opal-azure-cli-role 2.6.6

Microsoft Azure Command-Line Tools Role Command Module

Microsoft Azure CLI ‘role’ Command Module for Role-Based Access Control (RBAC)

This package is for the ‘role’ module. i.e. ‘az role’

Release History

2.6.3

• Minor fixes.

2.6.2

• role assignment: support scope of management group

2.6.1

• create-for-rbac: hide ‘–password’ as the preparations to pull the plug completely in 2019 May

2.6.0

• [BREAKING CHANGE] ‘group create’/’app create’/’sp create-for-rbac’: supports idempotent, hence confliction error will not be surfaced

2.5.0

• create-for-rbac: handle –years correctly
• [BREAKING CHANGE] role assignment delete: prompt when delete all assignments under the subscription unconditionally

2.4.3

• ad app/sp credential reset: support –end-date
• ad app permission add: support to add permissions on existing api
• ad app permission list: fix a bad error when there is no permissions
• ad sp delete: skip role assignment delete if the current account has no subscription
• ad app create: make –identifier-uris default to empty list if not provided

2.4.2

• role definition update: use id to resolve definition correctly
• ad app credential reset: drop the assumption that app’s service principal always exists

2.4.1

• az ad app create/update: support app roles

2.4.0

• az identity moved here from inside of the azure-cli-vm command_module.

2.3.1

• Minor fixes

2.3.0

• create-for-rbac: deprecate –password for securer password auto-generated by CLI

2.2.0

• BREAKING CHANGE: az ad app/sp list will by default output the first 100 objects instead of getting all of them.

2.1.11

• support custom identifier for password credential

2.1.10

• ad app update: address a failure caused by updating immutable credentials
• graph: output warnings to communicate breaking changes in the near future for “ad app/sp list”

2.1.9

• support API permission management, signed-in-user, and application password & certificate credential management
• ad sp create-for-rbac: clarify the confusion between displayName and service principal name
• support grant permissions to AAD apps

2.1.8

• support add/remove/list owner on AAD Applciation and Group objects

2.1.7

• ad app owner: Adds support for listing Azure AD app owners.
• ad sp owner: Adds support for listing Azure AD service principal owners.

2.1.6

• role: ensure role definition create & update commands accept multiple permission configurations
• create-for-rbac: ensure home page uri is always “https”

2.1.5

• support list user’s group memberships

2.1.4

• Minor fixes.

2.1.3

• role assignment: fix a recent regression that principalName is missing

2.1.2

• support for stack profile 2017-03-09-profile

2.1.1

• ad app update: Fixes issue where generic update parameters would not work correctly.

2.1.0

• BREAKING CHANGE: ‘show’ commands log error message and fail with exit code of 3 upon a missing resource.

2.0.27

• Minor fixes.

2.0.26

• Minor fixes.

2.0.25

• ad: remove stack traces from graph exceptions before surface to users
• ad sp create: do not throw if CLI can’t resolve app id

2.0.24

• ad app update: add generic update support

2.0.23

• BREAKING CHANGE: remove deprecated az ad sp reset-credentials
• Minor fixes.

2.0.22

• sdist is now compatible with wheel 0.31.0

2.0.21

• graph: support required access configuration and native client
• rbac: ensure collection has less than 1000 ids on resolving graph objects
• ad sp: new commands to manage credentials “az ad sp credential reset/list/delete”
• role assignments: (breaking change)list/show output has “properties” removed to align with SDK
• role definition: support dataActions and notDataActions

2.0.20

• role assignments: expose “role assignment list-changelogs” for rbac audit

2.0.18

• ad app update: expose “–available-to-other-tenants”

2.0.17

• role assignment: expose –assignee-object-id to bypass graph query

2.0.16

• Update for CLI core changes.

2.0.15

• role assignment list: show default assignments for classic administrators
• ad sp reset-credentials: support to add credentials instead of overwriting
• create-for-rbac: emit out an actionable error if provisioning application failed for lack of permissions

2.0.14

• minor fixes

2.0.13 (2017-10-09)

• minor fixes

2.0.12 (2017-09-22)

• minor fixes

2.0.11 (2017-08-28)

• minor fixes

2.0.10 (2017-08-11)

• minor fixes

2.0.9 (2017-07-27)

• minor fixes

2.0.8 (2017-07-07)

create-for-rbac: support output in SDK auth file format

2.0.7 (2017-06-21)

• No changes.

2.0.6 (2017-06-13)

• rbac: clean up role assignments and related AAD application when delete a service principal (#3610)

2.0.5 (2017-05-30)

• ad: for ‘app create’ command, mention time format in the arg descriptions for –start-date/–end-date
• output deprecating information on using ‘–expanded-view’
• Add Key Vault integration to the create-for-rbac and reset-credentials commands.

2.0.4 (2017-05-09)

• Minor fixes.

2.0.3 (2017-04-28)

• create-for-rbac: ensure SP’s end date will not exceed certificate’s expiration date (#2989)
• RBAC: add full support for ‘ad group’ (#2016)

2.0.2 (2017-04-17)

• role: fix issues on role definition update (#2745)
• create-for-rbac: ensure user provided password is picked up

2.0.1 (2017-04-03)

• role: fix the error when supply role in guid format (#2667)
• Fix code style of azure-cli-role (#2608)
• rbac:catch more graph error (#2567)
• core: support login using service principal with a cert (#2457)

2.0.0 (2017-02-27)

• GA release.

0.1.2rc2 (2017-02-22)

• Documentation updates.

0.1.2rc1 (2017-02-17)

• Support –skip-assignment for ‘az ad sp create-for-rbac’
• Show commands return empty string with exit code 0 for 404 responses

0.1.1b2 (2017-01-30)

• Support Python 3.6.

0.1.1b1 (2017-01-17)

• ‘create-for-rbac’ command accepts displayname.

0.1.0b11 (2016-12-12)

• Preview release.