你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn。
az iot ops secretsync
Note
This reference is part of the azure-iot-ops extension for the Azure CLI (version 2.53.0 or higher). The extension will automatically install the first time you run an az iot ops secretsync command. Learn more about extensions.
Command group 'iot ops' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Instance secret sync management.
Commands
Name | Description | Type | Status |
---|---|---|---|
az iot ops secretsync disable |
Disable secret sync for an instance. |
Extension | Preview |
az iot ops secretsync enable |
Enable secret sync for an instance. |
Extension | Preview |
az iot ops secretsync list |
List the secret sync configs associated with an instance. |
Extension | Preview |
az iot ops secretsync disable
Command group 'iot ops' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Disable secret sync for an instance.
All the secret provider classes associated with the instance, and all the secret syncs associated with the secret provider classes will be deleted.
az iot ops secretsync disable --name
--resource-group
[--yes {false, true}]
Examples
Disable secret sync for an instance.
az iot ops secretsync disable --name myinstance -g myresourcegroup
Required Parameters
IoT Operations instance name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Optional Parameters
Confirm [y]es without a prompt. Useful for CI and automation scenarios.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az iot ops secretsync enable
Command group 'iot ops' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Enable secret sync for an instance.
The operation handles federation, creation of a secret provider class and role assignments of the managed identity to the target Key Vault.
Only one Secret Provider Class must be associated to the instance at a time.
az iot ops secretsync enable --kv-resource-id
--mi-user-assigned
--name
--resource-group
[--self-hosted-issuer {false, true}]
[--skip-ra {false, true}]
[--spc]
Examples
Enable the target instance for Key Vault secret sync.
az iot ops secretsync enable --name myinstance -g myresourcegroup --mi-user-assigned $UA_MI_RESOURCE_ID --kv-resource-id $KEYVAULT_RESOURCE_ID
Same as prior example except flag to skip Key Vault role assignments.
az iot ops secretsync enable --name myinstance -g myresourcegroup --mi-user-assigned $UA_MI_RESOURCE_ID --kv-resource-id $KEYVAULT_RESOURCE_ID --skip-ra
Required Parameters
Key Vault ARM resource Id.
The resource Id for the desired user-assigned managed identity to use with the instance.
IoT Operations instance name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Optional Parameters
Use the self-hosted oidc issuer for federation.
When used the role assignment step of the operation will be skipped.
The secret provider class name for secret sync enablement. The default pattern is '{instance_name}-spc'.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az iot ops secretsync list
Command group 'iot ops' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
List the secret sync configs associated with an instance.
az iot ops secretsync list --name
--resource-group
Examples
List the secret sync configs associated with an instance.
az iot ops secretsync list --name myinstance -g myresourcegroup
Required Parameters
IoT Operations instance name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.