--account', '--database', '--graph'] are not specified.
The resource group which contains the cosmos database account. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create cosmos-mongo
Create a webapp connection to cosmos-mongo.
az webapp connection create cosmos-mongo [--account]
[--appconfig-id]
[--client-type {dotnet, dotnet-internal, go, java, nodejs, none, springBoot}]
[--connection]
[--customized-keys]
[--database]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--service-endpoint {false, true}]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and cosmos-mongo interactively
az webapp connection create cosmos-mongoCreate a connection between webapp and cosmos-mongo with resource name
az webapp connection create cosmos-mongo -g WebAppRG -n MyWebApp --tg CosmosRG --account MyAccount --database MyDB --system-identityCreate a connection between webapp slot and cosmos-mongo with resource name
az webapp connection create cosmos-mongo -g WebAppRG -n MyWebApp --slot MySlot --tg CosmosRG --account MyAccount --database MyDB --system-identityCreate a connection between webapp and cosmos-mongo with resource id
az webapp connection create cosmos-mongo --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DocumentDB/databaseAccounts/{account}/mongodbDatabases/{database} --system-identityOptional Parameters
Name of the cosmos database account. Required if '--target-id' is not specified.
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the database. Required if '--target-id' is not specified.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--account', '--database'] are not specified.
The resource group which contains the cosmos database account. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create cosmos-sql
Create a webapp connection to cosmos-sql.
az webapp connection create cosmos-sql [--account]
[--appconfig-id]
[--client-type {dotnet, dotnet-internal, java, nodejs, none, python, springBoot}]
[--connection]
[--customized-keys]
[--database]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--service-endpoint {false, true}]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and cosmos-sql interactively
az webapp connection create cosmos-sqlCreate a connection between webapp and cosmos-sql with resource name
az webapp connection create cosmos-sql -g WebAppRG -n MyWebApp --tg CosmosRG --account MyAccount --database MyDB --system-identityCreate a connection between webapp slot and cosmos-sql with resource name
az webapp connection create cosmos-sql -g WebAppRG -n MyWebApp --slot MySlot --tg CosmosRG --account MyAccount --database MyDB --system-identityCreate a connection between webapp and cosmos-sql with resource id
az webapp connection create cosmos-sql --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DocumentDB/databaseAccounts/{account}/sqlDatabases/{database} --system-identityOptional Parameters
Name of the cosmos database account. Required if '--target-id' is not specified.
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the database. Required if '--target-id' is not specified.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--account', '--database'] are not specified.
The resource group which contains the cosmos database account. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create cosmos-table
Create a webapp connection to cosmos-table.
az webapp connection create cosmos-table [--account]
[--appconfig-id]
[--client-type {dotnet, dotnet-internal, java, nodejs, none, python, springBoot}]
[--connection]
[--customized-keys]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--service-endpoint {false, true}]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--table]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and cosmos-table interactively
az webapp connection create cosmos-tableCreate a connection between webapp and cosmos-table with resource name
az webapp connection create cosmos-table -g WebAppRG -n MyWebApp --tg CosmosRG --account MyAccount --table MyTable --system-identityCreate a connection between webapp slot and cosmos-table with resource name
az webapp connection create cosmos-table -g WebAppRG -n MyWebApp --slot MySlot --tg CosmosRG --account MyAccount --table MyTable --system-identityCreate a connection between webapp and cosmos-table with resource id
az webapp connection create cosmos-table --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DocumentDB/databaseAccounts/{account}/tables/{table} --system-identityOptional Parameters
Name of the cosmos database account. Required if '--target-id' is not specified.
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
Name of the table. Required if '--target-id' is not specified.
The resource id of target service. Required if ['--target-resource-group', '--account', '--table'] are not specified.
The resource group which contains the cosmos database account. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create eventhub
Create a webapp connection to eventhub.
az webapp connection create eventhub [--appconfig-id]
[--client-type {dotnet, dotnet-internal, go, java, kafka-springBoot, nodejs, none, python, springBoot}]
[--connection]
[--customized-keys]
[--name]
[--namespace]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--service-endpoint {false, true}]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and eventhub interactively
az webapp connection create eventhubCreate a connection between webapp and eventhub with resource name
az webapp connection create eventhub -g WebAppRG -n MyWebApp --tg EventhubRG --namespace MyNamespace --system-identityCreate a connection between webapp slot and eventhub with resource name
az webapp connection create eventhub -g WebAppRG -n MyWebApp --slot MySlot --tg EventhubRG --namespace MyNamespace --system-identityCreate a connection between webapp and eventhub with resource id
az webapp connection create eventhub --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.EventHub/namespaces/{namespace} --system-identityOptional Parameters
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the webapp. Required if '--source-id' is not specified.None.
Name of the eventhub namespace. Required if '--target-id' is not specified.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--namespace'] are not specified.
The resource group which contains the eventhub. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create keyvault
Create a webapp connection to keyvault.
az webapp connection create keyvault [--appconfig-id]
[--client-type {dotnet, dotnet-internal, java, nodejs, none, python, springBoot}]
[--connection]
[--customized-keys]
[--name]
[--new {false, true}]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--service-endpoint {false, true}]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault]
[--vault-id]Examples
Create a connection between webapp and keyvault interactively
az webapp connection create keyvaultCreate a connection between webapp and keyvault with resource name
az webapp connection create keyvault -g WebAppRG -n MyWebApp --tg KeyvaultRG --vault MyVault --system-identityCreate a connection between webapp slot and keyvault with resource name
az webapp connection create keyvault -g WebAppRG -n MyWebApp --slot MySlot --tg KeyvaultRG --vault MyVault --system-identityCreate a connection between webapp and keyvault with resource id
az webapp connection create keyvault --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.KeyVault/vaults/{vault} --system-identityCreate a new keyvault and connect webapp to it interactively
az webapp connection create keyvault --newCreate a new keyvault and connect webapp to it
az webapp connection create keyvault --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --newOptional Parameters
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the webapp. Required if '--source-id' is not specified.None.
Indicates whether to create a new keyvault when creating the webapp connection.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--vault'] are not specified.
The resource group which contains the keyvault. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
Name of the keyvault. Required if '--target-id' is not specified.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create mysql
This command has been deprecated and will be removed in a future release.
Create a webapp connection to mysql.
az webapp connection create mysql [--appconfig-id]
[--client-type {django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot}]
[--config-connstr {false, true}]
[--connection]
[--customized-keys]
[--database]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--server]
[--service-endpoint {false, true}]
[--slot]
[--source-id]
[--target-id]
[--target-resource-group]
[--vault-id]Examples
Create a connection between webapp and mysql interactively
az webapp connection create mysqlCreate a connection between webapp and mysql with resource name
az webapp connection create mysql -g WebAppRG -n MyWebApp --tg MysqlRG --server MyServer --database MyDB --secret name=XX secret=XXCreate a connection between webapp slot and mysql with resource name
az webapp connection create mysql -g WebAppRG -n MyWebApp --slot MySlot --tg MysqlRG --server MyServer --database MyDB --secret name=XX secret=XXCreate a connection between webapp and mysql with resource id
az webapp connection create mysql --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DBForMySQL/servers/{server}/databases/{database} --secret name=XX secret=XXOptional Parameters
The app configuration id to store configuration.
The client type used on the webapp.
Store configuration into connection strings, only could be used together with dotnet client_type.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the mysql database. Required if '--target-id' is not specified.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret name=XX secret=XX --secret name=XX secret-uri=XX --secret name=XX secret-name=XX
name : Required. Username or account name for secret auth. secret : One of <secret, secret-uri, secret-name> is required. Password or account key for secret auth. secret-uri : One of <secret, secret-uri, secret-name> is required. Keyvault secret uri which stores password. secret-name : One of <secret, secret-uri, secret-name> is required. Keyvault secret name which stores password. It's for AKS only.
Name of the mysql server. Required if '--target-id' is not specified.
Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.
The resource group which contains the mysql server. Required if '--target-id' is not specified.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create mysql-flexible
Create a webapp connection to mysql-flexible.
az webapp connection create mysql-flexible [--appconfig-id]
[--client-type {django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot}]
[--config-connstr {false, true}]
[--connection]
[--customized-keys]
[--database]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--resource-group]
[--secret]
[--server]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and mysql-flexible interactively
az webapp connection create mysql-flexibleCreate a connection between webapp and mysql-flexible with resource name
az webapp connection create mysql-flexible -g WebAppRG -n MyWebApp --tg MysqlRG --server MyServer --database MyDB --secret name=XX secret=XXCreate a connection between webapp slot and mysql-flexible with resource name
az webapp connection create mysql-flexible -g WebAppRG -n MyWebApp --slot MySlot --tg MysqlRG --server MyServer --database MyDB --secret name=XX secret=XXCreate a connection between webapp and mysql-flexible with resource id
az webapp connection create mysql-flexible --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DBforMySQL/flexibleServers/{server}/databases/{database} --secret name=XX secret=XXOptional Parameters
The app configuration id to store configuration.
The client type used on the webapp.
Store configuration into connection strings, only could be used together with dotnet client_type.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the mysql flexible database. Required if '--target-id' is not specified.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret name=XX secret=XX --secret name=XX secret-uri=XX --secret name=XX secret-name=XX
name : Required. Username or account name for secret auth. secret : One of <secret, secret-uri, secret-name> is required. Password or account key for secret auth. secret-uri : One of <secret, secret-uri, secret-name> is required. Keyvault secret uri which stores password. secret-name : One of <secret, secret-uri, secret-name> is required. Keyvault secret name which stores password. It's for AKS only.
Name of the mysql flexible server. Required if '--target-id' is not specified.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity mysql-identity-id=xx
mysql-identity-id : Optional. ID of identity used for MySQL flexible server AAD Authentication. Ignore it if you are the server AAD administrator.
The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.
The resource group which contains the mysql flexible server. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create mysql-flexible (serviceconnector-passwordless extension)
Create a webapp connection to mysql-flexible.
az webapp connection create mysql-flexible [--appconfig-id]
[--client-type {django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot}]
[--config-connstr {false, true}]
[--connection]
[--customized-keys]
[--database]
[--name]
[--new]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--resource-group]
[--secret]
[--server]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]
[--yes]Examples
Create a connection between webapp and mysql-flexible interactively
az webapp connection create mysql-flexibleCreate a connection between webapp and mysql-flexible with resource name
az webapp connection create mysql-flexible -g WebAppRG -n MyWebApp --tg MysqlRG --server MyServer --database MyDB --secret name=XX secret=XXCreate a connection between webapp and mysql-flexible with resource id
az webapp connection create mysql-flexible --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DBforMySQL/flexibleServers/{server}/databases/{database} --secret name=XX secret=XXOptional Parameters
The app configuration id to store configuration.
The client type used on the webapp.
Store configuration into connection strings, only could be used together with dotnet client_type.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the mysql flexible database. Required if '--target-id' is not specified.
Name of the webapp. Required if '--source-id' is not specified.None.
Deleting existing users with the same name before creating a new user in database.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret name=XX secret=XX --secret name=XX secret-uri=XX --secret name=XX secret-name=XX
name : Required. Username or account name for secret auth. secret : One of <secret, secret-uri, secret-name> is required. Password or account key for secret auth. secret-uri : One of <secret, secret-uri, secret-name> is required. Keyvault secret uri which stores password. secret-name : One of <secret, secret-uri, secret-name> is required. Keyvault secret name which stores password. It's for AKS only.
Name of the mysql flexible server. Required if '--target-id' is not specified.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal. mysql-identity-id : Optional. ID of identity used for MySQL flexible server Microsoft Entra Authentication. Ignore it if you are the server Microsoft Entra administrator.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity mysql-identity-id=xx
mysql-identity-id : Optional. ID of identity used for MySQL flexible server Microsoft Entra Authentication. Ignore it if you are the server Microsoft Entra administrator.
The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.
The resource group which contains the mysql flexible server. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity. mysql-identity-id : Optional. ID of identity used for MySQL flexible server Microsoft Entra Authentication. Ignore it if you are the server Microsoft Entra administrator.
The id of key vault to store secret value.
Do not prompt for confirmation.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create postgres
This command has been deprecated and will be removed in a future release.
Create a webapp connection to postgres.
az webapp connection create postgres [--appconfig-id]
[--client-type {django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot}]
[--config-connstr {false, true}]
[--connection]
[--customized-keys]
[--database]
[--name]
[--new {false, true}]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--server]
[--service-endpoint {false, true}]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and postgres interactively
az webapp connection create postgresCreate a connection between webapp and postgres with resource name
az webapp connection create postgres -g WebAppRG -n MyWebApp --tg PostgresRG --server MyServer --database MyDB --secret name=XX secret=XXCreate a connection between webapp slot and postgres with resource name
az webapp connection create postgres -g WebAppRG -n MyWebApp --slot MySlot --tg PostgresRG --server MyServer --database MyDB --secret name=XX secret=XXCreate a connection between webapp and postgres with resource id
az webapp connection create postgres --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DBforPostgreSQL/servers/{server}/databases/{database} --secret name=XX secret=XXCreate a new postgres and connect webapp to it interactively
az webapp connection create postgres --newCreate a new postgres and connect webapp to it
az webapp connection create postgres --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --newOptional Parameters
The app configuration id to store configuration.
The client type used on the webapp.
Store configuration into connection strings, only could be used together with dotnet client_type.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of postgres database. Required if '--target-id' is not specified.
Name of the webapp. Required if '--source-id' is not specified.None.
Indicates whether to create a new postgres when creating the webapp connection.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret name=XX secret=XX --secret name=XX secret-uri=XX --secret name=XX secret-name=XX
name : Required. Username or account name for secret auth. secret : One of <secret, secret-uri, secret-name> is required. Password or account key for secret auth. secret-uri : One of <secret, secret-uri, secret-name> is required. Keyvault secret uri which stores password. secret-name : One of <secret, secret-uri, secret-name> is required. Keyvault secret name which stores password. It's for AKS only.
Name of postgres server. Required if '--target-id' is not specified.
Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.
The resource group which contains the postgres service. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create postgres-flexible
Create a webapp connection to postgres-flexible.
az webapp connection create postgres-flexible [--appconfig-id]
[--client-type {django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot}]
[--config-connstr {false, true}]
[--connection]
[--customized-keys]
[--database]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--resource-group]
[--secret]
[--server]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and postgres-flexible interactively
az webapp connection create postgres-flexibleCreate a connection between webapp and postgres-flexible with resource name
az webapp connection create postgres-flexible -g WebAppRG -n MyWebApp --tg PostgresRG --server MyServer --database MyDB --secret name=XX secret=XXCreate a connection between webapp slot and postgres-flexible with resource name
az webapp connection create postgres-flexible -g WebAppRG -n MyWebApp --slot MySlot --tg PostgresRG --server MyServer --database MyDB --secret name=XX secret=XXCreate a connection between webapp and postgres-flexible with resource id
az webapp connection create postgres-flexible --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DBforPostgreSQL/flexibleServers/{server}/databases/{database} --secret name=XX secret=XXOptional Parameters
The app configuration id to store configuration.
The client type used on the webapp.
Store configuration into connection strings, only could be used together with dotnet client_type.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of postgres flexible database. Required if '--target-id' is not specified.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret name=XX secret=XX --secret name=XX secret-uri=XX --secret name=XX secret-name=XX
name : Required. Username or account name for secret auth. secret : One of <secret, secret-uri, secret-name> is required. Password or account key for secret auth. secret-uri : One of <secret, secret-uri, secret-name> is required. Keyvault secret uri which stores password. secret-name : One of <secret, secret-uri, secret-name> is required. Keyvault secret name which stores password. It's for AKS only.
Name of postgres flexible server. Required if '--target-id' is not specified.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.
The resource group which contains the flexible postgres service. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create postgres-flexible (serviceconnector-passwordless extension)
Create a webapp connection to postgres-flexible.
az webapp connection create postgres-flexible [--appconfig-id]
[--client-type {django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot}]
[--config-connstr {false, true}]
[--connection]
[--customized-keys]
[--database]
[--name]
[--new]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--resource-group]
[--secret]
[--server]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]
[--yes]Examples
Create a connection between webapp and postgres-flexible interactively
az webapp connection create postgres-flexibleCreate a connection between webapp and postgres-flexible with resource name
az webapp connection create postgres-flexible -g WebAppRG -n MyWebApp --tg PostgresRG --server MyServer --database MyDB --secret name=XX secret=XXCreate a connection between webapp and postgres-flexible with resource id
az webapp connection create postgres-flexible --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DBforPostgreSQL/flexibleServers/{server}/databases/{database} --secret name=XX secret=XXOptional Parameters
The app configuration id to store configuration.
The client type used on the webapp.
Store configuration into connection strings, only could be used together with dotnet client_type.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of postgres flexible database. Required if '--target-id' is not specified.
Name of the webapp. Required if '--source-id' is not specified.None.
Deleting existing users with the same name before creating a new user in database.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret name=XX secret=XX --secret name=XX secret-uri=XX --secret name=XX secret-name=XX
name : Required. Username or account name for secret auth. secret : One of <secret, secret-uri, secret-name> is required. Password or account key for secret auth. secret-uri : One of <secret, secret-uri, secret-name> is required. Keyvault secret uri which stores password. secret-name : One of <secret, secret-uri, secret-name> is required. Keyvault secret name which stores password. It's for AKS only.
Name of postgres flexible server. Required if '--target-id' is not specified.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.
The resource group which contains the flexible postgres service. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Do not prompt for confirmation.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create redis
Create a webapp connection to redis.
az webapp connection create redis [--appconfig-id]
[--client-type {dotnet, dotnet-internal, go, java, nodejs, none, python, springBoot}]
[--connection]
[--customized-keys]
[--database]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--server]
[--slot]
[--source-id]
[--target-id]
[--target-resource-group]
[--vault-id]Examples
Create a connection between webapp and redis interactively
az webapp connection create redisCreate a connection between webapp and redis with resource name
az webapp connection create redis -g WebAppRG -n MyWebApp --tg RedisRG --server MyServer --database MyDB --secretCreate a connection between webapp slot and redis with resource name
az webapp connection create redis -g WebAppRG -n MyWebApp --slot MySlot --tg RedisRG --server MyServer --database MyDB --secretCreate a connection between webapp and redis with resource id
az webapp connection create redis --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.Cache/redis/{server}/databases/{database} --secretOptional Parameters
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the redis database. Required if '--target-id' is not specified.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
Name of the redis server. Required if '--target-id' is not specified.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.
The resource group which contains the redis server. Required if '--target-id' is not specified.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create redis-enterprise
Create a webapp connection to redis-enterprise.
az webapp connection create redis-enterprise [--appconfig-id]
[--client-type {dotnet, dotnet-internal, go, java, nodejs, none, python, springBoot}]
[--connection]
[--customized-keys]
[--database]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--resource-group]
[--secret]
[--server]
[--slot]
[--source-id]
[--target-id]
[--target-resource-group]
[--vault-id]Examples
Create a connection between webapp and redis-enterprise interactively
az webapp connection create redis-enterpriseCreate a connection between webapp and redis-enterprise with resource name
az webapp connection create redis-enterprise -g WebAppRG -n MyWebApp --tg RedisRG --server MyServer --database MyDB --secretCreate a connection between webapp slot and redis-enterprise with resource name
az webapp connection create redis-enterprise -g WebAppRG -n MyWebApp --slot MySlot --tg RedisRG --server MyServer --database MyDB --secretCreate a connection between webapp and redis-enterprise with resource id
az webapp connection create redis-enterprise --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.Cache/redisEnterprise/{server}/databases/{database} --secretOptional Parameters
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the redis enterprise database. Required if '--target-id' is not specified.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
Name of the redis enterprise server. Required if '--target-id' is not specified.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.
The resource group which contains the redis server. Required if '--target-id' is not specified.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create servicebus
Create a webapp connection to servicebus.
az webapp connection create servicebus [--appconfig-id]
[--client-type {dotnet, dotnet-internal, go, java, nodejs, none, python, springBoot}]
[--connection]
[--customized-keys]
[--name]
[--namespace]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--service-endpoint {false, true}]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and servicebus interactively
az webapp connection create servicebusCreate a connection between webapp and servicebus with resource name
az webapp connection create servicebus -g WebAppRG -n MyWebApp --tg ServicebusRG --namespace MyNamespace --system-identityCreate a connection between webapp slot and servicebus with resource name
az webapp connection create servicebus -g WebAppRG -n MyWebApp --slot MySlot --tg ServicebusRG --namespace MyNamespace --system-identityCreate a connection between webapp and servicebus with resource id
az webapp connection create servicebus --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.ServiceBus/namespaces/{namespace} --system-identityOptional Parameters
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the webapp. Required if '--source-id' is not specified.None.
Name of the servicebus namespace. Required if '--target-id' is not specified.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--namespace'] are not specified.
The resource group which contains the servicebus. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create signalr
Create a webapp connection to signalr.
az webapp connection create signalr [--appconfig-id]
[--client-type {dotnet, dotnet-internal, none}]
[--connection]
[--customized-keys]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--service-principal]
[--signalr]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and signalr interactively
az webapp connection create signalrCreate a connection between webapp and signalr with resource name
az webapp connection create signalr -g WebAppRG -n MyWebApp --tg SignalrRG --signalr MySignalR --system-identityCreate a connection between webapp slot and signalr with resource name
az webapp connection create signalr -g WebAppRG -n MyWebApp --slot MySlot --tg SignalrRG --signalr MySignalR --system-identityCreate a connection between webapp and signalr with resource id
az webapp connection create signalr --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.SignalRService/SignalR/{signalr} --system-identityOptional Parameters
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
Name of the signalr service. Required if '--target-id' is not specified.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--signalr'] are not specified.
The resource group which contains the signalr. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create sql
Create a webapp connection to sql.
az webapp connection create sql [--appconfig-id]
[--client-type {django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot}]
[--config-connstr {false, true}]
[--connection]
[--customized-keys]
[--database]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--server]
[--service-endpoint {false, true}]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and sql interactively
az webapp connection create sqlCreate a connection between webapp and sql with resource name
az webapp connection create sql -g WebAppRG -n MyWebApp --tg SqlRG --server MyServer --database MyDB --secret name=XX secret=XXCreate a connection between webapp slot and sql with resource name
az webapp connection create sql -g WebAppRG -n MyWebApp --slot MySlot --tg SqlRG --server MyServer --database MyDB --secret name=XX secret=XXCreate a connection between webapp and sql with resource id
az webapp connection create sql --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.Sql/servers/{server}/databases/{database} --secret name=XX secret=XXOptional Parameters
The app configuration id to store configuration.
The client type used on the webapp.
Store configuration into connection strings, only could be used together with dotnet client_type.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the sql database. Required if '--target-id' is not specified.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret name=XX secret=XX --secret name=XX secret-uri=XX --secret name=XX secret-name=XX
name : Required. Username or account name for secret auth. secret : One of <secret, secret-uri, secret-name> is required. Password or account key for secret auth. secret-uri : One of <secret, secret-uri, secret-name> is required. Keyvault secret uri which stores password. secret-name : One of <secret, secret-uri, secret-name> is required. Keyvault secret name which stores password. It's for AKS only.
Name of the sql server. Required if '--target-id' is not specified.
Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.
The resource group which contains the sql server. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create sql (serviceconnector-passwordless extension)
Create a webapp connection to sql.
az webapp connection create sql [--appconfig-id]
[--client-type {django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot}]
[--config-connstr {false, true}]
[--connection]
[--customized-keys]
[--database]
[--name]
[--new]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--server]
[--service-endpoint {false, true}]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]
[--yes]Examples
Create a connection between webapp and sql interactively
az webapp connection create sqlCreate a connection between webapp and sql with resource name
az webapp connection create sql -g WebAppRG -n MyWebApp --tg SqlRG --server MyServer --database MyDB --secret name=XX secret=XXCreate a connection between webapp and sql with resource id
az webapp connection create sql --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.Sql/servers/{server}/databases/{database} --secret name=XX secret=XXOptional Parameters
The app configuration id to store configuration.
The client type used on the webapp.
Store configuration into connection strings, only could be used together with dotnet client_type.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the sql database. Required if '--target-id' is not specified.
Name of the webapp. Required if '--source-id' is not specified.None.
Deleting existing users with the same name before creating a new user in database.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret name=XX secret=XX --secret name=XX secret-uri=XX --secret name=XX secret-name=XX
name : Required. Username or account name for secret auth. secret : One of <secret, secret-uri, secret-name> is required. Password or account key for secret auth. secret-uri : One of <secret, secret-uri, secret-name> is required. Keyvault secret uri which stores password. secret-name : One of <secret, secret-uri, secret-name> is required. Keyvault secret name which stores password. It's for AKS only.
Name of the sql server. Required if '--target-id' is not specified.
Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.
The resource group which contains the sql server. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Do not prompt for confirmation.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create storage-blob
Create a webapp connection to storage-blob.
az webapp connection create storage-blob [--account]
[--appconfig-id]
[--client-type {dotnet, dotnet-internal, java, nodejs, none, python, springBoot}]
[--connection]
[--customized-keys]
[--name]
[--new {false, true}]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--service-endpoint {false, true}]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and storage-blob interactively
az webapp connection create storage-blobCreate a connection between webapp and storage-blob with resource name
az webapp connection create storage-blob -g WebAppRG -n MyWebApp --tg StorageRG --account MyAccount --system-identityCreate a connection between webapp slot and storage-blob with resource name
az webapp connection create storage-blob -g WebAppRG -n MyWebApp --slot MySlot --tg StorageRG --account MyAccount --system-identityCreate a connection between webapp and storage-blob with resource id
az webapp connection create storage-blob --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.Storage/storageAccounts/{account}/blobServices/default --system-identityCreate a new storage-blob and connect webapp to it interactively
az webapp connection create storage-blob --newCreate a new storage-blob and connect webapp to it
az webapp connection create storage-blob --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --newOptional Parameters
Name of the storage account. Required if '--target-id' is not specified.
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the webapp. Required if '--source-id' is not specified.None.
Indicates whether to create a new storage-blob when creating the webapp connection.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--account'] are not specified.
The resource group which contains the storage account. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create storage-file
Create a webapp connection to storage-file.
az webapp connection create storage-file [--account]
[--appconfig-id]
[--client-type {dotnet, dotnet-internal, java, nodejs, none, php, python, ruby, springBoot}]
[--connection]
[--customized-keys]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--service-endpoint {false, true}]
[--slot]
[--source-id]
[--target-id]
[--target-resource-group]
[--vault-id]Examples
Create a connection between webapp and storage-file interactively
az webapp connection create storage-fileCreate a connection between webapp and storage-file with resource name
az webapp connection create storage-file -g WebAppRG -n MyWebApp --tg StorageRG --account MyAccount --secretCreate a connection between webapp slot and storage-file with resource name
az webapp connection create storage-file -g WebAppRG -n MyWebApp --slot MySlot --tg StorageRG --account MyAccount --secretCreate a connection between webapp and storage-file with resource id
az webapp connection create storage-file --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.Storage/storageAccounts/{account}/fileServices/default --secretOptional Parameters
Name of the storage account. Required if '--target-id' is not specified.
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The resource id of target service. Required if ['--target-resource-group', '--account'] are not specified.
The resource group which contains the storage account. Required if '--target-id' is not specified.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create storage-queue
Create a webapp connection to storage-queue.
az webapp connection create storage-queue [--account]
[--appconfig-id]
[--client-type {dotnet, dotnet-internal, java, nodejs, none, python, springBoot}]
[--connection]
[--customized-keys]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--service-endpoint {false, true}]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and storage-queue interactively
az webapp connection create storage-queueCreate a connection between webapp and storage-queue with resource name
az webapp connection create storage-queue -g WebAppRG -n MyWebApp --tg StorageRG --account MyAccount --system-identityCreate a connection between webapp slot and storage-queue with resource name
az webapp connection create storage-queue -g WebAppRG -n MyWebApp --slot MySlot --tg StorageRG --account MyAccount --system-identityCreate a connection between webapp and storage-queue with resource id
az webapp connection create storage-queue --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.Storage/storageAccounts/{account}/queueServices/default --system-identityOptional Parameters
Name of the storage account. Required if '--target-id' is not specified.
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--account'] are not specified.
The resource group which contains the storage account. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create storage-table
Create a webapp connection to storage-table.
az webapp connection create storage-table [--account]
[--appconfig-id]
[--client-type {dotnet, dotnet-internal, java, nodejs, none, python}]
[--connection]
[--customized-keys]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--service-endpoint {false, true}]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]Examples
Create a connection between webapp and storage-table interactively
az webapp connection create storage-tableCreate a connection between webapp and storage-table with resource name
az webapp connection create storage-table -g WebAppRG -n MyWebApp --tg StorageRG --account MyAccount --system-identityCreate a connection between webapp slot and storage-table with resource name
az webapp connection create storage-table -g WebAppRG -n MyWebApp --slot MySlot --tg StorageRG --account MyAccount --system-identityCreate a connection between webapp and storage-table with resource id
az webapp connection create storage-table --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.Storage/storageAccounts/{account}/tableServices/default --system-identityOptional Parameters
Name of the storage account. Required if '--target-id' is not specified.
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--account'] are not specified.
The resource group which contains the storage account. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az webapp connection create webpubsub
Create a webapp connection to webpubsub.
az webapp connection create webpubsub [--appconfig-id]
[--client-type {dotnet, dotnet-internal, java, nodejs, none, python}]
[--connection]
[--customized-keys]
[--name]
[--no-wait]
[--opt-out {auth, configinfo, publicnetwork}]
[--private-endpoint {false, true}]
[--resource-group]
[--secret]
[--service-principal]
[--slot]
[--source-id]
[--system-identity]
[--target-id]
[--target-resource-group]
[--user-identity]
[--vault-id]
[--webpubsub]Examples
Create a connection between webapp and webpubsub interactively
az webapp connection create webpubsubCreate a connection between webapp and webpubsub with resource name
az webapp connection create webpubsub -g WebAppRG -n MyWebApp --tg WebpubsubRG --webpubsub MyWebPubSub --system-identityCreate a connection between webapp slot and webpubsub with resource name
az webapp connection create webpubsub -g WebAppRG -n MyWebApp --slot MySlot --tg WebpubsubRG --webpubsub MyWebPubSub --system-identityCreate a connection between webapp and webpubsub with resource id
az webapp connection create webpubsub --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.SignalRService/WebPubSub/{webpubsub} --system-identityOptional Parameters
The app configuration id to store configuration.
The client type used on the webapp.
Name of the webapp connection.
The customized keys used to change default configuration names. Key is the original name, value is the customized name.
Name of the webapp. Required if '--source-id' is not specified.None.
Do not wait for the long-running operation to finish.
Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.
Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.
The resource group which contains the webapp. Required if '--source-id' is not specified.None.
The secret auth info.
Usage: --secret.
The service principal auth info.
Usage: --service-principal client-id=XX secret=XX
client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.
The name of the slot. Default to the production slot if not specified.
The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.
The system assigned identity auth info.
Usage: --system-identity.
The resource id of target service. Required if ['--target-resource-group', '--webpubsub'] are not specified.
The resource group which contains the webpubsub. Required if '--target-id' is not specified.
The user assigned identity auth info.
Usage: --user-identity client-id=XX subs-id=XX
client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.
The id of key vault to store secret value.
Name of the webpubsub service. Required if '--target-id' is not specified.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
