az vmss identity
Manage service identities of a VM scaleset.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az vmss identity assign |
Enable managed service identity on a VMSS. |
Core | GA |
| az vmss identity remove |
Remove user assigned identities from a VM scaleset. |
Core | Preview |
| az vmss identity show |
Display VM scaleset's managed identity info. |
Core | GA |
az vmss identity assign
Enable managed service identity on a VMSS.
This is required to authenticate and interact with other Azure services using bearer tokens.
az vmss identity assign [--identities]
[--ids]
[--name]
[--resource-group]
[--role]
[--scope]
[--subscription]Examples
Enable system assigned identity on a VMSS with the 'Owner' role.
az vmss identity assign -g MyResourceGroup -n MyVmss --role Owner --scope /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MyResourceGroupEnable system assigned identity and a user assigned identity on a VMSS with the 'Owner' role.
az vmss identity assign -g MyResourceGroup -n MyVmss --role Owner --identities [system] myAssignedId --scope /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MyResourceGroupEnable managed service identity on a VMSS. (autogenerated)
az vmss identity assign --identities readerId writerId --name MyVmss --resource-group MyResourceGroupOptional Parameters
Space-separated identities to assign. Use '[system]' to refer to the system assigned identity. Default: '[system]'.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Scale set name. You can configure the default using az configure --defaults vmss=<name>.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Role name or id the system assigned identity will have.
Scope that the system assigned identity can access.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az vmss identity remove
This command is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Remove user assigned identities from a VM scaleset.
az vmss identity remove [--identities]
[--ids]
[--name]
[--resource-group]
[--subscription]Examples
Remove system assigned identity
az vmss identity remove -g MyResourceGroup -n MyVmssRemove 2 identities which are in the same resource group with the VM scaleset
az vmss identity remove -g MyResourceGroup -n MyVmss --identities readerId writerIdRemove system assigned identity and a user identity
az vmss identity remove -g MyResourceGroup -n MyVmss --identities [system] readerIdOptional Parameters
Space-separated identities to remove. Use '[system]' to refer to the system assigned identity. Default: '[system]'.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Scale set name. You can configure the default using az configure --defaults vmss=<name>.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az vmss identity show
Display VM scaleset's managed identity info.
az vmss identity show [--ids]
[--name]
[--resource-group]
[--subscription]Examples
display VM scaleset's managed identity info. (autogenerated)
az vmss identity show --name MyVirtualMachine --resource-group MyResourceGroupOptional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The name of the Virtual Machine. You can configure the default using az configure --defaults vm=<name>.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
