Loading...

Announcing template-based previews of Azure CLI and Azure PowerShell for Key Vault deployments

Announcing template-based previews of Azure CLI and Azure PowerShell for Key Vault deployments

We are announcing the new implementation of Azure CLI and Azure PowerShell commands to create Azure Key Vault.

 

Advantages

We leverage the ARM template mechanism to refactor the Key Vault command line. Compared with the previous implementation, calling REST API through SDKs, this implementation scheme has the following advantages that users can benefit from.

  • Consistency. Ensure consistent behavior and defaults between Azure CLI, Azure PowerShell, and Portal. 
  • What-If. Support a ‘what if’ option to predict the impact of a deployment before the command is executed.  
  • Idempotency. Sending the same request multiple times will produce the same result, regardless of resource state.

 

What’s new 

We implemented several new features when compared to the previous version of commands. 

 

What-If

What-If is designed to show users as much information about what their deployment will do before it deploys. 

Nori_Zhang_0-1695260673154.png

 

Progress Bar

We have implemented a progress bar to visualize the deployment.

Animation.gif

 

Idempotency 

We are using the incremental mode of ARM deployment to create key vaults. By setting –FailOnExist as $false, we can repeatedly create the same key vault or update the existing one. 

Create a same key vaultCreate a same key vault

Update the existing vaultUpdate the existing vault

 

Deep Dive 

For Key Vault creation, Azure Client Tools previously followed a different structure than Azure Portal, as shown in the following example:  

Nori_Zhang_0-1695274277072.png

 

With the ARM template included, we maintain consistency and communicate directly with ARM: 

Nori_Zhang_1-1695274297466.png

We are using template specs to make staging and sharing of ARM templates easy. 

 

Next Steps

We look forward to your feedback. We will evaluate the effects and risks and consider expanding the command line scope of service, module, and extension. 

 

Getting Started 

You can test our new version by following the instructions provided below. Your feedback will help shape the strategy of how we build the command line tools for Azure.

 

Getting started with Azure PowerShell

The PowerShell package for private preview is provided on the PowerShell Gallery.

 

Installation 

Copy and paste the following command to install this package using PowerShellGet: 

Install-Module -Name Az.KeyVault -RequiredVersion 4.12.0-preview -AllowPrerelease 

 

Quick Start

 

# 1. Create a Resource Group New-AzResourceGroup -Name $resourceGroupName -location $location # 2. Validate the creation of a key vault using `-WhatIf` New-AzKeyvault -Name $keyvaultName -Location $location -ResourceGroupName $resourceGroupName -WhatIf # 3. Create a key vault, observe the deployment once the command has completed New-AzKeyvault -Name $keyvaultName -Location $location -ResourceGroupName $resourceGroupName # 4. See what will happen if create a key vault in incremental mode and do a little change New-AzKeyvault -Name $keyvaultName -Location $location -ResourceGroupName $resourceGroupName -FailOnExist $false -EnabledForDeployment –WhatIf # 5. Create the existing key vault in incremental mode New-AzKeyvault -Name $keyvaultName -Location $location -ResourceGroupName $resourceGroupName -FailOnExist $false # 6. Clean-up Azure resources Remove-AzResourceGroup -Name $resourceGroupName

 

Getting started with Azure CLI

The CLI package for public preview is provided as MSI / whl packages: 

 

For MSI package Installation

Download and install the MSI package. When the installer asks if it can make changes to your computer, select "Yes". If you have previously installed the Azure CLI, make sure it has been uninstalled first. 

 

For whl package Installation

  1. Prepare and use a separate virtual environment# Create a python virtual env named `testenv` with: python -m venv testenv # Activate the env (if you are using powershell): .\testenv\Scripts\Activate.ps1 # Activate the env (if you are using bash): source venv/bin/activate
  2. Unzip and install private .whl packages # Unzip the file and install three cli whl packages (azure_cli, azure_cli_core, azure_cli_telemetry) pip install azure_cli-2.53.0.post20230920063357-py3-none-any.whl azure_cli_core-2.53.0.post20230920063357-py3-none-any.whl azure_cli_telemetry-1.1.0.post20230920063357-py3-none-any.whl

 

Quick Start

 

# 0 Define your variables let "randomIdentifier=$RANDOM*$RANDOM" location="eastus" resourceGroupName="msdocs-keyvault-rg-$randomIdentifier" keyvaultName = "msdocs-keyvault-name-$randomIdentifier" # 1. Create resource group az group create --resource-group $resourceGroupName --location $location # 2. Validate the creation of a keyvault using `--what-if` az keyvault create --name $keyvaultName --resource-group $resourceGroupName --location $location --what-if # 3. Create a keyvault, observe the deployment once the command has completed az keyvault create --name $keyvaultName --resource-group $resourceGroupName --location $location # 4. See what will happen if create a keyvault in incremental mode and do a little change az keyvault create --name $keyvaultName --resource-group $resourceGroupName --location $location --enabled-for-deployment --fail-on-exist false # 5. Create the existing keyvault in incremental mode az keyvault create --name $keyvaultName --resource-group $resourceGroupName --location $location --fail-on-exist false # 6. Clean-up Azure resources az group delete -name $resourceGroupName

 

 

For whl package clean up  

 

# Deactivate the virtual environment Deactivate # Delete the virtual environment folder to clean up (if you are using linux) rm –rf .\testenv

 

 

Feedback

This feature is already available. Feel free to share your experience by participating in our surveyWe welcome your feedback! 

Published on:

Learn more
Azure Tools Blog articles
Azure Tools Blog articles

Azure Tools Blog articles

Share post:

Related posts

Need a different partition key in Azure Cosmos DB? Pick the right approach

Once you create a container, its partition key is fixed at creation, and you can’t change it in place. However, if your original key starts ca...

42 minutes ago

Azure SDK Release (June 2026)

Azure SDK releases every month. In this post, you'll find this month's highlights and release notes. The post Azure SDK Release (June 2026) ap...

8 hours ago

Fundamentals of Azure DevOps with SQL projects

Building automated pipelines with your SQL database projects enables you to build a rich CI/CD ecosystem to ensure that your application is be...

4 days ago

Upcoming Change: NTLM Removal in Git (libcurl) – Impact to Azure DevOps Server Customers

Overview In September 2026, NTLM support will be removed from libcurl, which is used by Git for HTTP(S) operations. As a result, Git operation...

4 days ago

What’s new across Microsoft SQL in 2026 so far (SQL Server, Azure SQL, and SQL database in Fabric)

We’re halfway through 2026, and Microsoft SQL has not slowed down. Since SQLCon/FabCon in March (where we released a ton of things, and those ...

5 days ago

Power Automate Flow — HTTP Trigger to Azure OpenAI

Build the secure Power Automate HTTP trigger flow that receives free text from the portal, calls Azure OpenAI using your smart-form-extract de...

7 days ago

Spring AI 2.0 is GA: Vector Search, Memory, and Agents on Azure Cosmos DB

The wait is over. Spring AI 2.0 is generally available, and Azure Cosmos DB is right there with it. With this release, Spring AI graduates int...

7 days ago
Stay up to date with latest Microsoft Dynamics 365 and Power Platform news!
* Yes, I agree to the privacy policy