Share via


az network vnet

Note

This command group has commands that are defined in both Azure CLI and at least one extension. Install each extension to benefit from its extended capabilities. Learn more about extensions.

Check if a private IP address is available for use within a virtual network.

To learn more about Virtual Networks visit https://docs.microsoft.com/azure/virtual-network/virtual-network-manage-network.

Commands

Name Description Type Status
az network vnet check-ip-address

Check if a private IP address is available for use within a virtual network.

Core GA
az network vnet create

Create a virtual network.

Core GA
az network vnet delete

Delete a virtual network.

Core GA
az network vnet list

List virtual networks.

Core GA
az network vnet list-available-ips

List some available ips in the vnet.

Core Preview
az network vnet list-endpoint-services

List which services support VNet service tunneling in a given region.

Core GA
az network vnet peering

Manage peering connections between Azure Virtual Networks.

Core GA
az network vnet peering create

Create a virtual network peering connection.

Core GA
az network vnet peering delete

Delete a peering.

Core GA
az network vnet peering list

List peerings.

Core GA
az network vnet peering show

Show details of a peering.

Core GA
az network vnet peering sync

Sync a virtual network peering connection.

Core GA
az network vnet peering update

Update a peering in the specified virtual network.

Core GA
az network vnet peering wait

Place the CLI in a waiting state until a condition is met.

Core GA
az network vnet show

Get the details of a virtual network.

Core GA
az network vnet subnet

Manage subnets in an Azure Virtual Network.

Core GA
az network vnet subnet create

Create a subnet and associate an existing NSG and route table.

Core GA
az network vnet subnet delete

Delete a subnet.

Core GA
az network vnet subnet list

List the subnets in a virtual network.

Core GA
az network vnet subnet list-available-delegations

List the services available for subnet delegation.

Core GA
az network vnet subnet list-available-ips

List some available ips in the subnet.

Core Preview
az network vnet subnet show

Show details of a subnet.

Core GA
az network vnet subnet update

Update a subnet.

Core GA
az network vnet subnet wait

Place the CLI in a waiting state until a condition is met.

Core GA
az network vnet tap

Manage virtual network taps.

Extension GA
az network vnet tap create

Create a virtual network tap.

Extension GA
az network vnet tap delete

Delete a virtual network tap.

Extension GA
az network vnet tap list

List virtual network taps.

Extension GA
az network vnet tap show

Get the details of a virtual network tap.

Extension GA
az network vnet tap update

Update settings of a virtual network tap.

Extension GA
az network vnet tap wait

Place the CLI in a waiting state until a condition is met.

Extension GA
az network vnet update

Update a virtual network.

Core GA
az network vnet wait

Place the CLI in a waiting state until a condition is met.

Core GA

az network vnet check-ip-address

Check if a private IP address is available for use within a virtual network.

az network vnet check-ip-address --ip-address
                                 --name
                                 --resource-group

Examples

Check whether 10.0.0.4 is available within MyVnet.

az network vnet check-ip-address -g MyResourceGroup -n MyVnet --ip-address 10.0.0.4

Required Parameters

--ip-address

The private IP address to be verified.

--name -n

The virtual network (VNet) name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vnet create

Create a virtual network.

You may also create a subnet at the same time by specifying a subnet name and (optionally) an address prefix. To learn about how to create a virtual network visit https://docs.microsoft.com/azure/virtual-network/manage-virtual-network#create-a-virtual-network.

az network vnet create --name
                       --resource-group
                       [--address-prefixes]
                       [--bgp-community]
                       [--ddos-protection {0, 1, f, false, n, no, t, true, y, yes}]
                       [--ddos-protection-plan]
                       [--dns-servers]
                       [--edge-zone]
                       [--enable-encryption {0, 1, f, false, n, no, t, true, y, yes}]
                       [--encryption-enforcement-policy {AllowUnencrypted, DropUnencrypted}]
                       [--flowtimeout]
                       [--location]
                       [--network-security-group]
                       [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                       [--pe-vnet-policies {Basic, Disabled}]
                       [--subnet-name]
                       [--subnet-prefixes]
                       [--subnets]
                       [--tags]
                       [--vm-protection {0, 1, f, false, n, no, t, true, y, yes}]

Examples

Create a virtual network with a specific address prefix and one subnet.

az network vnet create -g MyResourceGroup -n MyVnet --address-prefix 10.0.0.0/16 --subnet-name MySubnet --subnet-prefixes 10.0.0.0/24

Create a virtual network.

az network vnet create --address-prefixes 10.0.0.0/16 --name MyVirtualNetwork --resource-group MyResourceGroup --subnet-name MyAseSubnet --subnet-prefixes 10.0.0.0/24

Required Parameters

--name -n

The virtual network (VNet) name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--address-prefixes

Space-separated list of IP address prefixes for the VNet. Default: 10.0.0.0/16. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Default value: ['10.0.0.0/16']
--bgp-community

The BGP community associated with the virtual network.

--ddos-protection

Control whether DDoS protection is enabled.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
Default value: False
--ddos-protection-plan

Name or ID of a DDoS protection plan to associate with the VNet.

--dns-servers

Space-separated list of DNS server IP addresses. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--edge-zone

The name of edge zone.

--enable-encryption

Enable encryption on the virtual network.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--encryption-enforcement-policy --encryption-policy

To control if the Virtual Machine without encryption is allowed in encrypted Virtual Network or not.

Accepted values: AllowUnencrypted, DropUnencrypted
--flowtimeout

The FlowTimeout value (in minutes) for the Virtual Network.

--location -l

Resource location.

--network-security-group --nsg

Name or ID of a network security group (NSG).

--no-wait

Do not wait for the long-running operation to finish.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--pe-vnet-policies --private-endpoint-vnet-policies

Private Endpoint VNet Policies.

Accepted values: Basic, Disabled
--subnet-name

Name of a new subnet to create within the VNet.

--subnet-prefixes

Space-separated list of address prefixes in CIDR format for the new subnet. If omitted, automatically reserves a /24 (or as large as available) block within the VNet address space. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--subnets

Manage a list of subnets in a Virtual Network (similar to az network vnet subnet). Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--tags

Space-separated tags: key[=value] [key[=value] ...]. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--vm-protection

Enable VM protection for all subnets in the VNet.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vnet delete

Delete a virtual network.

az network vnet delete [--ids]
                       [--name]
                       [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                       [--resource-group]
                       [--subscription]

Examples

Delete a virtual network.

az network vnet delete -g MyResourceGroup -n myVNet

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

The virtual network (VNet) name.

--no-wait

Do not wait for the long-running operation to finish.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vnet list

List virtual networks.

az network vnet list [--max-items]
                     [--next-token]
                     [--resource-group]

Examples

List all virtual networks in a subscription.

az network vnet list

List all virtual networks in a resource group.

az network vnet list -g MyResourceGroup

List virtual networks in a subscription which specify a certain address prefix.

az network vnet list --query "[?contains(addressSpace.addressPrefixes, '10.0.0.0/16')]"

Optional Parameters

--max-items

Total number of items to return in the command's output. If the total number of items available is more than the value specified, a token is provided in the command's output. To resume pagination, provide the token value in --next-token argument of a subsequent command.

--next-token

Token to specify where to start paginating. This is the token value from a previously truncated response.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vnet list-available-ips

Preview

This command is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

List some available ips in the vnet.

az network vnet list-available-ips [--ids]
                                   [--name]
                                   [--resource-group]
                                   [--subscription]

Examples

List some available ips in the vnet.

az network vnet list-available-ips -g MyResourceGroup -n MyVNet

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

The virtual network (VNet) name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vnet list-endpoint-services

List which services support VNet service tunneling in a given region.

az network vnet list-endpoint-services --location
                                       [--max-items]
                                       [--next-token]

Examples

List the endpoint services available for use in the West US region.

az network vnet list-endpoint-services -l westus -o table

Required Parameters

--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.

Optional Parameters

--max-items

Total number of items to return in the command's output. If the total number of items available is more than the value specified, a token is provided in the command's output. To resume pagination, provide the token value in --next-token argument of a subsequent command.

--next-token

Token to specify where to start paginating. This is the token value from a previously truncated response.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vnet show

Get the details of a virtual network.

az network vnet show [--expand]
                     [--ids]
                     [--name]
                     [--resource-group]
                     [--subscription]

Examples

Get details for MyVNet.

az network vnet show -g MyResourceGroup -n MyVNet

Optional Parameters

--expand

Expands referenced resources. Default value is None.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

The virtual network (VNet) name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vnet update

Update a virtual network.

az network vnet update [--add]
                       [--address-prefixes]
                       [--bgp-community]
                       [--ddos-protection {0, 1, f, false, n, no, t, true, y, yes}]
                       [--ddos-protection-plan]
                       [--dns-servers]
                       [--enable-encryption {0, 1, f, false, n, no, t, true, y, yes}]
                       [--encryption-enforcement-policy {AllowUnencrypted, DropUnencrypted}]
                       [--flowtimeout]
                       [--force-string {0, 1, f, false, n, no, t, true, y, yes}]
                       [--ids]
                       [--name]
                       [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                       [--pe-vnet-policies {Basic, Disabled}]
                       [--remove]
                       [--resource-group]
                       [--set]
                       [--subscription]
                       [--vm-protection {0, 1, f, false, n, no, t, true, y, yes}]

Examples

Update a virtual network with the IP address of a DNS server.

az network vnet update -g MyResourceGroup -n MyVNet --dns-servers 10.2.0.8

Update a virtual network.

az network vnet update --address-prefixes 40.1.0.0/24 --name MyVNet --resource-group MyResourceGroup

Update a virtual network to delete DNS server.

az network vnet update -g MyResourceGroup -n MyVNet --dns-servers null

Optional Parameters

--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.

--address-prefixes

Space-separated list of IP address prefixes for the VNet. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--bgp-community

The BGP community associated with the virtual network.

--ddos-protection

Control whether DDoS protection is enabled.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--ddos-protection-plan

Name or ID of a DDoS protection plan to associate with the VNet.

--dns-servers

Space-separated list of DNS server IP addresses. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--enable-encryption

Enable encryption on the virtual network.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--encryption-enforcement-policy --encryption-policy

To control if the Virtual Machine without encryption is allowed in encrypted Virtual Network or not.

Accepted values: AllowUnencrypted, DropUnencrypted
--flowtimeout

The FlowTimeout value (in minutes) for the Virtual Network.

--force-string

When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

The virtual network (VNet) name.

--no-wait

Do not wait for the long-running operation to finish.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--pe-vnet-policies --private-endpoint-vnet-policies

Private Endpoint VNet Policies.

Accepted values: Basic, Disabled
--remove

Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--vm-protection

Enable VM protection for all subnets in the VNet.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network vnet wait

Place the CLI in a waiting state until a condition is met.

az network vnet wait [--created]
                     [--custom]
                     [--deleted]
                     [--exists]
                     [--expand]
                     [--ids]
                     [--interval]
                     [--name]
                     [--resource-group]
                     [--subscription]
                     [--timeout]
                     [--updated]

Optional Parameters

--created

Wait until created with 'provisioningState' at 'Succeeded'.

Default value: False
--custom

Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].

--deleted

Wait until deleted.

Default value: False
--exists

Wait until the resource exists.

Default value: False
--expand

Expands referenced resources. Default value is None.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--interval

Polling interval in seconds.

Default value: 30
--name -n

The virtual network (VNet) name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--timeout

Maximum wait in seconds.

Default value: 3600
--updated

Wait until updated with provisioningState at 'Succeeded'.

Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.