Share via


az sf managed-cluster client-certificate

Manage client certificates of a manged cluster.

Commands

Name Description Type Status
az sf managed-cluster client-certificate add

Add a new client certificate to the managed cluster.

Core GA
az sf managed-cluster client-certificate delete

Delete a client certificate from the managed cluster.

Core GA

az sf managed-cluster client-certificate add

Add a new client certificate to the managed cluster.

az sf managed-cluster client-certificate add --cluster-name
                                             --resource-group
                                             [--common-name]
                                             [--is-admin {false, true}]
                                             [--issuer-thumbprint]
                                             [--thumbprint]

Examples

Add admin client certificate by thumbprint.

az sf managed-cluster client-certificate add -g testRG -c testCluster --thumbprint XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --is-admin

Add non admin client certificate by common name.

az sf managed-cluster client-certificate add -g testRG -c testCluster --common-name Contoso.com --issuer-thumbprint XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Required Parameters

--cluster-name -c

Specify the name of the cluster, if not given it will be same as resource group name.

--resource-group -g

Specify the resource group name. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--common-name

Client certificate common name.

--is-admin

Client authentication type.

Accepted values: false, true
Default value: False
--issuer-thumbprint

Space-separated list of issuer thumbprints.

--thumbprint

Client certificate thumbprint.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az sf managed-cluster client-certificate delete

Delete a client certificate from the managed cluster.

az sf managed-cluster client-certificate delete --cluster-name
                                                --resource-group
                                                [--common-name]
                                                [--thumbprint]

Examples

Delete client certificate by thumbprint.

az sf managed-cluster client-certificate delete -g testRG -c testCluster --thumbprint XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Delete client certificate by common name.

az sf managed-cluster client-certificate delete -g testRG -c testCluster --common-name Contoso.com

Required Parameters

--cluster-name -c

Specify the name of the cluster, if not given it will be same as resource group name.

--resource-group -g

Specify the resource group name. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--common-name

A single or Space-separated list of client certificate common name(s) to be remove.

--thumbprint

A single or Space-separated list of client certificate thumbprint(s) to be remove.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.