Share via


az webapp connection create

Note

This command group has commands that are defined in both Azure CLI and at least one extension. Install each extension to benefit from its extended capabilities. Learn more about extensions.

Create a connection between a webapp and a target resource.

Commands

Name Description Type Status
az webapp connection create app-insights

Create a webapp connection to app-insights.

Core GA
az webapp connection create appconfig

Create a webapp connection to appconfig.

Core GA
az webapp connection create cognitiveservices

Create a webapp connection to cognitiveservices.

Core GA
az webapp connection create confluent-cloud

Create a webapp connection to confluent-cloud.

Core GA
az webapp connection create cosmos-cassandra

Create a webapp connection to cosmos-cassandra.

Core GA
az webapp connection create cosmos-gremlin

Create a webapp connection to cosmos-gremlin.

Core GA
az webapp connection create cosmos-mongo

Create a webapp connection to cosmos-mongo.

Core GA
az webapp connection create cosmos-sql

Create a webapp connection to cosmos-sql.

Core GA
az webapp connection create cosmos-table

Create a webapp connection to cosmos-table.

Core GA
az webapp connection create eventhub

Create a webapp connection to eventhub.

Core GA
az webapp connection create keyvault

Create a webapp connection to keyvault.

Core GA
az webapp connection create mysql

Create a webapp connection to mysql.

Core Deprecated
az webapp connection create mysql-flexible

Create a webapp connection to mysql-flexible.

Core GA
az webapp connection create mysql-flexible (serviceconnector-passwordless extension)

Create a webapp connection to mysql-flexible.

Extension GA
az webapp connection create postgres

Create a webapp connection to postgres.

Core Deprecated
az webapp connection create postgres-flexible

Create a webapp connection to postgres-flexible.

Core GA
az webapp connection create postgres-flexible (serviceconnector-passwordless extension)

Create a webapp connection to postgres-flexible.

Extension GA
az webapp connection create redis

Create a webapp connection to redis.

Core GA
az webapp connection create redis-enterprise

Create a webapp connection to redis-enterprise.

Core GA
az webapp connection create servicebus

Create a webapp connection to servicebus.

Core GA
az webapp connection create signalr

Create a webapp connection to signalr.

Core GA
az webapp connection create sql

Create a webapp connection to sql.

Core GA
az webapp connection create sql (serviceconnector-passwordless extension)

Create a webapp connection to sql.

Extension GA
az webapp connection create storage-blob

Create a webapp connection to storage-blob.

Core GA
az webapp connection create storage-file

Create a webapp connection to storage-file.

Core GA
az webapp connection create storage-queue

Create a webapp connection to storage-queue.

Core GA
az webapp connection create storage-table

Create a webapp connection to storage-table.

Core GA
az webapp connection create webpubsub

Create a webapp connection to webpubsub.

Core GA

az webapp connection create app-insights

Create a webapp connection to app-insights.

az webapp connection create app-insights [--app-insights]
                                         [--appconfig-id]
                                         [--client-type {dotnet, dotnet-internal, go, java, nodejs, none, python}]
                                         [--connection]
                                         [--customized-keys]
                                         [--name]
                                         [--no-wait]
                                         [--opt-out {auth, configinfo, publicnetwork}]
                                         [--resource-group]
                                         [--secret]
                                         [--slot]
                                         [--source-id]
                                         [--target-id]
                                         [--target-resource-group]
                                         [--vault-id]

Examples

Create a connection between webapp and app-insights interactively

az webapp connection create app-insights

Create a connection between webapp and app-insights with resource name

az webapp connection create app-insights -g WebAppRG -n MyWebApp --tg AppInsightsRG --app-insights MyAppInsights --secret

Create a connection between webapp slot and app-insights with resource name

az webapp connection create app-insights -g WebAppRG -n MyWebApp --slot MySlot --tg AppInsightsRG --app-insights MyAppInsights --secret

Create a connection between webapp and app-insights with resource id

az webapp connection create app-insights --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/microsoft.insights/components/{appinsights} --secret

Optional Parameters

--app-insights

Name of the app insights. Required if '--target-id' is not specified.

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, go, java, nodejs, none, python
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--app-insights'] are not specified.

--target-resource-group --tg

The resource group which contains the app insights. Required if '--target-id' is not specified.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create appconfig

Create a webapp connection to appconfig.

az webapp connection create appconfig [--app-config]
                                      [--appconfig-id]
                                      [--client-type {dotnet, dotnet-internal, java, nodejs, none, python}]
                                      [--connection]
                                      [--customized-keys]
                                      [--name]
                                      [--no-wait]
                                      [--opt-out {auth, configinfo, publicnetwork}]
                                      [--private-endpoint {false, true}]
                                      [--resource-group]
                                      [--secret]
                                      [--service-principal]
                                      [--slot]
                                      [--source-id]
                                      [--system-identity]
                                      [--target-id]
                                      [--target-resource-group]
                                      [--user-identity]
                                      [--vault-id]

Examples

Create a connection between webapp and appconfig interactively

az webapp connection create appconfig

Create a connection between webapp and appconfig with resource name

az webapp connection create appconfig -g WebAppRG -n MyWebApp --tg AppconfigRG --app-config MyConfigStore --system-identity

Create a connection between webapp slot and appconfig with resource name

az webapp connection create appconfig -g WebAppRG -n MyWebApp --slot MySlot --tg AppconfigRG --app-config MyConfigStore --system-identity

Create a connection between webapp and appconfig with resource id

az webapp connection create appconfig --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.AppConfiguration/configurationStores/{config_store} --system-identity

Optional Parameters

--app-config

Name of the app configuration. Required if '--target-id' is not specified.

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, java, nodejs, none, python
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--app-config'] are not specified.

--target-resource-group --tg

The resource group which contains the app configuration. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create cognitiveservices

Create a webapp connection to cognitiveservices.

az webapp connection create cognitiveservices [--account]
                                              [--appconfig-id]
                                              [--client-type {dotnet, none, python}]
                                              [--connection]
                                              [--customized-keys]
                                              [--name]
                                              [--no-wait]
                                              [--opt-out {auth, configinfo, publicnetwork}]
                                              [--resource-group]
                                              [--secret]
                                              [--service-principal]
                                              [--slot]
                                              [--source-id]
                                              [--system-identity]
                                              [--target-id]
                                              [--target-resource-group]
                                              [--user-identity]
                                              [--vault-id]

Examples

Create a connection between webapp and cognitiveservices interactively

az webapp connection create cognitiveservices

Create a connection between webapp and cognitiveservices with resource name

az webapp connection create cognitiveservices -g WebAppRG -n MyWebApp --tg CognitiveServicesRG --account MyAccount --system-identity

Create a connection between webapp slot and cognitiveservices with resource name

az webapp connection create cognitiveservices -g WebAppRG -n MyWebApp --slot MySlot --tg CognitiveServicesRG --account MyAccount --system-identity

Create a connection between webapp and cognitiveservices with resource id

az webapp connection create cognitiveservices --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.CognitiveServices/accounts/{account} --system-identity

Optional Parameters

--account

Name of the cognitive services account. Required if '--target-id' is not specified.

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, none, python
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--account'] are not specified.

--target-resource-group --tg

The resource group which contains the cognitive services. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create confluent-cloud

Create a webapp connection to confluent-cloud.

az webapp connection create confluent-cloud --bootstrap-server
                                            --kafka-key
                                            --kafka-secret
                                            --schema-key
                                            --schema-registry
                                            --schema-secret
                                            [--appconfig-id]
                                            [--client-type {dotnet, dotnet-internal, go, java, none, python, springBoot}]
                                            [--connection]
                                            [--customized-keys]
                                            [--name]
                                            [--no-wait]
                                            [--opt-out {auth, configinfo, publicnetwork}]
                                            [--resource-group]
                                            [--slot]
                                            [--source-id]
                                            [--vault-id]

Examples

Create a connection between webapp and confluent-cloud

az webapp connection create confluent-cloud -g WebAppRG -n MyWebApp --bootstrap-server xxx.eastus.azure.confluent.cloud:9092 --kafka-key Name --kafka-secret Secret --schema-registry https://xxx.eastus.azure.confluent.cloud --schema-key Name --schema-secret Secret

Required Parameters

--bootstrap-server

Kafka bootstrap server url.

--kafka-key

Kafka API-Key (key).

--kafka-secret

Kafka API-Key (secret).

--schema-key

Schema registry API-Key (key).

--schema-registry

Schema registry url.

--schema-secret

Schema registry API-Key (secret).

Optional Parameters

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, go, java, none, python, springBoot
--connection

Name of the connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create cosmos-cassandra

Create a webapp connection to cosmos-cassandra.

az webapp connection create cosmos-cassandra [--account]
                                             [--appconfig-id]
                                             [--client-type {dotnet, dotnet-internal, go, java, nodejs, none, python, springBoot}]
                                             [--connection]
                                             [--customized-keys]
                                             [--key-space]
                                             [--name]
                                             [--no-wait]
                                             [--opt-out {auth, configinfo, publicnetwork}]
                                             [--private-endpoint {false, true}]
                                             [--resource-group]
                                             [--secret]
                                             [--service-endpoint {false, true}]
                                             [--service-principal]
                                             [--slot]
                                             [--source-id]
                                             [--system-identity]
                                             [--target-id]
                                             [--target-resource-group]
                                             [--user-identity]
                                             [--vault-id]

Examples

Create a connection between webapp and cosmos-cassandra interactively

az webapp connection create cosmos-cassandra

Create a connection between webapp and cosmos-cassandra with resource name

az webapp connection create cosmos-cassandra -g WebAppRG -n MyWebApp --tg CosmosRG --account MyAccount --key-space MyKeySpace --system-identity

Create a connection between webapp slot and cosmos-cassandra with resource name

az webapp connection create cosmos-cassandra -g WebAppRG -n MyWebApp --slot MySlot --tg CosmosRG --account MyAccount --key-space MyKeySpace --system-identity

Create a connection between webapp and cosmos-cassandra with resource id

az webapp connection create cosmos-cassandra --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DocumentDB/databaseAccounts/{account}/cassandraKeyspaces/{key_space} --system-identity

Optional Parameters

--account

Name of the cosmos database account. Required if '--target-id' is not specified.

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, go, java, nodejs, none, python, springBoot
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--key-space

Name of the keyspace. Required if '--target-id' is not specified.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--service-endpoint

Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.

Accepted values: false, true
--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--account', '--key-space'] are not specified.

--target-resource-group --tg

The resource group which contains the cosmos database account. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create cosmos-gremlin

Create a webapp connection to cosmos-gremlin.

az webapp connection create cosmos-gremlin [--account]
                                           [--appconfig-id]
                                           [--client-type {dotnet, dotnet-internal, java, nodejs, none, php, python}]
                                           [--connection]
                                           [--customized-keys]
                                           [--database]
                                           [--graph]
                                           [--name]
                                           [--no-wait]
                                           [--opt-out {auth, configinfo, publicnetwork}]
                                           [--private-endpoint {false, true}]
                                           [--resource-group]
                                           [--secret]
                                           [--service-endpoint {false, true}]
                                           [--service-principal]
                                           [--slot]
                                           [--source-id]
                                           [--system-identity]
                                           [--target-id]
                                           [--target-resource-group]
                                           [--user-identity]
                                           [--vault-id]

Examples

Create a connection between webapp and cosmos-gremlin interactively

az webapp connection create cosmos-gremlin

Create a connection between webapp and cosmos-gremlin with resource name

az webapp connection create cosmos-gremlin -g WebAppRG -n MyWebApp --tg CosmosRG --account MyAccount --database MyDB --graph MyGraph --system-identity

Create a connection between webapp slot and cosmos-gremlin with resource name

az webapp connection create cosmos-gremlin -g WebAppRG -n MyWebApp --slot MySlot --tg CosmosRG --account MyAccount --database MyDB --graph MyGraph --system-identity

Create a connection between webapp and cosmos-gremlin with resource id

az webapp connection create cosmos-gremlin --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DocumentDB/databaseAccounts/{account}/gremlinDatabases/{database}/graphs/{graph} --system-identity

Optional Parameters

--account

Name of the cosmos database account. Required if '--target-id' is not specified.

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, java, nodejs, none, php, python
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--database

Name of the database. Required if '--target-id' is not specified.

--graph

Name of the graph. Required if '--target-id' is not specified.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--service-endpoint

Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.

Accepted values: false, true
--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--account', '--database', '--graph'] are not specified.

--target-resource-group --tg

The resource group which contains the cosmos database account. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create cosmos-mongo

Create a webapp connection to cosmos-mongo.

az webapp connection create cosmos-mongo [--account]
                                         [--appconfig-id]
                                         [--client-type {dotnet, dotnet-internal, go, java, nodejs, none, springBoot}]
                                         [--connection]
                                         [--customized-keys]
                                         [--database]
                                         [--name]
                                         [--no-wait]
                                         [--opt-out {auth, configinfo, publicnetwork}]
                                         [--private-endpoint {false, true}]
                                         [--resource-group]
                                         [--secret]
                                         [--service-endpoint {false, true}]
                                         [--service-principal]
                                         [--slot]
                                         [--source-id]
                                         [--system-identity]
                                         [--target-id]
                                         [--target-resource-group]
                                         [--user-identity]
                                         [--vault-id]

Examples

Create a connection between webapp and cosmos-mongo interactively

az webapp connection create cosmos-mongo

Create a connection between webapp and cosmos-mongo with resource name

az webapp connection create cosmos-mongo -g WebAppRG -n MyWebApp --tg CosmosRG --account MyAccount --database MyDB --system-identity

Create a connection between webapp slot and cosmos-mongo with resource name

az webapp connection create cosmos-mongo -g WebAppRG -n MyWebApp --slot MySlot --tg CosmosRG --account MyAccount --database MyDB --system-identity

Create a connection between webapp and cosmos-mongo with resource id

az webapp connection create cosmos-mongo --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DocumentDB/databaseAccounts/{account}/mongodbDatabases/{database} --system-identity

Optional Parameters

--account

Name of the cosmos database account. Required if '--target-id' is not specified.

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, go, java, nodejs, none, springBoot
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--database

Name of the database. Required if '--target-id' is not specified.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--service-endpoint

Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.

Accepted values: false, true
--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--account', '--database'] are not specified.

--target-resource-group --tg

The resource group which contains the cosmos database account. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create cosmos-sql

Create a webapp connection to cosmos-sql.

az webapp connection create cosmos-sql [--account]
                                       [--appconfig-id]
                                       [--client-type {dotnet, dotnet-internal, java, nodejs, none, python, springBoot}]
                                       [--connection]
                                       [--customized-keys]
                                       [--database]
                                       [--name]
                                       [--no-wait]
                                       [--opt-out {auth, configinfo, publicnetwork}]
                                       [--private-endpoint {false, true}]
                                       [--resource-group]
                                       [--secret]
                                       [--service-endpoint {false, true}]
                                       [--service-principal]
                                       [--slot]
                                       [--source-id]
                                       [--system-identity]
                                       [--target-id]
                                       [--target-resource-group]
                                       [--user-identity]
                                       [--vault-id]

Examples

Create a connection between webapp and cosmos-sql interactively

az webapp connection create cosmos-sql

Create a connection between webapp and cosmos-sql with resource name

az webapp connection create cosmos-sql -g WebAppRG -n MyWebApp --tg CosmosRG --account MyAccount --database MyDB --system-identity

Create a connection between webapp slot and cosmos-sql with resource name

az webapp connection create cosmos-sql -g WebAppRG -n MyWebApp --slot MySlot --tg CosmosRG --account MyAccount --database MyDB --system-identity

Create a connection between webapp and cosmos-sql with resource id

az webapp connection create cosmos-sql --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DocumentDB/databaseAccounts/{account}/sqlDatabases/{database} --system-identity

Optional Parameters

--account

Name of the cosmos database account. Required if '--target-id' is not specified.

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, java, nodejs, none, python, springBoot
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--database

Name of the database. Required if '--target-id' is not specified.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--service-endpoint

Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.

Accepted values: false, true
--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--account', '--database'] are not specified.

--target-resource-group --tg

The resource group which contains the cosmos database account. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create cosmos-table

Create a webapp connection to cosmos-table.

az webapp connection create cosmos-table [--account]
                                         [--appconfig-id]
                                         [--client-type {dotnet, dotnet-internal, java, nodejs, none, python, springBoot}]
                                         [--connection]
                                         [--customized-keys]
                                         [--name]
                                         [--no-wait]
                                         [--opt-out {auth, configinfo, publicnetwork}]
                                         [--private-endpoint {false, true}]
                                         [--resource-group]
                                         [--secret]
                                         [--service-endpoint {false, true}]
                                         [--service-principal]
                                         [--slot]
                                         [--source-id]
                                         [--system-identity]
                                         [--table]
                                         [--target-id]
                                         [--target-resource-group]
                                         [--user-identity]
                                         [--vault-id]

Examples

Create a connection between webapp and cosmos-table interactively

az webapp connection create cosmos-table

Create a connection between webapp and cosmos-table with resource name

az webapp connection create cosmos-table -g WebAppRG -n MyWebApp --tg CosmosRG --account MyAccount --table MyTable --system-identity

Create a connection between webapp slot and cosmos-table with resource name

az webapp connection create cosmos-table -g WebAppRG -n MyWebApp --slot MySlot --tg CosmosRG --account MyAccount --table MyTable --system-identity

Create a connection between webapp and cosmos-table with resource id

az webapp connection create cosmos-table --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DocumentDB/databaseAccounts/{account}/tables/{table} --system-identity

Optional Parameters

--account

Name of the cosmos database account. Required if '--target-id' is not specified.

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, java, nodejs, none, python, springBoot
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--service-endpoint

Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.

Accepted values: false, true
--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--table

Name of the table. Required if '--target-id' is not specified.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--account', '--table'] are not specified.

--target-resource-group --tg

The resource group which contains the cosmos database account. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create eventhub

Create a webapp connection to eventhub.

az webapp connection create eventhub [--appconfig-id]
                                     [--client-type {dotnet, dotnet-internal, go, java, kafka-springBoot, nodejs, none, python, springBoot}]
                                     [--connection]
                                     [--customized-keys]
                                     [--name]
                                     [--namespace]
                                     [--no-wait]
                                     [--opt-out {auth, configinfo, publicnetwork}]
                                     [--private-endpoint {false, true}]
                                     [--resource-group]
                                     [--secret]
                                     [--service-endpoint {false, true}]
                                     [--service-principal]
                                     [--slot]
                                     [--source-id]
                                     [--system-identity]
                                     [--target-id]
                                     [--target-resource-group]
                                     [--user-identity]
                                     [--vault-id]

Examples

Create a connection between webapp and eventhub interactively

az webapp connection create eventhub

Create a connection between webapp and eventhub with resource name

az webapp connection create eventhub -g WebAppRG -n MyWebApp --tg EventhubRG --namespace MyNamespace --system-identity

Create a connection between webapp slot and eventhub with resource name

az webapp connection create eventhub -g WebAppRG -n MyWebApp --slot MySlot --tg EventhubRG --namespace MyNamespace --system-identity

Create a connection between webapp and eventhub with resource id

az webapp connection create eventhub --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.EventHub/namespaces/{namespace} --system-identity

Optional Parameters

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, go, java, kafka-springBoot, nodejs, none, python, springBoot
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--namespace

Name of the eventhub namespace. Required if '--target-id' is not specified.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--service-endpoint

Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.

Accepted values: false, true
--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--namespace'] are not specified.

--target-resource-group --tg

The resource group which contains the eventhub. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create keyvault

Create a webapp connection to keyvault.

az webapp connection create keyvault [--appconfig-id]
                                     [--client-type {dotnet, dotnet-internal, java, nodejs, none, python, springBoot}]
                                     [--connection]
                                     [--customized-keys]
                                     [--name]
                                     [--new {false, true}]
                                     [--no-wait]
                                     [--opt-out {auth, configinfo, publicnetwork}]
                                     [--private-endpoint {false, true}]
                                     [--resource-group]
                                     [--service-endpoint {false, true}]
                                     [--service-principal]
                                     [--slot]
                                     [--source-id]
                                     [--system-identity]
                                     [--target-id]
                                     [--target-resource-group]
                                     [--user-identity]
                                     [--vault]
                                     [--vault-id]

Examples

Create a connection between webapp and keyvault interactively

az webapp connection create keyvault

Create a connection between webapp and keyvault with resource name

az webapp connection create keyvault -g WebAppRG -n MyWebApp --tg KeyvaultRG --vault MyVault --system-identity

Create a connection between webapp slot and keyvault with resource name

az webapp connection create keyvault -g WebAppRG -n MyWebApp --slot MySlot --tg KeyvaultRG --vault MyVault --system-identity

Create a connection between webapp and keyvault with resource id

az webapp connection create keyvault --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.KeyVault/vaults/{vault} --system-identity

Create a new keyvault and connect webapp to it interactively

az webapp connection create keyvault --new

Create a new keyvault and connect webapp to it

az webapp connection create keyvault --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --new

Optional Parameters

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, java, nodejs, none, python, springBoot
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--new

Indicates whether to create a new keyvault when creating the webapp connection.

Accepted values: false, true
Default value: False
--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--service-endpoint

Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.

Accepted values: false, true
--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--vault'] are not specified.

--target-resource-group --tg

The resource group which contains the keyvault. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault

Name of the keyvault. Required if '--target-id' is not specified.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create mysql

Deprecated

This command has been deprecated and will be removed in a future release.

Create a webapp connection to mysql.

az webapp connection create mysql [--appconfig-id]
                                  [--client-type {django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot}]
                                  [--config-connstr {false, true}]
                                  [--connection]
                                  [--customized-keys]
                                  [--database]
                                  [--name]
                                  [--no-wait]
                                  [--opt-out {auth, configinfo, publicnetwork}]
                                  [--private-endpoint {false, true}]
                                  [--resource-group]
                                  [--secret]
                                  [--server]
                                  [--service-endpoint {false, true}]
                                  [--slot]
                                  [--source-id]
                                  [--target-id]
                                  [--target-resource-group]
                                  [--vault-id]

Examples

Create a connection between webapp and mysql interactively

az webapp connection create mysql

Create a connection between webapp and mysql with resource name

az webapp connection create mysql -g WebAppRG -n MyWebApp --tg MysqlRG --server MyServer --database MyDB --secret name=XX secret=XX

Create a connection between webapp slot and mysql with resource name

az webapp connection create mysql -g WebAppRG -n MyWebApp --slot MySlot --tg MysqlRG --server MyServer --database MyDB --secret name=XX secret=XX

Create a connection between webapp and mysql with resource id

az webapp connection create mysql --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DBForMySQL/servers/{server}/databases/{database} --secret name=XX secret=XX

Optional Parameters

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot
--config-connstr
Preview

Store configuration into connection strings, only could be used together with dotnet client_type.

Accepted values: false, true
Default value: False
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--database

Name of the mysql database. Required if '--target-id' is not specified.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret name=XX secret=XX --secret name=XX secret-uri=XX --secret name=XX secret-name=XX

name : Required. Username or account name for secret auth. secret : One of <secret, secret-uri, secret-name> is required. Password or account key for secret auth. secret-uri : One of <secret, secret-uri, secret-name> is required. Keyvault secret uri which stores password. secret-name : One of <secret, secret-uri, secret-name> is required. Keyvault secret name which stores password. It's for AKS only.

--server

Name of the mysql server. Required if '--target-id' is not specified.

--service-endpoint

Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.

Accepted values: false, true
--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.

--target-resource-group --tg

The resource group which contains the mysql server. Required if '--target-id' is not specified.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create mysql-flexible

Create a webapp connection to mysql-flexible.

az webapp connection create mysql-flexible [--appconfig-id]
                                           [--client-type {django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot}]
                                           [--config-connstr {false, true}]
                                           [--connection]
                                           [--customized-keys]
                                           [--database]
                                           [--name]
                                           [--no-wait]
                                           [--opt-out {auth, configinfo, publicnetwork}]
                                           [--resource-group]
                                           [--secret]
                                           [--server]
                                           [--service-principal]
                                           [--slot]
                                           [--source-id]
                                           [--system-identity]
                                           [--target-id]
                                           [--target-resource-group]
                                           [--user-identity]
                                           [--vault-id]

Examples

Create a connection between webapp and mysql-flexible interactively

az webapp connection create mysql-flexible

Create a connection between webapp and mysql-flexible with resource name

az webapp connection create mysql-flexible -g WebAppRG -n MyWebApp --tg MysqlRG --server MyServer --database MyDB --secret name=XX secret=XX

Create a connection between webapp slot and mysql-flexible with resource name

az webapp connection create mysql-flexible -g WebAppRG -n MyWebApp --slot MySlot --tg MysqlRG --server MyServer --database MyDB --secret name=XX secret=XX

Create a connection between webapp and mysql-flexible with resource id

az webapp connection create mysql-flexible --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DBforMySQL/flexibleServers/{server}/databases/{database} --secret name=XX secret=XX

Optional Parameters

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot
--config-connstr
Preview

Store configuration into connection strings, only could be used together with dotnet client_type.

Accepted values: false, true
Default value: False
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--database

Name of the mysql flexible database. Required if '--target-id' is not specified.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret name=XX secret=XX --secret name=XX secret-uri=XX --secret name=XX secret-name=XX

name : Required. Username or account name for secret auth. secret : One of <secret, secret-uri, secret-name> is required. Password or account key for secret auth. secret-uri : One of <secret, secret-uri, secret-name> is required. Keyvault secret uri which stores password. secret-name : One of <secret, secret-uri, secret-name> is required. Keyvault secret name which stores password. It's for AKS only.

--server

Name of the mysql flexible server. Required if '--target-id' is not specified.

--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity mysql-identity-id=xx

mysql-identity-id : Optional. ID of identity used for MySQL flexible server AAD Authentication. Ignore it if you are the server AAD administrator.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.

--target-resource-group --tg

The resource group which contains the mysql flexible server. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create mysql-flexible (serviceconnector-passwordless extension)

Create a webapp connection to mysql-flexible.

az webapp connection create mysql-flexible [--appconfig-id]
                                           [--client-type {django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot}]
                                           [--config-connstr {false, true}]
                                           [--connection]
                                           [--customized-keys]
                                           [--database]
                                           [--name]
                                           [--new]
                                           [--no-wait]
                                           [--opt-out {auth, configinfo, publicnetwork}]
                                           [--resource-group]
                                           [--secret]
                                           [--server]
                                           [--service-principal]
                                           [--slot]
                                           [--source-id]
                                           [--system-identity]
                                           [--target-id]
                                           [--target-resource-group]
                                           [--user-identity]
                                           [--vault-id]
                                           [--yes]

Examples

Create a connection between webapp and mysql-flexible interactively

az webapp connection create mysql-flexible

Create a connection between webapp and mysql-flexible with resource name

az webapp connection create mysql-flexible -g WebAppRG -n MyWebApp --tg MysqlRG --server MyServer --database MyDB --secret name=XX secret=XX

Create a connection between webapp and mysql-flexible with resource id

az webapp connection create mysql-flexible --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DBforMySQL/flexibleServers/{server}/databases/{database} --secret name=XX secret=XX

Optional Parameters

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot
--config-connstr
Preview

Store configuration into connection strings, only could be used together with dotnet client_type.

Accepted values: false, true
Default value: False
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--database

Name of the mysql flexible database. Required if '--target-id' is not specified.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--new

Deleting existing users with the same name before creating a new user in database.

Default value: False
--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret name=XX secret=XX --secret name=XX secret-uri=XX --secret name=XX secret-name=XX

name : Required. Username or account name for secret auth. secret : One of <secret, secret-uri, secret-name> is required. Password or account key for secret auth. secret-uri : One of <secret, secret-uri, secret-name> is required. Keyvault secret uri which stores password. secret-name : One of <secret, secret-uri, secret-name> is required. Keyvault secret name which stores password. It's for AKS only.

--server

Name of the mysql flexible server. Required if '--target-id' is not specified.

--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal. mysql-identity-id : Optional. ID of identity used for MySQL flexible server Microsoft Entra Authentication. Ignore it if you are the server Microsoft Entra administrator.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity mysql-identity-id=xx

mysql-identity-id : Optional. ID of identity used for MySQL flexible server Microsoft Entra Authentication. Ignore it if you are the server Microsoft Entra administrator.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.

--target-resource-group --tg

The resource group which contains the mysql flexible server. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity. mysql-identity-id : Optional. ID of identity used for MySQL flexible server Microsoft Entra Authentication. Ignore it if you are the server Microsoft Entra administrator.

--vault-id

The id of key vault to store secret value.

--yes -y

Do not prompt for confirmation.

Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create postgres

Deprecated

This command has been deprecated and will be removed in a future release.

Create a webapp connection to postgres.

az webapp connection create postgres [--appconfig-id]
                                     [--client-type {django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot}]
                                     [--config-connstr {false, true}]
                                     [--connection]
                                     [--customized-keys]
                                     [--database]
                                     [--name]
                                     [--new {false, true}]
                                     [--no-wait]
                                     [--opt-out {auth, configinfo, publicnetwork}]
                                     [--private-endpoint {false, true}]
                                     [--resource-group]
                                     [--secret]
                                     [--server]
                                     [--service-endpoint {false, true}]
                                     [--service-principal]
                                     [--slot]
                                     [--source-id]
                                     [--system-identity]
                                     [--target-id]
                                     [--target-resource-group]
                                     [--user-identity]
                                     [--vault-id]

Examples

Create a connection between webapp and postgres interactively

az webapp connection create postgres

Create a connection between webapp and postgres with resource name

az webapp connection create postgres -g WebAppRG -n MyWebApp --tg PostgresRG --server MyServer --database MyDB --secret name=XX secret=XX

Create a connection between webapp slot and postgres with resource name

az webapp connection create postgres -g WebAppRG -n MyWebApp --slot MySlot --tg PostgresRG --server MyServer --database MyDB --secret name=XX secret=XX

Create a connection between webapp and postgres with resource id

az webapp connection create postgres --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DBforPostgreSQL/servers/{server}/databases/{database} --secret name=XX secret=XX

Create a new postgres and connect webapp to it interactively

az webapp connection create postgres --new

Create a new postgres and connect webapp to it

az webapp connection create postgres --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --new

Optional Parameters

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot
--config-connstr
Preview

Store configuration into connection strings, only could be used together with dotnet client_type.

Accepted values: false, true
Default value: False
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--database

Name of postgres database. Required if '--target-id' is not specified.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--new

Indicates whether to create a new postgres when creating the webapp connection.

Accepted values: false, true
Default value: False
--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret name=XX secret=XX --secret name=XX secret-uri=XX --secret name=XX secret-name=XX

name : Required. Username or account name for secret auth. secret : One of <secret, secret-uri, secret-name> is required. Password or account key for secret auth. secret-uri : One of <secret, secret-uri, secret-name> is required. Keyvault secret uri which stores password. secret-name : One of <secret, secret-uri, secret-name> is required. Keyvault secret name which stores password. It's for AKS only.

--server

Name of postgres server. Required if '--target-id' is not specified.

--service-endpoint

Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.

Accepted values: false, true
--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.

--target-resource-group --tg

The resource group which contains the postgres service. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create postgres-flexible

Create a webapp connection to postgres-flexible.

az webapp connection create postgres-flexible [--appconfig-id]
                                              [--client-type {django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot}]
                                              [--config-connstr {false, true}]
                                              [--connection]
                                              [--customized-keys]
                                              [--database]
                                              [--name]
                                              [--no-wait]
                                              [--opt-out {auth, configinfo, publicnetwork}]
                                              [--resource-group]
                                              [--secret]
                                              [--server]
                                              [--service-principal]
                                              [--slot]
                                              [--source-id]
                                              [--system-identity]
                                              [--target-id]
                                              [--target-resource-group]
                                              [--user-identity]
                                              [--vault-id]

Examples

Create a connection between webapp and postgres-flexible interactively

az webapp connection create postgres-flexible

Create a connection between webapp and postgres-flexible with resource name

az webapp connection create postgres-flexible -g WebAppRG -n MyWebApp --tg PostgresRG --server MyServer --database MyDB --secret name=XX secret=XX

Create a connection between webapp slot and postgres-flexible with resource name

az webapp connection create postgres-flexible -g WebAppRG -n MyWebApp --slot MySlot --tg PostgresRG --server MyServer --database MyDB --secret name=XX secret=XX

Create a connection between webapp and postgres-flexible with resource id

az webapp connection create postgres-flexible --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DBforPostgreSQL/flexibleServers/{server}/databases/{database} --secret name=XX secret=XX

Optional Parameters

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot
--config-connstr
Preview

Store configuration into connection strings, only could be used together with dotnet client_type.

Accepted values: false, true
Default value: False
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--database

Name of postgres flexible database. Required if '--target-id' is not specified.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret name=XX secret=XX --secret name=XX secret-uri=XX --secret name=XX secret-name=XX

name : Required. Username or account name for secret auth. secret : One of <secret, secret-uri, secret-name> is required. Password or account key for secret auth. secret-uri : One of <secret, secret-uri, secret-name> is required. Keyvault secret uri which stores password. secret-name : One of <secret, secret-uri, secret-name> is required. Keyvault secret name which stores password. It's for AKS only.

--server

Name of postgres flexible server. Required if '--target-id' is not specified.

--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.

--target-resource-group --tg

The resource group which contains the flexible postgres service. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create postgres-flexible (serviceconnector-passwordless extension)

Create a webapp connection to postgres-flexible.

az webapp connection create postgres-flexible [--appconfig-id]
                                              [--client-type {django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot}]
                                              [--config-connstr {false, true}]
                                              [--connection]
                                              [--customized-keys]
                                              [--database]
                                              [--name]
                                              [--new]
                                              [--no-wait]
                                              [--opt-out {auth, configinfo, publicnetwork}]
                                              [--resource-group]
                                              [--secret]
                                              [--server]
                                              [--service-principal]
                                              [--slot]
                                              [--source-id]
                                              [--system-identity]
                                              [--target-id]
                                              [--target-resource-group]
                                              [--user-identity]
                                              [--vault-id]
                                              [--yes]

Examples

Create a connection between webapp and postgres-flexible interactively

az webapp connection create postgres-flexible

Create a connection between webapp and postgres-flexible with resource name

az webapp connection create postgres-flexible -g WebAppRG -n MyWebApp --tg PostgresRG --server MyServer --database MyDB --secret name=XX secret=XX

Create a connection between webapp and postgres-flexible with resource id

az webapp connection create postgres-flexible --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.DBforPostgreSQL/flexibleServers/{server}/databases/{database} --secret name=XX secret=XX

Optional Parameters

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot
--config-connstr
Preview

Store configuration into connection strings, only could be used together with dotnet client_type.

Accepted values: false, true
Default value: False
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--database

Name of postgres flexible database. Required if '--target-id' is not specified.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--new

Deleting existing users with the same name before creating a new user in database.

Default value: False
--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret name=XX secret=XX --secret name=XX secret-uri=XX --secret name=XX secret-name=XX

name : Required. Username or account name for secret auth. secret : One of <secret, secret-uri, secret-name> is required. Password or account key for secret auth. secret-uri : One of <secret, secret-uri, secret-name> is required. Keyvault secret uri which stores password. secret-name : One of <secret, secret-uri, secret-name> is required. Keyvault secret name which stores password. It's for AKS only.

--server

Name of postgres flexible server. Required if '--target-id' is not specified.

--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.

--target-resource-group --tg

The resource group which contains the flexible postgres service. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

--yes -y

Do not prompt for confirmation.

Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create redis

Create a webapp connection to redis.

az webapp connection create redis [--appconfig-id]
                                  [--client-type {dotnet, dotnet-internal, go, java, nodejs, none, python, springBoot}]
                                  [--connection]
                                  [--customized-keys]
                                  [--database]
                                  [--name]
                                  [--no-wait]
                                  [--opt-out {auth, configinfo, publicnetwork}]
                                  [--private-endpoint {false, true}]
                                  [--resource-group]
                                  [--secret]
                                  [--server]
                                  [--slot]
                                  [--source-id]
                                  [--target-id]
                                  [--target-resource-group]
                                  [--vault-id]

Examples

Create a connection between webapp and redis interactively

az webapp connection create redis

Create a connection between webapp and redis with resource name

az webapp connection create redis -g WebAppRG -n MyWebApp --tg RedisRG --server MyServer --database MyDB --secret

Create a connection between webapp slot and redis with resource name

az webapp connection create redis -g WebAppRG -n MyWebApp --slot MySlot --tg RedisRG --server MyServer --database MyDB --secret

Create a connection between webapp and redis with resource id

az webapp connection create redis --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.Cache/redis/{server}/databases/{database} --secret

Optional Parameters

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, go, java, nodejs, none, python, springBoot
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--database

Name of the redis database. Required if '--target-id' is not specified.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--server

Name of the redis server. Required if '--target-id' is not specified.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.

--target-resource-group --tg

The resource group which contains the redis server. Required if '--target-id' is not specified.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create redis-enterprise

Create a webapp connection to redis-enterprise.

az webapp connection create redis-enterprise [--appconfig-id]
                                             [--client-type {dotnet, dotnet-internal, go, java, nodejs, none, python, springBoot}]
                                             [--connection]
                                             [--customized-keys]
                                             [--database]
                                             [--name]
                                             [--no-wait]
                                             [--opt-out {auth, configinfo, publicnetwork}]
                                             [--resource-group]
                                             [--secret]
                                             [--server]
                                             [--slot]
                                             [--source-id]
                                             [--target-id]
                                             [--target-resource-group]
                                             [--vault-id]

Examples

Create a connection between webapp and redis-enterprise interactively

az webapp connection create redis-enterprise

Create a connection between webapp and redis-enterprise with resource name

az webapp connection create redis-enterprise -g WebAppRG -n MyWebApp --tg RedisRG --server MyServer --database MyDB --secret

Create a connection between webapp slot and redis-enterprise with resource name

az webapp connection create redis-enterprise -g WebAppRG -n MyWebApp --slot MySlot --tg RedisRG --server MyServer --database MyDB --secret

Create a connection between webapp and redis-enterprise with resource id

az webapp connection create redis-enterprise --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.Cache/redisEnterprise/{server}/databases/{database} --secret

Optional Parameters

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, go, java, nodejs, none, python, springBoot
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--database

Name of the redis enterprise database. Required if '--target-id' is not specified.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--server

Name of the redis enterprise server. Required if '--target-id' is not specified.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.

--target-resource-group --tg

The resource group which contains the redis server. Required if '--target-id' is not specified.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create servicebus

Create a webapp connection to servicebus.

az webapp connection create servicebus [--appconfig-id]
                                       [--client-type {dotnet, dotnet-internal, go, java, nodejs, none, python, springBoot}]
                                       [--connection]
                                       [--customized-keys]
                                       [--name]
                                       [--namespace]
                                       [--no-wait]
                                       [--opt-out {auth, configinfo, publicnetwork}]
                                       [--private-endpoint {false, true}]
                                       [--resource-group]
                                       [--secret]
                                       [--service-endpoint {false, true}]
                                       [--service-principal]
                                       [--slot]
                                       [--source-id]
                                       [--system-identity]
                                       [--target-id]
                                       [--target-resource-group]
                                       [--user-identity]
                                       [--vault-id]

Examples

Create a connection between webapp and servicebus interactively

az webapp connection create servicebus

Create a connection between webapp and servicebus with resource name

az webapp connection create servicebus -g WebAppRG -n MyWebApp --tg ServicebusRG --namespace MyNamespace --system-identity

Create a connection between webapp slot and servicebus with resource name

az webapp connection create servicebus -g WebAppRG -n MyWebApp --slot MySlot --tg ServicebusRG --namespace MyNamespace --system-identity

Create a connection between webapp and servicebus with resource id

az webapp connection create servicebus --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.ServiceBus/namespaces/{namespace} --system-identity

Optional Parameters

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, go, java, nodejs, none, python, springBoot
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--namespace

Name of the servicebus namespace. Required if '--target-id' is not specified.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--service-endpoint

Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.

Accepted values: false, true
--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--namespace'] are not specified.

--target-resource-group --tg

The resource group which contains the servicebus. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create signalr

Create a webapp connection to signalr.

az webapp connection create signalr [--appconfig-id]
                                    [--client-type {dotnet, dotnet-internal, none}]
                                    [--connection]
                                    [--customized-keys]
                                    [--name]
                                    [--no-wait]
                                    [--opt-out {auth, configinfo, publicnetwork}]
                                    [--private-endpoint {false, true}]
                                    [--resource-group]
                                    [--secret]
                                    [--service-principal]
                                    [--signalr]
                                    [--slot]
                                    [--source-id]
                                    [--system-identity]
                                    [--target-id]
                                    [--target-resource-group]
                                    [--user-identity]
                                    [--vault-id]

Examples

Create a connection between webapp and signalr interactively

az webapp connection create signalr

Create a connection between webapp and signalr with resource name

az webapp connection create signalr -g WebAppRG -n MyWebApp --tg SignalrRG --signalr MySignalR --system-identity

Create a connection between webapp slot and signalr with resource name

az webapp connection create signalr -g WebAppRG -n MyWebApp --slot MySlot --tg SignalrRG --signalr MySignalR --system-identity

Create a connection between webapp and signalr with resource id

az webapp connection create signalr --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.SignalRService/SignalR/{signalr} --system-identity

Optional Parameters

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, none
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--signalr

Name of the signalr service. Required if '--target-id' is not specified.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--signalr'] are not specified.

--target-resource-group --tg

The resource group which contains the signalr. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create sql

Create a webapp connection to sql.

az webapp connection create sql [--appconfig-id]
                                [--client-type {django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot}]
                                [--config-connstr {false, true}]
                                [--connection]
                                [--customized-keys]
                                [--database]
                                [--name]
                                [--no-wait]
                                [--opt-out {auth, configinfo, publicnetwork}]
                                [--private-endpoint {false, true}]
                                [--resource-group]
                                [--secret]
                                [--server]
                                [--service-endpoint {false, true}]
                                [--service-principal]
                                [--slot]
                                [--source-id]
                                [--system-identity]
                                [--target-id]
                                [--target-resource-group]
                                [--user-identity]
                                [--vault-id]

Examples

Create a connection between webapp and sql interactively

az webapp connection create sql

Create a connection between webapp and sql with resource name

az webapp connection create sql -g WebAppRG -n MyWebApp --tg SqlRG --server MyServer --database MyDB --secret name=XX secret=XX

Create a connection between webapp slot and sql with resource name

az webapp connection create sql -g WebAppRG -n MyWebApp --slot MySlot --tg SqlRG --server MyServer --database MyDB --secret name=XX secret=XX

Create a connection between webapp and sql with resource id

az webapp connection create sql --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.Sql/servers/{server}/databases/{database} --secret name=XX secret=XX

Optional Parameters

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot
--config-connstr
Preview

Store configuration into connection strings, only could be used together with dotnet client_type.

Accepted values: false, true
Default value: False
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--database

Name of the sql database. Required if '--target-id' is not specified.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret name=XX secret=XX --secret name=XX secret-uri=XX --secret name=XX secret-name=XX

name : Required. Username or account name for secret auth. secret : One of <secret, secret-uri, secret-name> is required. Password or account key for secret auth. secret-uri : One of <secret, secret-uri, secret-name> is required. Keyvault secret uri which stores password. secret-name : One of <secret, secret-uri, secret-name> is required. Keyvault secret name which stores password. It's for AKS only.

--server

Name of the sql server. Required if '--target-id' is not specified.

--service-endpoint

Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.

Accepted values: false, true
--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.

--target-resource-group --tg

The resource group which contains the sql server. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create sql (serviceconnector-passwordless extension)

Create a webapp connection to sql.

az webapp connection create sql [--appconfig-id]
                                [--client-type {django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot}]
                                [--config-connstr {false, true}]
                                [--connection]
                                [--customized-keys]
                                [--database]
                                [--name]
                                [--new]
                                [--no-wait]
                                [--opt-out {auth, configinfo, publicnetwork}]
                                [--private-endpoint {false, true}]
                                [--resource-group]
                                [--secret]
                                [--server]
                                [--service-endpoint {false, true}]
                                [--service-principal]
                                [--slot]
                                [--source-id]
                                [--system-identity]
                                [--target-id]
                                [--target-resource-group]
                                [--user-identity]
                                [--vault-id]
                                [--yes]

Examples

Create a connection between webapp and sql interactively

az webapp connection create sql

Create a connection between webapp and sql with resource name

az webapp connection create sql -g WebAppRG -n MyWebApp --tg SqlRG --server MyServer --database MyDB --secret name=XX secret=XX

Create a connection between webapp and sql with resource id

az webapp connection create sql --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.Sql/servers/{server}/databases/{database} --secret name=XX secret=XX

Optional Parameters

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: django, dotnet, dotnet-internal, go, java, nodejs, none, php, python, ruby, springBoot
--config-connstr
Preview

Store configuration into connection strings, only could be used together with dotnet client_type.

Accepted values: false, true
Default value: False
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--database

Name of the sql database. Required if '--target-id' is not specified.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--new

Deleting existing users with the same name before creating a new user in database.

Default value: False
--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret name=XX secret=XX --secret name=XX secret-uri=XX --secret name=XX secret-name=XX

name : Required. Username or account name for secret auth. secret : One of <secret, secret-uri, secret-name> is required. Password or account key for secret auth. secret-uri : One of <secret, secret-uri, secret-name> is required. Keyvault secret uri which stores password. secret-name : One of <secret, secret-uri, secret-name> is required. Keyvault secret name which stores password. It's for AKS only.

--server

Name of the sql server. Required if '--target-id' is not specified.

--service-endpoint

Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.

Accepted values: false, true
--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--server', '--database'] are not specified.

--target-resource-group --tg

The resource group which contains the sql server. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

--yes -y

Do not prompt for confirmation.

Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create storage-blob

Create a webapp connection to storage-blob.

az webapp connection create storage-blob [--account]
                                         [--appconfig-id]
                                         [--client-type {dotnet, dotnet-internal, java, nodejs, none, python, springBoot}]
                                         [--connection]
                                         [--customized-keys]
                                         [--name]
                                         [--new {false, true}]
                                         [--no-wait]
                                         [--opt-out {auth, configinfo, publicnetwork}]
                                         [--private-endpoint {false, true}]
                                         [--resource-group]
                                         [--secret]
                                         [--service-endpoint {false, true}]
                                         [--service-principal]
                                         [--slot]
                                         [--source-id]
                                         [--system-identity]
                                         [--target-id]
                                         [--target-resource-group]
                                         [--user-identity]
                                         [--vault-id]

Examples

Create a connection between webapp and storage-blob interactively

az webapp connection create storage-blob

Create a connection between webapp and storage-blob with resource name

az webapp connection create storage-blob -g WebAppRG -n MyWebApp --tg StorageRG --account MyAccount --system-identity

Create a connection between webapp slot and storage-blob with resource name

az webapp connection create storage-blob -g WebAppRG -n MyWebApp --slot MySlot --tg StorageRG --account MyAccount --system-identity

Create a connection between webapp and storage-blob with resource id

az webapp connection create storage-blob --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.Storage/storageAccounts/{account}/blobServices/default --system-identity

Create a new storage-blob and connect webapp to it interactively

az webapp connection create storage-blob --new

Create a new storage-blob and connect webapp to it

az webapp connection create storage-blob --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --new

Optional Parameters

--account

Name of the storage account. Required if '--target-id' is not specified.

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, java, nodejs, none, python, springBoot
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--new

Indicates whether to create a new storage-blob when creating the webapp connection.

Accepted values: false, true
Default value: False
--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--service-endpoint

Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.

Accepted values: false, true
--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--account'] are not specified.

--target-resource-group --tg

The resource group which contains the storage account. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create storage-file

Create a webapp connection to storage-file.

az webapp connection create storage-file [--account]
                                         [--appconfig-id]
                                         [--client-type {dotnet, dotnet-internal, java, nodejs, none, php, python, ruby, springBoot}]
                                         [--connection]
                                         [--customized-keys]
                                         [--name]
                                         [--no-wait]
                                         [--opt-out {auth, configinfo, publicnetwork}]
                                         [--private-endpoint {false, true}]
                                         [--resource-group]
                                         [--secret]
                                         [--service-endpoint {false, true}]
                                         [--slot]
                                         [--source-id]
                                         [--target-id]
                                         [--target-resource-group]
                                         [--vault-id]

Examples

Create a connection between webapp and storage-file interactively

az webapp connection create storage-file

Create a connection between webapp and storage-file with resource name

az webapp connection create storage-file -g WebAppRG -n MyWebApp --tg StorageRG --account MyAccount --secret

Create a connection between webapp slot and storage-file with resource name

az webapp connection create storage-file -g WebAppRG -n MyWebApp --slot MySlot --tg StorageRG --account MyAccount --secret

Create a connection between webapp and storage-file with resource id

az webapp connection create storage-file --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.Storage/storageAccounts/{account}/fileServices/default --secret

Optional Parameters

--account

Name of the storage account. Required if '--target-id' is not specified.

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, java, nodejs, none, php, python, ruby, springBoot
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--service-endpoint

Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.

Accepted values: false, true
--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--account'] are not specified.

--target-resource-group --tg

The resource group which contains the storage account. Required if '--target-id' is not specified.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create storage-queue

Create a webapp connection to storage-queue.

az webapp connection create storage-queue [--account]
                                          [--appconfig-id]
                                          [--client-type {dotnet, dotnet-internal, java, nodejs, none, python, springBoot}]
                                          [--connection]
                                          [--customized-keys]
                                          [--name]
                                          [--no-wait]
                                          [--opt-out {auth, configinfo, publicnetwork}]
                                          [--private-endpoint {false, true}]
                                          [--resource-group]
                                          [--secret]
                                          [--service-endpoint {false, true}]
                                          [--service-principal]
                                          [--slot]
                                          [--source-id]
                                          [--system-identity]
                                          [--target-id]
                                          [--target-resource-group]
                                          [--user-identity]
                                          [--vault-id]

Examples

Create a connection between webapp and storage-queue interactively

az webapp connection create storage-queue

Create a connection between webapp and storage-queue with resource name

az webapp connection create storage-queue -g WebAppRG -n MyWebApp --tg StorageRG --account MyAccount --system-identity

Create a connection between webapp slot and storage-queue with resource name

az webapp connection create storage-queue -g WebAppRG -n MyWebApp --slot MySlot --tg StorageRG --account MyAccount --system-identity

Create a connection between webapp and storage-queue with resource id

az webapp connection create storage-queue --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.Storage/storageAccounts/{account}/queueServices/default --system-identity

Optional Parameters

--account

Name of the storage account. Required if '--target-id' is not specified.

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, java, nodejs, none, python, springBoot
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--service-endpoint

Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.

Accepted values: false, true
--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--account'] are not specified.

--target-resource-group --tg

The resource group which contains the storage account. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create storage-table

Create a webapp connection to storage-table.

az webapp connection create storage-table [--account]
                                          [--appconfig-id]
                                          [--client-type {dotnet, dotnet-internal, java, nodejs, none, python}]
                                          [--connection]
                                          [--customized-keys]
                                          [--name]
                                          [--no-wait]
                                          [--opt-out {auth, configinfo, publicnetwork}]
                                          [--private-endpoint {false, true}]
                                          [--resource-group]
                                          [--secret]
                                          [--service-endpoint {false, true}]
                                          [--service-principal]
                                          [--slot]
                                          [--source-id]
                                          [--system-identity]
                                          [--target-id]
                                          [--target-resource-group]
                                          [--user-identity]
                                          [--vault-id]

Examples

Create a connection between webapp and storage-table interactively

az webapp connection create storage-table

Create a connection between webapp and storage-table with resource name

az webapp connection create storage-table -g WebAppRG -n MyWebApp --tg StorageRG --account MyAccount --system-identity

Create a connection between webapp slot and storage-table with resource name

az webapp connection create storage-table -g WebAppRG -n MyWebApp --slot MySlot --tg StorageRG --account MyAccount --system-identity

Create a connection between webapp and storage-table with resource id

az webapp connection create storage-table --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.Storage/storageAccounts/{account}/tableServices/default --system-identity

Optional Parameters

--account

Name of the storage account. Required if '--target-id' is not specified.

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, java, nodejs, none, python
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--service-endpoint

Connect target service by service endpoint. Source resource must be in the VNet and target SKU must support service endpoint feature.

Accepted values: false, true
--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--account'] are not specified.

--target-resource-group --tg

The resource group which contains the storage account. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az webapp connection create webpubsub

Create a webapp connection to webpubsub.

az webapp connection create webpubsub [--appconfig-id]
                                      [--client-type {dotnet, dotnet-internal, java, nodejs, none, python}]
                                      [--connection]
                                      [--customized-keys]
                                      [--name]
                                      [--no-wait]
                                      [--opt-out {auth, configinfo, publicnetwork}]
                                      [--private-endpoint {false, true}]
                                      [--resource-group]
                                      [--secret]
                                      [--service-principal]
                                      [--slot]
                                      [--source-id]
                                      [--system-identity]
                                      [--target-id]
                                      [--target-resource-group]
                                      [--user-identity]
                                      [--vault-id]
                                      [--webpubsub]

Examples

Create a connection between webapp and webpubsub interactively

az webapp connection create webpubsub

Create a connection between webapp and webpubsub with resource name

az webapp connection create webpubsub -g WebAppRG -n MyWebApp --tg WebpubsubRG --webpubsub MyWebPubSub --system-identity

Create a connection between webapp slot and webpubsub with resource name

az webapp connection create webpubsub -g WebAppRG -n MyWebApp --slot MySlot --tg WebpubsubRG --webpubsub MyWebPubSub --system-identity

Create a connection between webapp and webpubsub with resource id

az webapp connection create webpubsub --source-id /subscriptions/{subscription}/resourceGroups/{source_resource_group}/providers/Microsoft.Web/sites/{site} --target-id /subscriptions/{subscription}/resourceGroups/{target_resource_group}/providers/Microsoft.SignalRService/WebPubSub/{webpubsub} --system-identity

Optional Parameters

--appconfig-id

The app configuration id to store configuration.

--client-type

The client type used on the webapp.

Accepted values: dotnet, dotnet-internal, java, nodejs, none, python
--connection

Name of the webapp connection.

--customized-keys

The customized keys used to change default configuration names. Key is the original name, value is the customized name.

--name -n

Name of the webapp. Required if '--source-id' is not specified.None.

--no-wait

Do not wait for the long-running operation to finish.

Default value: False
--opt-out

Whether to disable some configuration steps. Use configinfo to disbale configuration information changes on source. Use publicnetwork to disable public network access configuration.Use auth to skip auth configuration such as enabling managed identity and granting RBAC roles.

Accepted values: auth, configinfo, publicnetwork
--private-endpoint

Connect target service by private endpoint. The private endpoint in source virtual network must be created ahead.

Accepted values: false, true
--resource-group -g

The resource group which contains the webapp. Required if '--source-id' is not specified.None.

--secret

The secret auth info.

Usage: --secret.

--service-principal

The service principal auth info.

Usage: --service-principal client-id=XX secret=XX

client-id : Required. Client id of the service principal. object-id : Optional. Object id of the service principal (Enterprise Application). secret : Required. Secret of the service principal.

--slot

The name of the slot. Default to the production slot if not specified.

--source-id

The resource id of a webapp. Required if ['--resource-group', '--name'] are not specified.

--system-identity

The system assigned identity auth info.

Usage: --system-identity.

--target-id

The resource id of target service. Required if ['--target-resource-group', '--webpubsub'] are not specified.

--target-resource-group --tg

The resource group which contains the webpubsub. Required if '--target-id' is not specified.

--user-identity

The user assigned identity auth info.

Usage: --user-identity client-id=XX subs-id=XX

client-id : Required. Client id of the user assigned identity. subs-id : Required. Subscription id of the user assigned identity.

--vault-id

The id of key vault to store secret value.

--webpubsub

Name of the webpubsub service. Required if '--target-id' is not specified.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.