A major version is an opportunity to introduce several improvements that may not be compatible with the scripts that you have developed with a previous version. As always, we recommend that you read the migration guide to measure the impact of this new version on your environment.
Az 5.0 introduces the following fundamental changes:
Azure PowerShell is open source. Community contributions are always welcome, but we have not done a good job of recognizing our contributors. Starting with this release, we will add entries to the release notes for PRs merged that were submitted by non-Microsoft employees!
Thank you for your contributions. We’re making Azure PowerShell better together!
With Az 5.0, Az.Accounts, the module performing the authentication to Azure, is now using the Microsoft Authentication Library (MSAL).
The only change visible to you is that the default login mechanism changes to interactive from device code for PowerShell 7. The device login mechanism remains available if you want to use it.
MSAL maintains a token cache and refreshes tokens when needed. The cache can be used by other applications also using MSAL, reducing the number of authentications required. You can now share the same authentication among Az PowerShell, Visual Studio 2019, and Azure CLI. (Note: at the time of writing this article, this is only supported with the Azure CLI beta).
When moving from ADAL to MSAL, we will also migrate the existing token making the migration to Az.Accounts 2.0 transparent.
We recommend considering performing the upgrade to Az.Accounts 2.x as soon as possible since some new Azure capabilities like continuous access evaluation will not be compatible with older versions.
Under certain circumstances, the secret value of a KeyVault secret could be unintentionally displayed in the logs causing a security issue.
We removed the plain text property SecretValueText from the cmdlets that operate on KeyVault secrets. Your scripts will now need to use SecretValue (a SecureString) instead.
Since all Azure PowerShell cmdlets use SecureString or PSCredentials to manage confidential information, this change standardizes KeyVault secrets with other Azure PowerShell cmdlets. This comment indicates different method to convert a secure string to plain text depending on the version of PowerShell: https://github.com/Azure/azure-powershell/issues/12266#issuecomment-701410335.
To better support customers with container workloads in Azure, we are working to improve the overall experience with the associated services in PowerShell.
With this release, we are introducing several breaking changes in Az.AKS and Az.ContainerRegistry:
You can help us prioritize the additional improvements we are planning for the coming weeks by logging feature requests in the azure-powershell GitHub repo: https://github.com/Azure/azure-powershell/issues.
Based on customer feedback, Azure services may need to change the default settings over time. This new version of Az introduces the following changes to default values:
Our current priority is to add modules for the Azure services that do not have PowerShell support. Since the last major release, we have added the following 17 new modules:
Those modules are still in preview, hence not part of Az. Depending on the feedback we receive, our plan is to GA as many of them as possible in the coming weeks.
Try them out and provide feedback by logging issues in the azure-powershell GitHub repo: https://github.com/Azure/azure-powershell/issues.
We are continuing our effort to provide a PowerShell module for all Azure services. This will allow you to manage any Azure resource with PowerShell.
Soon, we will be announcing the preview of a new user interface for Azure PowerShell. The goal of this new interface is to make you more efficient with the Azure related cmdlets and parameters.
Follow our @azureposh Twitter account for continuous updates and interactions with the team.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.