How to work with Azure identities using the Azure CLI

There are many Azure CLI reference commands that help you to work with Azure identities. This article provides a list of Azure CLI commands and the quickstart, how-to guide or tutorial that shows the use of the command. For identity commands without an article, rely on the reference example (the link in column one).

Note

Not all Azure CLI commands containing the word "identity" are about Microsoft Entra ID managed identities. This article is an index of Azure CLI commands to help you manage any type of Azure identity.

az acr

Reference subgroup	Article showing reference use
az acr identity	Troubleshoot a customer-managed key
az acr task identity

az aks

Reference subgroup	Article showing reference use
az aks pod-identity	Migrate from pod managed-identity to workload identity
	Use Microsoft Entra pod-managed identities in Azure Kubernetes Service (Preview)
az aks pod-identity exception	Troubleshoot Azure Kubernetes Service backup and restore
	Use Microsoft Entra pod-managed identities in Azure Kubernetes Service (Preview)

az ams

Reference subgroup	Article showing reference use
az ams account identity

az appconfig

Reference subgroup	Article showing reference use
az appconfig identity	Use customer-managed keys to encrypt your App Configuration data
	How to use managed identities for Azure App Configuration

az backup

Reference subgroup	Article showing reference use
az backup vault identity	Save and manage MARS agent passphrase securely in Azure Key Vault
	Encrypt backup data by using customer-managed keys

az batch

Reference subgroup	Article showing reference use
az batch account identity

az cognitiveservices

Reference subgroup	Article showing reference use
az cognitiveservices account identity

az communication

Reference subgroup	Article showing reference use
az communication identity	How to use Managed Identity with Azure Communication Services
az communication identity token	Quickstart: Join a room call
	Pre-Call diagnostic
	Adding visual effects to a video call

az containerapp

Reference subgroup	Article showing reference use
az containerapp identity	Managed identities in Azure Container Apps
	Deploy to Azure Container Apps from Azure Pipelines
	Deploy to Azure Container Apps with GitHub Actions
	Migrate a Python application to use passwordless connections with Azure SQL Database
	Migrate an application to use passwordless connections with Azure Blob Storage
	Migrate an application to use passwordless connections with Azure Database for PostgreSQL
	Migrate an application to use passwordless connections with Azure Service Bus
	Tutorial: Use code interpreter sessions in LangChain with Azure Container Apps
	Migrate an application to use passwordless connections with Azure Event Hubs
	Tutorial: Use code interpreter sessions in Semantic Kernel with Azure Container Apps

az cosmosdb

Reference subgroup	Article showing reference use
az cosmosdb identity	Configure managed identities with Microsoft Entra ID for your Azure Cosmos DB account
	Access Azure Key Vault from Azure Cosmos DB using a managed identity
	Create and manage container copy jobs in Azure Cosmos DB (Preview)
	Configure customer-managed keys for your Azure Cosmos DB account with Azure Managed HSM Key Vault

az disk-encryption-set

Reference subgroup	Article showing reference use
az disk-encryption-set identity

az dt

Reference subgroup	Article showing reference use
az dt identity	Set up an Azure Digital Twins instance and authentication (CLI)

az eventhubs

Reference subgroup	Article showing reference use
az eventhubs namespace identity

az functionapp

Reference subgroup	Article showing reference use
az functionapp identity	Create your first containerized functions on Azure Container Apps
	Enable linting and analysis for API governance in your API center
	Tutorial: Build out an end-to-end solution
	Ingest IoT Hub telemetry into Azure Digital Twins
	Set up twin-to-twin event handling
	Integrate Azure Digital Twins with Azure Time Series Insights

az identity

Reference subgroup	Article showing reference use
az identity	How to use managed identities for App Service and Azure Functions
	Manage user-assigned managed identities
	Use Key Vault references as app settings in Azure App Service and Azure Functions
	Transfer an Azure subscription to a different Microsoft Entra directory
	Configure a custom container for Azure App Service
	Deploy and configure workload identity on an Azure Kubernetes Service (AKS) cluster
	Migrate custom software to Azure App Service using a custom container
	Provision and publish a bot
	Configure a user-assigned managed identity to trust an external identity provider
	Assign Azure roles using Azure CLI
az identity federated-credential	Deploy and configure workload identity on an Azure Kubernetes Service (AKS) cluster
	Configure a user-assigned managed identity to trust an external identity provider
	Tutorial: Deploy applications using GitOps with Flux v2
	Migrate from pod managed-identity to workload identity
	Quickstart: Deploy Application Gateway for Containers ALB Controller
	Integrate KEDA with your Azure Kubernetes Service cluster
	Send Prometheus data to Azure Monitor by using Microsoft Entra Workload ID (preview) authentication
	Deploy a highly available PostgreSQL database on AKS
	Configure and deploy a Valkey cluster on Azure Kubernetes Service (AKS)
	Securely scale your applications using the KEDA add-on and workload identity on Azure Kubernetes Service (AKS)

az image

Reference subgroup	Article showing reference use
az image builder identity	Troubleshoot Azure VM Image Builder

az iot

Reference subgroup	Article showing reference use
az iot central app identity	Export IoT data to Blob Storage
	Export IoT data to Azure Data Explorer
	Export IoT data to Event Hubs
	Manage and monitor IoT Central applications
	Export IoT data to Service Bus
az iot hub device-identity	Create and provision an IoT Edge device on Linux using symmetric keys
	Quickstart: Deploy your first IoT Edge module to a virtual Linux device
	Install and run the Spatial Analysis container (preview)
	Tutorial: Send device data to Azure Storage using IoT Hub message routing
	Quickstart: Deploy your first IoT Edge module to a Windows device
	Quickstart: Send telemetry from a device to an IoT hub and monitor it with the Azure CLI
	Tutorial - Use MQTT to develop an IoT device client without using a device SDK
	Tutorial: Build out an end-to-end solution
	Create and provision an IoT Edge for Linux on Windows device using symmetric keys
	Tutorial: Configure your devices from a back-end service
az iot hub device-identity connection-string	Create and provision an IoT Edge device on Linux using symmetric keys
	Quickstart: Deploy your first IoT Edge module to a virtual Linux device
	Install and run the Spatial Analysis container (preview)
	Quickstart: Deploy your first IoT Edge module to a Windows device
	Tutorial: Build out an end-to-end solution
	Create and provision an IoT Edge for Linux on Windows device using symmetric keys
	Use Visual Studio 2022 to develop and debug modules for Azure IoT Edge
	Tutorial: Configure your devices from a back-end service
	Tutorial: Use a simulated device to test connectivity with your IoT hub
	Tutorial: Set up and use metrics and logs with an IoT hub
az iot hub identity	Configure IoT Hub file uploads using Azure CLI
az iot hub module-identity	Deploy Azure IoT Edge modules with Azure CLI

az logic

Reference subgroup	Article showing reference use
az logic workflow identity

az monitor

Reference subgroup	Article showing reference use
az monitor app-insights workbook identity

az mysql

Reference subgroup	Article showing reference use
az mysql flexible-server identity	Migrate an application to use passwordless connections with Azure Database for MySQL
	Configure passwordless database connections for Java apps on Oracle WebLogic Servers
	Use Java and JDBC with Azure Database for MySQL - Flexible Server

az network

Reference subgroup	Article showing reference use
az network application-gateway identity
az network express-route port identity

az nexusidentity

Reference subgroup	Article showing reference use
az nexusidentity

az policy

Reference subgroup	Article showing reference use
az policy assignment identity	Built-in policies for Azure Monitor

az postgres

Reference subgroup	Article showing reference use
az postgres flexible-server identity

az redis

Reference subgroup	Article showing reference use
az redis identity	Managed identity for storage

az servicebus

Reference subgroup	Article showing reference use
az servicebus namespace identity

az signalr

Reference subgroup	Article showing reference use
az signalr identity

az spring

Reference subgroup	Article showing reference use
az spring app identity	Migrate a Python application to use passwordless connections with Azure SQL Database
	Migrate an application to use passwordless connections with Azure Blob Storage
	Migrate an application to use passwordless connections with Azure Database for PostgreSQL
	Migrate an application to use passwordless connections with Azure Service Bus
	Enable system-assigned managed identity for an application in Azure Spring Apps
	Migrate an application to use passwordless connections with Azure Event Hubs
	Migrate a .NET application to use passwordless connections with Azure SQL Database
	Migrate a Node.js application to use passwordless connections with Azure SQL Database
	Migrate a Java application to use passwordless connections with Azure SQL Database
	Migrate an application to use passwordless connections with Azure Database for MySQL

az stack-hci

Reference subgroup	Article showing reference use
az stack-hci cluster identity

az staticwebapp

Reference subgroup	Article showing reference use
az staticwebapp identity

az synapse

Reference subgroup	Article showing reference use
az synapse workspace managed-identity	Move an Azure Synapse Analytics workspace from one region to another

az vm

Reference subgroup	Article showing reference use
az vm identity	Sign in to a Linux virtual machine in Azure by using Microsoft Entra ID and OpenSSH
	Use an Azure managed identity to authenticate to an Azure container registry
	Use the Linux diagnostic extension 4.0 to monitor metrics and logs
	Connect with Managed Identity to Azure Database for PostgreSQL
	Authenticate Azure-hosted apps to Azure resources with the Azure SDK for .NET
	Migrate a Python application to use passwordless connections with Azure SQL Database
	Send Prometheus metrics from virtual machines, scale sets, or Kubernetes clusters to an Azure Monitor workspace
	Authenticating Azure-hosted apps to Azure resources with the Azure SDK for Python
	Migrate an application to use passwordless connections with Azure Blob Storage
	Migrate an application to use passwordless connections with Azure Database for PostgreSQL

az vmss

Reference subgroup	Article showing reference use
az vmss identity	Sign in to a Linux virtual machine in Azure by using Microsoft Entra ID and OpenSSH
	Fail to pull images from Azure Container Registry to Azure Kubernetes Service cluster
	Use the Linux diagnostic extension 4.0 to monitor metrics and logs
	Send Prometheus metrics from virtual machines, scale sets, or Kubernetes clusters to an Azure Monitor workspace
	Send Prometheus data to Azure Monitor by using managed identity authentication
	Create a chaos experiment that uses an agent-based fault with the Azure CLI
	Connect your Azure identity provider to the Azure Key Vault Secrets Store CSI Driver in Azure Kubernetes Service (AKS)

az vmware

Reference subgroup	Article showing reference use
az vmware private-cloud identity
az vmware private-cloud identity-source

az webapp

Reference subgroup	Article showing reference use
az webapp identity	How to use managed identities for App Service and Azure Functions
	Tutorial: Connect to SQL Database from .NET App Service without secrets using a managed identity
	Configure a custom container for Azure App Service
	Connect to and query Azure SQL Database using Python and the pyodbc driver
	Migrate custom software to Azure App Service using a custom container
	Tutorial: Connect to Azure databases from App Service without secrets using a managed identity
	Authenticate Azure-hosted apps to Azure resources with the Azure SDK for .NET
	Migrate a Python application to use passwordless connections with Azure SQL Database
	Authenticating Azure-hosted apps to Azure resources with the Azure SDK for Python
	Migrate an application to use passwordless connections with Azure Blob Storage