Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
az attestation policy
- Experimental
Note
This reference is part of the attestation extension for the Azure CLI (version 2.55.0 or higher). The extension will automatically install the first time you run an az attestation policy command. Learn more about extensions.
Command group 'attestation' is experimental and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Manage policies.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az attestation policy reset |
Resets the attestation policy for the specified tenant and reverts to the default policy. |
Extension | Experimental |
| az attestation policy set |
Sets the policy for a given kind of attestation type. |
Extension | Experimental |
| az attestation policy show |
Retrieves the current policy for a given kind of attestation type. |
Extension | Experimental |
az attestation policy reset
Command group 'attestation' is experimental and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Resets the attestation policy for the specified tenant and reverts to the default policy.
az attestation policy reset --attestation-type {OpenEnclave, SevSnpVm, SgxEnclave, Tpm}
[--acquire-policy-token]
[--change-reference]
[--id]
[--name]
[--policy-jws]
[--resource-group]Examples
Resets the attestation policy for the specified tenant and reverts to the default policy.
az attestation policy reset -n "myattestationprovider" -g "MyResourceGroup" --attestation-type SGX-OpenEnclaveSDK --policy-jws "eyJhbGciOiJub25lIn0.."Required Parameters
Type of the attestation.
| Property | Value |
|---|---|
| Accepted values: | OpenEnclave, SevSnpVm, SgxEnclave, Tpm |
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Acquiring an Azure Policy token automatically for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
The related change reference ID for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
Resource ID of the provider. Please omit --resource-group/-g or --name/-n if you have already specified --id.
Name of the attestation provider.
JSON Web Signature with an empty policy document.
| Property | Value |
|---|---|
| Default value: | eyJhbGciOiJub25lIn0.. |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Client Arguments |
az attestation policy set
Command group 'attestation' is experimental and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Sets the policy for a given kind of attestation type.
az attestation policy set --attestation-type {OpenEnclave, SevSnpVm, SgxEnclave, Tpm}
[--acquire-policy-token]
[--change-reference]
[--id]
[--name]
[--new-attestation-policy]
[--new-attestation-policy-file]
[--policy-format]
[--resource-group]Examples
Sets the policy for a given kind of attestation type using JWT content.
az attestation policy set -n "myattestationprovider" -g "MyResourceGroup" --attestation-type SGX-OpenEnclaveSDK --new-attestation-policy "{JWT}" --policy-format JWTSets the policy for a given kind of attestation type using Text content.
az attestation policy set -n "myattestationprovider" -g "MyResourceGroup" --attestation-type SGX-OpenEnclaveSDK --new-attestation-policy "{json_text}"Sets the policy for a given kind of attestation type using file name.
az attestation policy set -n "myattestationprovider" -g "MyResourceGroup" --attestation-type SGX-OpenEnclaveSDK --new-attestation-policy-file "{file_name}" --policy- format JWTRequired Parameters
Type of the attestation.
| Property | Value |
|---|---|
| Accepted values: | OpenEnclave, SevSnpVm, SgxEnclave, Tpm |
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Acquiring an Azure Policy token automatically for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
The related change reference ID for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
Resource ID of the provider. Please omit --resource-group/-g or --name/-n if you have already specified --id.
Name of the attestation provider.
Content of the new attestation policy (Text or JWT).
File name of the new attestation policy.
Specifies the format for the policy, either Text or JWT (JSON Web Token). Allowed values: JWT, Text.
| Property | Value |
|---|---|
| Default value: | Text |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Client Arguments |
az attestation policy show
Command group 'attestation' is experimental and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Retrieves the current policy for a given kind of attestation type.
az attestation policy show --attestation-type {OpenEnclave, SevSnpVm, SgxEnclave, Tpm}
[--id]
[--name]
[--resource-group]Examples
Retrieves the current policy for a given kind of attestation type.
az attestation policy show -n "myattestationprovider" -g "MyResourceGroup" --attestation-type SGX-OpenEnclaveSDKRequired Parameters
Type of the attestation.
| Property | Value |
|---|---|
| Accepted values: | OpenEnclave, SevSnpVm, SgxEnclave, Tpm |
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Resource ID of the provider. Please omit --resource-group/-g or --name/-n if you have already specified --id.
Name of the attestation provider.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Client Arguments |
Feedback
Was this page helpful?