Note

Access to this page requires authorization. You can try signing in or .

Access to this page requires authorization. You can try .

az keyvault network-rule

Manage network ACLs for vault or managed hsm.

Commands

Name Description Type Status
az keyvault network-rule add

Add a network rule to the network ACLs for a Key Vault or a Managed HSM.

 Core GA
az keyvault network-rule list

List the network rules from the network ACLs for a Key Vault or a Managed HSM.

 Core GA
az keyvault network-rule remove

Remove a network rule from the network ACLs for a Key Vault or a Managed HSM.

 Core GA
az keyvault network-rule wait

Place the CLI in a waiting state until a condition of the vault or managed hsm is met.

 Core GA

az keyvault network-rule add

Add a network rule to the network ACLs for a Key Vault or a Managed HSM.

az keyvault network-rule add [--acquire-policy-token]
 [--change-reference]
 [--hsm-name]
 [--ip-address]
 [--name]
 [--no-wait]
 [--resource-group]
 [--subnet]
 [--vnet-name]

Examples

Add a specific IP address to the network access rules of a Key Vault in a specified resource group using this command. (autogenerated)

az keyvault network-rule add --ip-address 1.2.3.4 --name cli-mock-kv-nr --resource-group cli_mock_keyvault_network_rule

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--acquire-policy-token

Acquiring an Azure Policy token automatically for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--change-reference

The related change reference ID for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--hsm-name

Name of the HSM. (--hsm-name and --name/-n are mutually exclusive, please specify just one of them).

--ip-address

IPv4 address or CIDR range. Can supply a list: --ip-address ip1 [ip2]...

--name -n

Name of the Vault.

--no-wait

Do not wait for the long-running operation to finish.

Property Value
Default value: False
--resource-group -g

Name of resource group.

--subnet

Name or ID of subnet. If name is supplied, --vnet-name must be supplied.

--vnet-name

Name of a virtual network.

az keyvault network-rule list

List the network rules from the network ACLs for a Key Vault or a Managed HSM.

az keyvault network-rule list [--hsm-name]
 [--name]
 [--resource-group]

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--hsm-name

Name of the HSM. (--hsm-name and --name/-n are mutually exclusive, please specify just one of them).

--name -n

Name of the Vault.

--resource-group -g

Name of resource group.

az keyvault network-rule remove

Remove a network rule from the network ACLs for a Key Vault or a Managed HSM.

az keyvault network-rule remove [--acquire-policy-token]
 [--change-reference]
 [--hsm-name]
 [--ip-address]
 [--name]
 [--no-wait]
 [--resource-group]
 [--subnet]
 [--vnet-name]

Examples

Remove a specific IP address to the network access rules of a Key Vault in a specified resource group.

az keyvault network-rule remove --ip-address 1.2.3.4 --name cli-mock-kv-nr --resource-group cli_mock_keyvault_network_rule

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--acquire-policy-token

Acquiring an Azure Policy token automatically for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--change-reference

The related change reference ID for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--hsm-name

Name of the HSM. (--hsm-name and --name/-n are mutually exclusive, please specify just one of them).

--ip-address

IPv4 address or CIDR range. Can supply a list: --ip-address ip1 [ip2]...

--name -n

Name of the Vault.

--no-wait

Do not wait for the long-running operation to finish.

Property Value
Default value: False
--resource-group -g

Name of resource group.

--subnet

Name or ID of subnet. If name is supplied, --vnet-name must be supplied.

--vnet-name

Name of a virtual network.

az keyvault network-rule wait

Place the CLI in a waiting state until a condition of the vault or managed hsm is met.

az keyvault network-rule wait [--acquire-policy-token]
 [--change-reference]
 [--created]
 [--custom]
 [--deleted]
 [--exists]
 [--hsm-name]
 [--interval]
 [--name]
 [--resource-group]
 [--timeout]
 [--updated]

Examples

Pause CLI until the network ACLs are updated.

az keyvault network-rule wait --name MyVault --updated

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--acquire-policy-token

Acquiring an Azure Policy token automatically for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--change-reference

The related change reference ID for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--created

Wait until created with 'provisioningState' at 'Succeeded'.

Property Value
Parameter group: Wait Condition Arguments
Default value: False
--custom

Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].

Property Value
Parameter group: Wait Condition Arguments
--deleted

Wait until deleted.

Property Value
Parameter group: Wait Condition Arguments
Default value: False
--exists

Wait until the resource exists.

Property Value
Parameter group: Wait Condition Arguments
Default value: False
--hsm-name

Name of the HSM. (--hsm-name and --name/-n are mutually exclusive, please specify just one of them).

--interval

Polling interval in seconds.

Property Value
Parameter group: Wait Condition Arguments
Default value: 30
--name -n

Name of the Vault.

--resource-group -g

Name of resource group.

--timeout

Maximum wait in seconds.

Property Value
Parameter group: Wait Condition Arguments
Default value: 3600
--updated

Wait until updated with provisioningState at 'Succeeded'.

Property Value
Parameter group: Wait Condition Arguments
Default value: False

Feedback

Was this page helpful?