az network vnet subnet

Manage subnets in an Azure Virtual Network.

To learn more about subnets visit https://docs.microsoft.com/azure/virtual-network/virtual-network-manage-subnet.

Commands

az network vnet subnet create

Create a subnet and associate an existing NSG and route table.

az network vnet subnet delete

Delete a subnet.

az network vnet subnet list

List the subnets in a virtual network.

az network vnet subnet list-available-delegations

List the services available for subnet delegation.

az network vnet subnet show

Show details of a subnet.

az network vnet subnet update

Update a subnet.

az network vnet subnet create

Create a subnet and associate an existing NSG and route table.

az network vnet subnet create --address-prefixes
                              --name
                              --resource-group
                              --vnet-name
                              [--defer]
                              [--delegations]
                              [--disable-private-endpoint-network-policies {false, true}]
                              [--disable-private-link-service-network-policies {false, true}]
                              [--nat-gateway]
                              [--network-security-group]
                              [--route-table]
                              [--service-endpoint-policy]
                              [--service-endpoints]
                              [--subscription]

Examples

Create new subnet attached to an NSG with a custom route table.

az network vnet subnet create -g MyResourceGroup --vnet-name MyVnet -n MySubnet \
    --address-prefixes 10.0.0.0/24 --network-security-group MyNsg --route-table MyRouteTable

Create new subnet attached to a NAT gateway.

az network vnet subnet create -n MySubnet --vnet-name MyVnet -g MyResourceGroup --nat-gateway MyNatGateway --address-prefixes "10.0.0.0/21"

Required Parameters

--address-prefixes

Space-separated list of address prefixes in CIDR format.

--name -n

The subnet name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--vnet-name

The virtual network (VNet) name.

Optional Parameters

--defer

Temporarily store the object in the local cache instead of sending to Azure. Use az cache commands to view/clear.

--delegations

Space-separated list of services to whom the subnet should be delegated. (e.g. Microsoft.Sql/servers).

--disable-private-endpoint-network-policies

Disable private endpoint network policies on the subnet.

accepted values: false, true
--disable-private-link-service-network-policies

Disable private link service network policies on the subnet.

accepted values: false, true
--nat-gateway

Attach Nat Gateway to subnet.

--network-security-group --nsg

Name or ID of a network security group (NSG).

--route-table

Name or ID of a route table to associate with the subnet.

--service-endpoint-policy

Space-separated list of names or IDs of service endpoint policies to apply.

--service-endpoints

Space-separated list of services allowed private access to this subnet.

value from: az network vnet list-endpoint-services
--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

az network vnet subnet delete

Delete a subnet.

az network vnet subnet delete [--ids]
                              [--name]
                              [--resource-group]
                              [--subscription]
                              [--vnet-name]

Examples

Delete a subnet.

az network vnet subnet delete -g MyResourceGroup -n MySubnet

Delete a subnet. (autogenerated)

az network vnet subnet delete --name MySubnet --resource-group MyResourceGroup --vnet-name MyVnet

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

The subnet name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--vnet-name

The virtual network (VNet) name.

az network vnet subnet list

List the subnets in a virtual network.

az network vnet subnet list --resource-group
                            --vnet-name
                            [--query-examples]
                            [--subscription]

Examples

List the subnets in a virtual network.

az network vnet subnet list -g MyResourceGroup --vnet-name MyVNet

Required Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--vnet-name

The virtual network (VNet) name.

Optional Parameters

--query-examples

Recommend JMESPath string for you. You can copy one of the query and paste it after --query parameter within double quotation marks to see the results. You can add one or more positional keywords so that we can give suggestions based on these key words.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

az network vnet subnet list-available-delegations

List the services available for subnet delegation.

az network vnet subnet list-available-delegations [--location]
                                                  [--resource-group]
                                                  [--subscription]

Examples

Retrieve the service names for available delegations in the West US region.

az network vnet subnet list-available-delegations -l westus --query [].serviceName

List the services available for subnet delegation. (autogenerated)

az network vnet subnet list-available-delegations --resource-group MyResourceGroup

Optional Parameters

--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

az network vnet subnet show

Show details of a subnet.

az network vnet subnet show [--expand]
                            [--ids]
                            [--name]
                            [--query-examples]
                            [--resource-group]
                            [--subscription]
                            [--vnet-name]

Examples

Show the details of a subnet associated with a virtual network.

az network vnet subnet show -g MyResourceGroup -n MySubnet --vnet-name MyVNet

Optional Parameters

--expand

Expands referenced resources.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

The subnet name.

--query-examples

Recommend JMESPath string for you. You can copy one of the query and paste it after --query parameter within double quotation marks to see the results. You can add one or more positional keywords so that we can give suggestions based on these key words.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--vnet-name

The virtual network (VNet) name.

az network vnet subnet update

Update a subnet.

az network vnet subnet update [--add]
                              [--address-prefixes]
                              [--delegations]
                              [--disable-private-endpoint-network-policies {false, true}]
                              [--disable-private-link-service-network-policies {false, true}]
                              [--force-string]
                              [--ids]
                              [--name]
                              [--nat-gateway]
                              [--network-security-group]
                              [--remove]
                              [--resource-group]
                              [--route-table]
                              [--service-endpoint-policy]
                              [--service-endpoints]
                              [--set]
                              [--subscription]
                              [--vnet-name]

Examples

Associate a network security group to a subnet.

az network vnet subnet update -g MyResourceGroup -n MySubnet --vnet-name MyVNet --network-security-group MyNsg

Update subnet with NAT gateway.

az network vnet subnet update -n MySubnet --vnet-name MyVnet -g MyResourceGroup --nat-gateway MyNatGateway --address-prefixes "10.0.0.0/21"

Disable the private endpoint network policies

az network vnet subnet update -n MySubnet --vnet-name MyVnet -g MyResourceGroup --disable-private-endpoint-network-policies

Optional Parameters

--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.

--address-prefixes

Space-separated list of address prefixes in CIDR format.

--delegations

Space-separated list of services to whom the subnet should be delegated. (e.g. Microsoft.Sql/servers).

--disable-private-endpoint-network-policies

Disable private endpoint network policies on the subnet.

accepted values: false, true
--disable-private-link-service-network-policies

Disable private link service network policies on the subnet.

accepted values: false, true
--force-string

When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

The subnet name.

--nat-gateway

Attach Nat Gateway to subnet.

--network-security-group --nsg

Name or ID of a network security group (NSG). Use empty string ""('""' in PowerShell) to detach it.

--remove

Remove a property or an element from a list. Example: --remove property.list OR --remove propertyToRemove.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--route-table

Name or ID of a route table to associate with the subnet. Use empty string ""('""' in PowerShell) to detach it. You can also append "--remove routeTable" in "az network vnet subnet update" to detach it.

--service-endpoint-policy

Space-separated list of names or IDs of service endpoint policies to apply.

--service-endpoints

Space-separated list of services allowed private access to this subnet.

value from: az network vnet list-endpoint-services
--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--vnet-name

The virtual network (VNet) name.