az attestation

Attestation.

Commands

az attestation create

Creates or updates an attestation.

az attestation delete

Deletes an attestation.

az attestation list

Returns a list of attestation in a subscription or resource group.

az attestation policy

Manage the policies.

az attestation policy reset

Resets the attestation policy for the specified tenant and reverts to the default policy.

az attestation policy set

Sets the policy for a given kind of TEE.

az attestation policy show

Retrieves the current policy for a given kind of TEE.

az attestation show

Gets the status of an attestation.

az attestation signer

Manage the trusted policy signers.

az attestation signer add

Adds a new attestation policy certificate to the set of policy management certificates.

az attestation signer list

Retrieves the set of certificates used to express policy for the current tenant.

az attestation signer remove

Removes the specified policy management certificate. Note that the final policy management certificate cannot be removed.

az attestation create

Creates or updates an attestation.

az attestation create --name
                      --resource-group
                      [--attestation-policy]
                      [--certs-input-path]
                      [--location]
                      [--tags]

Examples

Create or update an attestation

az attestation create --name "myattestationprovider" --resource-group "MyResourceGroup" \
  --location "eastus2" --tags aKey=aValue anotherKey=anotherValue \
  --attestation-policy "SgxDisableDebugMode" --certs-input-path "./policySigningCerts.pem"

Required Parameters

--name -n

Name of the attestation service.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--attestation-policy

Name of attestation policy.

--certs-input-path

The path to the policy signing certificates PEM file.

--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.

--tags

Space-separated tags: key[=value] [key[=value] ...]. Use "" to clear existing tags.

az attestation delete

Deletes an attestation.

az attestation delete --name
                      --resource-group
                      [--yes]

Examples

Delete an attestation

az attestation delete --name "myattestationprovider" --resource-group "MyResourceGroup"

Required Parameters

--name -n

Name of the attestation service.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--yes -y

Do not prompt for confirmation.

az attestation list

Returns a list of attestation in a subscription or resource group.

az attestation list [--resource-group]

Examples

List all attestations in a subscription

az attestation list

List all attestations in a resource group

az attestation list --resource-group "MyResourceGroup"

Optional Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

az attestation show

Gets the status of an attestation.

az attestation show --name
                    --resource-group

Examples

Get details for an attestation in a subscription

az attestation show --name "myattestationprovider" --resource-group "MyResourceGroup"

Required Parameters

--name -n

Name of the attestation service instance.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.