az attestation policy
Manage the policies.
Commands
az attestation policy reset |
Resets the attestation policy for the specified tenant and reverts to the default policy. |
az attestation policy set |
Sets the policy for a given kind of TEE. |
az attestation policy show |
Retrieves the current policy for a given kind of TEE. |
az attestation policy reset
Resets the attestation policy for the specified tenant and reverts to the default policy.
az attestation policy reset --policy-jws
--tee {CyResComponent, OpenEnclave, SgxEnclave, VSMEnclave}
[--attestation-base-url]
[--name]
[--resource-group]
Examples
Resets the attestation policy for the specified tenant and reverts to the default policy.
az attestation policy reset -n "myattestationprovider" -g "MyResourceGroup" --tee SgxEnclave \
--policy-jws "eyJhbGciOiJub25lIn0.."
Required Parameters
JSON Web Signature with an empty policy document.
Specifies the trusted execution environment to be used to validate the evidence.
Optional Parameters
URL of the attestation, for example: https://myatt.eus2.attest.azure.net. You can ignore --name and --resource-group if you specified the URL.
Name of the attestation.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
az attestation policy set
Sets the policy for a given kind of TEE.
az attestation policy set --new-attestation-policy
--tee {CyResComponent, OpenEnclave, SgxEnclave, VSMEnclave}
[--attestation-base-url]
[--name]
[--resource-group]
Examples
Sets the policy for a given kind of TEE (SgxEnclave).
az attestation policy set -n "myattestationprovider" -g "MyResourceGroup" --tee SgxEnclave \
--new-attestation-policy "newAttestationPolicyname"
Required Parameters
JWT Expressing the new policy.
Specifies the trusted execution environment to be used to validate the evidence.
Optional Parameters
URL of the attestation, for example: https://myatt.eus2.attest.azure.net. You can ignore --name and --resource-group if you specified the URL.
Name of the attestation.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
az attestation policy show
Retrieves the current policy for a given kind of TEE.
az attestation policy show --tee {CyResComponent, OpenEnclave, SgxEnclave, VSMEnclave}
[--attestation-base-url]
[--name]
[--resource-group]
Examples
Retrieves the current policy for a given kind of TEE (SgxEnclave).
az attestation policy show -n "myattestationprovider" -g "MyResourceGroup" --tee SgxEnclave
Required Parameters
Specifies the trusted execution environment to be used to validate the evidence.
Optional Parameters
URL of the attestation, for example: https://myatt.eus2.attest.azure.net. You can ignore --name and --resource-group if you specified the URL.
Name of the attestation.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.