Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
az vm identity
Manage service identities of a VM.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az vm identity assign |
Enable managed service identity on a VM. |
Core | GA |
| az vm identity remove |
Remove managed service identities from a VM. |
Core | GA |
| az vm identity show |
Display VM's managed identity info. |
Core | GA |
az vm identity assign
Enable managed service identity on a VM.
This is required to authenticate and interact with other Azure services using bearer tokens.
az vm identity assign [--acquire-policy-token]
[--change-reference]
[--identities]
[--ids]
[--name]
[--resource-group]
[--role]
[--scope]
[--subscription]Examples
Enable the system assigned identity on a VM with the 'Reader' role.
az vm identity assign -g MyResourceGroup -n MyVm --role Reader --scope /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MyResourceGroupEnable the system assigned identity and a user assigned identity on a VM with the 'Reader' role.
az vm identity assign -g MyResourceGroup -n MyVm --role Reader --identities [system] myAssignedId --scope /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MyResourceGroupOptional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Acquiring an Azure Policy token automatically for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
The related change reference ID for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
Space-separated identities to assign. Use '[system]' to refer to the system assigned identity. Default: '[system]'.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the Virtual Machine. You can configure the default using az configure --defaults vm=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Role name or id the system assigned identity will have.
Scope that the system assigned identity can access.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
az vm identity remove
Remove managed service identities from a VM.
az vm identity remove [--acquire-policy-token]
[--change-reference]
[--identities]
[--ids]
[--name]
[--resource-group]
[--subscription]Examples
Remove the system assigned identity
az vm identity remove -g MyResourceGroup -n MyVmRemove a user assigned identity
az vm identity remove -g MyResourceGroup -n MyVm --identities readerIdRemove 2 identities which are in the same resource group with the VM
az vm identity remove -g MyResourceGroup -n MyVm --identities readerId writerIdRemove the system assigned identity and a user identity
az vm identity remove -g MyResourceGroup -n MyVm --identities [system] readerIdOptional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Acquiring an Azure Policy token automatically for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
The related change reference ID for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
Space-separated identities to remove. Use '[system]' to refer to the system assigned identity. Default: '[system]'.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the Virtual Machine. You can configure the default using az configure --defaults vm=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
az vm identity show
Display VM's managed identity info.
az vm identity show [--ids]
[--name]
[--resource-group]
[--subscription]Examples
display VM's managed identity info. (autogenerated)
az vm identity show --name MyVirtualMachine --resource-group MyResourceGroupOptional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the Virtual Machine. You can configure the default using az configure --defaults vm=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Feedback
Was this page helpful?