Skip to main content

Microsoft Azure Command-Line Tools Role Command Module

Project description

Microsoft Azure CLI ‘role’ Command Module for Role-Based Access Control (RBAC)

This package is for the ‘role’ module. i.e. ‘az role’

Release History


  • Minor fixes.


  • role assignment: support scope of management group


  • create-for-rbac: hide ‘–password’ as the preparations to pull the plug completely in 2019 May


  • [BREAKING CHANGE] ‘group create’/’app create’/’sp create-for-rbac’: supports idempotent, hence confliction error will not be surfaced


  • create-for-rbac: handle –years correctly

  • [BREAKING CHANGE] role assignment delete: prompt when delete all assignments under the subscription unconditionally


  • ad app/sp credential reset: support –end-date

  • ad app permission add: support to add permissions on existing api

  • ad app permission list: fix a bad error when there is no permissions

  • ad sp delete: skip role assignment delete if the current account has no subscription

  • ad app create: make –identifier-uris default to empty list if not provided


  • role definition update: use id to resolve definition correctly

  • ad app credential reset: drop the assumption that app’s service principal always exists


  • az ad app create/update: support app roles


  • az identity moved here from inside of the azure-cli-vm command_module.


  • Minor fixes


  • create-for-rbac: deprecate –password for securer password auto-generated by CLI


  • BREAKING CHANGE: az ad app/sp list will by default output the first 100 objects instead of getting all of them.


  • support custom identifier for password credential


  • ad app update: address a failure caused by updating immutable credentials

  • graph: output warnings to communicate breaking changes in the near future for “ad app/sp list”


  • support API permission management, signed-in-user, and application password & certificate credential management

  • ad sp create-for-rbac: clarify the confusion between displayName and service principal name

  • support grant permissions to AAD apps


  • support add/remove/list owner on AAD Applciation and Group objects


  • ad app owner: Adds support for listing Azure AD app owners.

  • ad sp owner: Adds support for listing Azure AD service principal owners.


  • role: ensure role definition create & update commands accept multiple permission configurations

  • create-for-rbac: ensure home page uri is always “https”


  • support list user’s group memberships


  • Minor fixes.


  • role assignment: fix a recent regression that principalName is missing


  • support for stack profile 2017-03-09-profile


  • ad app update: Fixes issue where generic update parameters would not work correctly.


  • BREAKING CHANGE: ‘show’ commands log error message and fail with exit code of 3 upon a missing resource.


  • Minor fixes.


  • Minor fixes.


  • ad: remove stack traces from graph exceptions before surface to users

  • ad sp create: do not throw if CLI can’t resolve app id


  • ad app update: add generic update support


  • BREAKING CHANGE: remove deprecated az ad sp reset-credentials

  • Minor fixes.


  • sdist is now compatible with wheel 0.31.0


  • graph: support required access configuration and native client

  • rbac: ensure collection has less than 1000 ids on resolving graph objects

  • ad sp: new commands to manage credentials “az ad sp credential reset/list/delete”

  • role assignments: (breaking change)list/show output has “properties” removed to align with SDK

  • role definition: support dataActions and notDataActions


  • role assignments: expose “role assignment list-changelogs” for rbac audit


  • ad app update: expose “–available-to-other-tenants”


  • role assignment: expose –assignee-object-id to bypass graph query


  • Update for CLI core changes.


  • role assignment list: show default assignments for classic administrators

  • ad sp reset-credentials: support to add credentials instead of overwriting

  • create-for-rbac: emit out an actionable error if provisioning application failed for lack of permissions


  • minor fixes

2.0.13 (2017-10-09)

  • minor fixes

2.0.12 (2017-09-22)

  • minor fixes

2.0.11 (2017-08-28)

  • minor fixes

2.0.10 (2017-08-11)

  • minor fixes

2.0.9 (2017-07-27)

  • minor fixes

2.0.8 (2017-07-07)

create-for-rbac: support output in SDK auth file format

2.0.7 (2017-06-21)

  • No changes.

2.0.6 (2017-06-13)

  • rbac: clean up role assignments and related AAD application when delete a service principal (#3610)

2.0.5 (2017-05-30)

  • ad: for ‘app create’ command, mention time format in the arg descriptions for –start-date/–end-date

  • output deprecating information on using ‘–expanded-view’

  • Add Key Vault integration to the create-for-rbac and reset-credentials commands.

2.0.4 (2017-05-09)

  • Minor fixes.

2.0.3 (2017-04-28)

  • create-for-rbac: ensure SP’s end date will not exceed certificate’s expiration date (#2989)

  • RBAC: add full support for ‘ad group’ (#2016)

2.0.2 (2017-04-17)

  • role: fix issues on role definition update (#2745)

  • create-for-rbac: ensure user provided password is picked up

2.0.1 (2017-04-03)

  • role: fix the error when supply role in guid format (#2667)

  • Fix code style of azure-cli-role (#2608)

  • rbac:catch more graph error (#2567)

  • core: support login using service principal with a cert (#2457)

2.0.0 (2017-02-27)

  • GA release.

0.1.2rc2 (2017-02-22)

  • Documentation updates.

0.1.2rc1 (2017-02-17)

  • Support –skip-assignment for ‘az ad sp create-for-rbac’

  • Show commands return empty string with exit code 0 for 404 responses

0.1.1b2 (2017-01-30)

  • Support Python 3.6.

0.1.1b1 (2017-01-17)

  • ‘create-for-rbac’ command accepts displayname.

0.1.0b11 (2016-12-12)

  • Preview release.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

opal-azure-cli-role-2.6.6.tar.gz (34.9 kB view hashes)

Uploaded source

Built Distribution

opal_azure_cli_role-2.6.6-py2.py3-none-any.whl (36.9 kB view hashes)

Uploaded py2 py3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page