We are announcing the new implementation of Azure CLI and Azure PowerShell commands to create Azure Key Vault.
We leverage the ARM template mechanism to refactor the Key Vault command line. Compared with the previous implementation, calling REST API through SDKs, this implementation scheme has the following advantages that users can benefit from.
We implemented several new features when compared to the previous version of commands.
What-If is designed to show users as much information about what their deployment will do before it deploys.
We have implemented a progress bar to visualize the deployment.
We are using the incremental mode of ARM deployment to create key vaults. By setting –FailOnExist as $false, we can repeatedly create the same key vault or update the existing one.
For Key Vault creation, Azure Client Tools previously followed a different structure than Azure Portal, as shown in the following example:
With the ARM template included, we maintain consistency and communicate directly with ARM:
We are using template specs to make staging and sharing of ARM templates easy.
We look forward to your feedback. We will evaluate the effects and risks and consider expanding the command line scope of service, module, and extension.
You can test our new version by following the instructions provided below. Your feedback will help shape the strategy of how we build the command line tools for Azure.
The PowerShell package for public preview is provided on the PowerShell Gallery.
Copy and paste the following command to install this package using PowerShellGet:
Install-Module -Name Az.KeyVault -RequiredVersion 4.12.0-preview -AllowPrerelease
# 1. Create a Resource Group
New-AzResourceGroup -Name $resourceGroupName -location $location
# 2. Validate the creation of a key vault using `-WhatIf`
New-AzKeyvault -Name $keyvaultName -Location $location -ResourceGroupName $resourceGroupName -WhatIf
# 3. Create a key vault, observe the deployment once the command has completed
New-AzKeyvault -Name $keyvaultName -Location $location -ResourceGroupName $resourceGroupName
# 4. See what will happen if create a key vault in incremental mode and do a little change
New-AzKeyvault -Name $keyvaultName -Location $location -ResourceGroupName $resourceGroupName -FailOnExist $false -EnabledForDeployment –WhatIf
# 5. Create the existing key vault in incremental mode
New-AzKeyvault -Name $keyvaultName -Location $location -ResourceGroupName $resourceGroupName -FailOnExist $false
# 6. Clean-up Azure resources
Remove-AzResourceGroup -Name $resourceGroupName
The CLI package for public preview is provided as MSI / whl packages:
Download and install the MSI package. When the installer asks if it can make changes to your computer, select "Yes". If you have previously installed the Azure CLI, make sure it has been uninstalled first.
# Create a python virtual env named `testenv` with:
python -m venv testenv
# Activate the env (if you are using powershell):
.\testenv\Scripts\Activate.ps1
# Activate the env (if you are using bash):
source venv/bin/activate
# Unzip the file and install three cli whl packages (azure_cli, azure_cli_core, azure_cli_telemetry)
pip install azure_cli-2.53.0.post20230920063357-py3-none-any.whl azure_cli_core-2.53.0.post20230920063357-py3-none-any.whl azure_cli_telemetry-1.1.0.post20230920063357-py3-none-any.whl
# 0 Define your variables
let "randomIdentifier=$RANDOM*$RANDOM"
location="eastus"
resourceGroupName="msdocs-keyvault-rg-$randomIdentifier"
keyvaultName = "msdocs-keyvault-name-$randomIdentifier"
# 1. Create resource group
az group create --resource-group $resourceGroupName --location $location
# 2. Validate the creation of a keyvault using `--what-if`
az keyvault create --name $keyvaultName --resource-group $resourceGroupName --location $location --what-if
# 3. Create a keyvault, observe the deployment once the command has completed
az keyvault create --name $keyvaultName --resource-group $resourceGroupName --location $location
# 4. See what will happen if create a keyvault in incremental mode and do a little change
az keyvault create --name $keyvaultName --resource-group $resourceGroupName --location $location --enabled-for-deployment --fail-on-exist false
# 5. Create the existing keyvault in incremental mode
az keyvault create --name $keyvaultName --resource-group $resourceGroupName --location $location --fail-on-exist false
# 6. Clean-up Azure resources
az group delete -name $resourceGroupName
# Deactivate the virtual environment
Deactivate
# Delete the virtual environment folder to clean up (if you are using linux)
rm –rf .\testenv
This feature is available as a preview and your feedback is extremely important.
Let us know what you think and issues you may face in our survey.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.