Microsoft Azure Command-Line Tools Role Command Module
Microsoft Azure CLI ‘role’ Command Module for Role-Based Access Control (RBAC)
This package is for the ‘role’ module. i.e. ‘az role’
role assignment: support scope of management group
create-for-rbac: hide ‘–password’ as the preparations to pull the plug completely in 2019 May
[BREAKING CHANGE] ‘group create’/’app create’/’sp create-for-rbac’: supports idempotent, hence confliction error will not be surfaced
create-for-rbac: handle –years correctly
[BREAKING CHANGE] role assignment delete: prompt when delete all assignments under the subscription unconditionally
ad app/sp credential reset: support –end-date
ad app permission add: support to add permissions on existing api
ad app permission list: fix a bad error when there is no permissions
ad sp delete: skip role assignment delete if the current account has no subscription
ad app create: make –identifier-uris default to empty list if not provided
role definition update: use id to resolve definition correctly
ad app credential reset: drop the assumption that app’s service principal always exists
az ad app create/update: support app roles
az identity moved here from inside of the azure-cli-vm command_module.
create-for-rbac: deprecate –password for securer password auto-generated by CLI
BREAKING CHANGE: az ad app/sp list will by default output the first 100 objects instead of getting all of them.
support custom identifier for password credential
ad app update: address a failure caused by updating immutable credentials
graph: output warnings to communicate breaking changes in the near future for “ad app/sp list”
support API permission management, signed-in-user, and application password & certificate credential management
ad sp create-for-rbac: clarify the confusion between displayName and service principal name
support grant permissions to AAD apps
support add/remove/list owner on AAD Applciation and Group objects
ad app owner: Adds support for listing Azure AD app owners.
ad sp owner: Adds support for listing Azure AD service principal owners.
role: ensure role definition create & update commands accept multiple permission configurations
create-for-rbac: ensure home page uri is always “https”
support list user’s group memberships
role assignment: fix a recent regression that principalName is missing
support for stack profile 2017-03-09-profile
ad app update: Fixes issue where generic update parameters would not work correctly.
BREAKING CHANGE: ‘show’ commands log error message and fail with exit code of 3 upon a missing resource.
ad: remove stack traces from graph exceptions before surface to users
ad sp create: do not throw if CLI can’t resolve app id
ad app update: add generic update support
BREAKING CHANGE: remove deprecated az ad sp reset-credentials
sdist is now compatible with wheel 0.31.0
graph: support required access configuration and native client
rbac: ensure collection has less than 1000 ids on resolving graph objects
ad sp: new commands to manage credentials “az ad sp credential reset/list/delete”
role assignments: (breaking change)list/show output has “properties” removed to align with SDK
role definition: support dataActions and notDataActions
role assignments: expose “role assignment list-changelogs” for rbac audit
ad app update: expose “–available-to-other-tenants”
role assignment: expose –assignee-object-id to bypass graph query
Update for CLI core changes.
role assignment list: show default assignments for classic administrators
ad sp reset-credentials: support to add credentials instead of overwriting
create-for-rbac: emit out an actionable error if provisioning application failed for lack of permissions
create-for-rbac: support output in SDK auth file format
rbac: clean up role assignments and related AAD application when delete a service principal (#3610)
ad: for ‘app create’ command, mention time format in the arg descriptions for –start-date/–end-date
output deprecating information on using ‘–expanded-view’
Add Key Vault integration to the create-for-rbac and reset-credentials commands.
create-for-rbac: ensure SP’s end date will not exceed certificate’s expiration date (#2989)
RBAC: add full support for ‘ad group’ (#2016)
role: fix issues on role definition update (#2745)
create-for-rbac: ensure user provided password is picked up
role: fix the error when supply role in guid format (#2667)
Fix code style of azure-cli-role (#2608)
rbac:catch more graph error (#2567)
core: support login using service principal with a cert (#2457)
Support –skip-assignment for ‘az ad sp create-for-rbac’
Show commands return empty string with exit code 0 for 404 responses
Support Python 3.6.
‘create-for-rbac’ command accepts displayname.
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Hashes for opal-azure-cli-role-2.6.6.tar.gz
Hashes for opal_azure_cli_role-2.6.6-py2.py3-none-any.whl