Azure
Cloud integrations are installed from the **Data Sources** page. To configure a cloud integration, go to Settings > Data Sources and click "Add Data Source", select Azure, then in Advanced Settings > Security Capabilities, enable "Automation".
Cloud Services · Azure
Configuration parameters
app_id— Application IDsubscription_id— Default Subscription IDresource_group_name— Default Resource Group Nameazure_ad_endpoint— Azure AD endpointinsecure— Trust any certificate (not secure)proxy— Use system proxy settingstenant_id— Tenant IDcredentials— Client Secret
Commands (126)
-
azure-acr-disable-anonymous-pull-quick-actionDeprecatedDisables anonymous pull access for the Azure Container Registry (ACR), requiring clients to authenticate before pulling images. Deprecated. Use Disable Anonymous Pull for ACR instead. Required permissions: Microsoft.ContainerRegistry/registries/read, Microsoft.ContainerRegistry/registries/write.
-
azure-acr-disable-authentication-as-arm-quick-actionDeprecatedDisables the legacy 'authentication as ARM' feature for the Azure Container Registry (ACR). Deprecated. Use Disable ACR ARM Authentication instead. Required permissions: Microsoft.ContainerRegistry/registries/read, Microsoft.ContainerRegistry/registries/write.
-
azure-acr-disable-public-private-access-quick-actionDeprecatedDisables public network access and content exports for the Azure Container Registry (ACR) to enhance security. Deprecated. Use Disable Public Access & Exports on ACR instead. Required permissions: Microsoft.ContainerRegistry/registries/read, Microsoft.ContainerRegistry/registries/write.
-
azure-acr-updateDeprecatedUpdates a container registry. Deprecated. Use the azure-cr-registry-update command instead. Required permissions: Microsoft.ContainerRegistry/registries/read, Microsoft.ContainerRegistry/registries/write.
-
azure-appservice-webapp-auth-settings-updateUpdates the authentication and authorization settings of an existing Azure Web App. Required permissions: Microsoft.Web/sites/config/read, Microsoft.Web/sites/config/write.
-
azure-appservice-webapp-auth-settings-update-quick-actionEnables App Service Authentication for the web app. Required permissions: Microsoft.Web/sites/config/read, Microsoft.Web/sites/config/write.
-
azure-appservice-webapp-config-disable-remote-debugging-quick-actionDisables remote debugging for the web app to reduce the risk of unauthorized code access. Required permissions: Microsoft.Web/sites/config/read, Microsoft.Web/sites/config/write.
-
azure-appservice-webapp-config-updateUpdates the configuration settings of an existing Azure Web App. Required permissions: Microsoft.Web/sites/config/write, Microsoft.Web/sites/config/read.
-
azure-appservice-webapp-config-update-http2-quick-actionEnables HTTP 2.0 for the web app. Required permissions: Microsoft.Web/sites/config/read, Microsoft.Web/sites/config/write.
-
azure-appservice-webapp-config-update-min-tls-version-quick-actionSets the web app's minimum accepted TLS version to 1.2 to enhance security. Required permissions: Microsoft.Web/sites/config/read, Microsoft.Web/sites/config/write.
-
azure-appservice-webapp-updateUpdates an Azure Web App. The required permissions are: Microsoft.Web/sites/read, Microsoft.Web/sites/write.
-
azure-appservice-webapp-update-quick-actionAssigns a system-assigned managed identity to the web app, enabling secure access to other Azure services without managing credentials. Required permissions: Microsoft.Web/sites/read, Microsoft.Web/sites/write.
-
azure-billing-budgets-listLists configured budgets at the subscription or resource group level. Required permission: Microsoft.Consumption/budgets/read.
-
azure-billing-forecast-listReturns cost forecast for a subscription over a given time range. Required permission: Microsoft.CostManagement/forecast/read.
-
azure-billing-usage-listReturns actual usage and cost details for a given time period, optionally filtered by service name. Required permission: Microsoft.Consumption/usageDetails/read.
-
azure-compute-disk-updateUpdates a disk. Required permissions: Microsoft.Compute/disks/read, Microsoft.Compute/disks/write.
-
azure-compute-disk-update-data-access-ad-quick-actionSets the data access authentication mode for the managed disk to Azure Active Directory. Required permissions: Microsoft.Compute/disks/read, Microsoft.Compute/disks/write.
-
azure-compute-vm-getGets the properties of a given virtual machine. Required Permissions: Microsoft.Compute/virtualMachines/read.
-
azure-compute-vm-listLists all the virtual machines in the specified subscription. Use the next_token argument to view the next page of results. Required Permissions: Microsoft.Compute/virtualMachines/read.
-
azure-compute-vm-power-offPowers off a given virtual machine. Required Permissions: Microsoft.Compute/virtualMachines/poweroff/action.
-
azure-compute-vm-startPowers on a given virtual machine. Required Permissions: Microsoft.Compute/virtualMachines/start/action.
-
azure-cosmos-db-disable-key-quick-actionDisables key-based write access for Cosmos DB metadata to enhance security.
-
azure-cosmos-db-updateDeprecatedUpdates the properties of an existing Azure Cosmos DB database account. Deprecated. Use the azure-cosmosdb-db-account-update command instead. Required permissions: Microsoft.DocumentDB/databaseAccounts/read, Microsoft.DocumentDB/databaseAccounts/write.
-
azure-cosmosdb-db-account-updateUpdates the properties of an existing Azure Cosmos DB database account. The required permissions are: Microsoft.DocumentDB/databaseAccounts/read, Microsoft.DocumentDB/databaseAccounts/write.
-
azure-cr-disable-anonymous-pull-quick-actionDisables anonymous pull access for the Azure Container Registry (ACR), requiring clients to authenticate before pulling images. Required permissions: Microsoft.ContainerRegistry/registries/read, Microsoft.ContainerRegistry/registries/write.
-
azure-cr-disable-authentication-as-arm-quick-actionDisables the legacy 'authentication as ARM' feature for the Azure Container Registry (ACR). Required permissions: Microsoft.ContainerRegistry/registries/read, Microsoft.ContainerRegistry/registries/write.
-
azure-cr-disable-public-private-access-quick-actionDisables public network access and content exports for the Azure Container Registry (ACR) to enhance security.
-
azure-cr-registry-updateUpdates a container registry. Required permissions: Microsoft.ContainerRegistry/registries/read, Microsoft.ContainerRegistry/registries/write.
-
azure-disable-public-n-private-access-vm-disk-quick-actionDisables all public and private network access for the managed disk. Required permissions: Microsoft.Compute/disks/read, Microsoft.Compute/disks/write.
-
azure-disable-public-private-access-vm-disk-quick-actionDeprecatedDisables all public and private network access for a managed disk. Deprecated. Use Disable Public and Private Access to VM Disk instead. Required permissions: Microsoft.Compute/disks/read, Microsoft.Compute/disks/write.
-
azure-disk-set-data-access-ad-quick-actionDeprecatedSets the data access authentication mode for the managed disk to Azure Active Directory. Deprecated. Use Set Disk Data Access to Azure AD instead. Required permissions: Microsoft.Compute/disks/read, Microsoft.Compute/disks/write.
-
azure-disk-updateDeprecatedUpdates a disk. Deprecated. Use the azure-compute-disk-update command instead. Required permissions: Microsoft.Compute/disks/read, Microsoft.Compute/disks/write.
-
azure-function-app-set-min-tls-version-quick-actionDeprecatedSets the Function App's minimum accepted TLS version to 1.2 to enhance security. Deprecated. Use Set Web App Minimum TLS Version instead. Required permissions: Microsoft.Web/sites/config/read, Microsoft.Web/sites/config/write.
-
azure-key-vault-purge-and-soft-delete-enable-quick-actionEnables soft delete and purge protection for the Key Vault to prevent the permanent loss of keys and secrets. Note: Once purge-protection and soft-delete is enabled for a key vault, the action is irreversible.
-
azure-key-vault-updateDeprecatedUpdates a key vault in a specific subscription. Deprecated. Use the azure-keyvault-vault-update command instead. Required permissions: Microsoft.KeyVault/vaults/read, Microsoft.KeyVault/vaults/write.
-
azure-keyvault-vault-updateUpdates a key vault in the specified subscription. The required permissions are: Microsoft.KeyVault/vaults/read, Microsoft.KeyVault/vaults/write.
-
azure-monitor-log-profile-updateUpdates a log profile in Azure Monitoring REST API. Required permissions: Microsoft.Insights/logprofiles/read, Microsoft.Insights/logprofiles/write.
-
azure-monitor-log-retention-period-quick-actionSets the log profile’s retention policy to 365 days and enables it across all supported locations. Required permissions: Microsoft.Insights/logprofiles/read, Microsoft.Insights/logprofiles/write.
-
azure-mysql-flexible-server-param-setUpdates a server configuration. Required permissions: Microsoft.DBforMySQL/flexibleServers/configurations/read, Microsoft.DBforMySQL/flexibleServers/configurations/write.
-
azure-mysql-set-secure-transport-quick-actionEnforces secure transport (SSL/TLS) for connections to the MySQL Flexible Server. Required permissions: Microsoft.DBforMySQL/flexibleServers/configurations/read, Microsoft.DBforMySQL/flexibleServers/configurations/write.
-
azure-network-disable-storage-account-access-quick-actionSets the storage account’s default network action to Deny. Only explicitly allowed IPs, subnets, or trusted Azure services will have access. Required permissions: Microsoft.Storage/storageAccounts/read, Microsoft.Storage/storageAccounts/write.
-
azure-nsg-network-interfaces-listDeprecatedGets network interfaces in a resource group. The command is deprecated, please use azure-vn-network-interfaces-list.
-
azure-nsg-public-ip-addresses-listDeprecatedGets public IP addresses in a resource group. The command is deprecated, please use azure-vn-public-ip-addresses-list.
-
azure-nsg-resource-group-listDeprecatedGets all resource groups for a subscription. The command is deprecated, please use azure-rm-resource-groups-list.
-
azure-nsg-security-groups-listDeprecatedLists all network security groups. Deprecated. Use the azure-vn-security-groups-list command instead. Required permission: Microsoft.Network/networkSecurityGroups/read.
-
azure-nsg-security-rule-createDeprecatedCreates a security rule. Deprecated. Use the azure-vn-security-rule-create command instead. Required permissions: Microsoft.Network/networkSecurityGroups/securityRules/read, Microsoft.Network/networkSecurityGroups/securityRules/write.
-
azure-nsg-security-rule-deleteDeprecatedDelete a security rule. The command is deprecated, please use azure-vn-security-rule-delete.
-
azure-nsg-security-rule-delete-quick-actionDeletes a network security group (NSG) rule. Required permission: Microsoft.Network/networkSecurityGroups/securityRules/delete.
-
azure-nsg-security-rule-getDeprecatedRetrieves a specific rule. Deprecated. Use the azure-vn-security-rule-get command instead. Required permission: Microsoft.Network/networkSecurityGroups/securityRules/read.
-
azure-nsg-security-rule-updateDeprecatedUpdates a security rule or creates one if it does not exist. Deprecated. Use the azure-vn-security-rule-update command instead. Required permissions: Microsoft.Network/networkSecurityGroups/securityRules/read, Microsoft.Network/networkSecurityGroups/securityRules/write.
-
azure-nsg-security-rules-listDeprecatedRetrieves all security rules in a network security group. Deprecated. Use the azure-vn-security-rules-list command instead. Required permission: Microsoft.Network/networkSecurityGroups/securityRules/read.
-
azure-policy-assignment-createCreates a policy assignment. Required permission: Microsoft.Authorization/policyAssignments/read, Microsoft.Authorization/policyAssignments/write.
-
azure-policy-assignment-create-quick-actionApplies Microsoft Defender for Cloud built-in recommendations by creating a policy assignment for the SecurityCenterBuiltIn initiative. This sets the following policies to 'AuditIfNotExists': disk encryption monitoring (Windows and Linux), system updates monitoring, and JIT network access monitoring. Rules for adaptive application controls, endpoint protection, and security configuration are excluded. Required permissions: Microsoft.Authorization/policyAssignments/read, Microsoft.Authorization/policyAssignments/write.
-
azure-postgres-config-setDeprecatedUpdates a server configuration. Deprecated due to the retirement of Azure PostgreSQL Single Server. Required permissions: Microsoft.DBforPostgreSQL/servers/configurations/read, Microsoft.DBforPostgreSQL/servers/configurations/write.
-
azure-postgres-config-set-checkpoint-logging-quick-actionDeprecatedEnables checkpoint logging on the PostgreSQL server. Deprecated due to the retirement of Azure PostgreSQL Single Server. Required permissions: Microsoft.DBforPostgreSQL/servers/configurations/read, Microsoft.DBforPostgreSQL/servers/configurations/write.
-
azure-postgres-config-set-connection-throttling-quick-actionDeprecatedEnables connection throttling on the PostgreSQL server to manage log verbosity for concurrent connection queries and errors. Deprecated due to the retirement of Azure PostgreSQL Single Server. Required permissions: Microsoft.DBforPostgreSQL/servers/configurations/read, Microsoft.DBforPostgreSQL/servers/configurations/write.
-
azure-postgres-config-set-disconnection-logging-quick-actionDeprecatedEnables logging client disconnections on the PostgreSQL server. Deprecated due to the retirement of Azure PostgreSQL Single Server. Required permissions: Microsoft.DBforPostgreSQL/servers/configurations/read, Microsoft.DBforPostgreSQL/servers/configurations/write.
-
azure-postgres-config-set-log-retention-period-quick-actionDeprecatedSets the log retention period for the PostgreSQL server to 4 days. NOTE: The recommended log retention period can be from 4 to 7 days. Deprecated due to the retirement of Azure PostgreSQL Single Server. Required permissions: Microsoft.DBforPostgreSQL/servers/configurations/read, Microsoft.DBforPostgreSQL/servers/configurations/write.
-
azure-postgres-config-set-session-connection-logging-quick-actionDeprecatedEnables logging client connections on the PostgreSQL. Deprecated due to the retirement of Azure PostgreSQL Single Server. Required permissions: Microsoft.DBforPostgreSQL/servers/configurations/read, Microsoft.DBforPostgreSQL/servers/configurations/write.
-
azure-postgres-config-set-statement-logging-quick-actionDeprecatedEnables logging statement execution duration on the PostgreSQL server to help with performance analysis. Deprecated due to the retirement of Azure PostgreSQL Single Server. Required permissions: Microsoft.DBforPostgreSQL/servers/configurations/read, Microsoft.DBforPostgreSQL/servers/configurations/write.
-
azure-postgres-server-updateDeprecatedUpdates an existing server. Deprecated due to the retirement of Azure PostgreSQL Single Server. Required permissions: Microsoft.DBforPostgreSQL/servers/read, Microsoft.DBforPostgreSQL/servers/write.
-
azure-postgres-server-update-ssl-enforcement-quick-actionDeprecatedEnforces SSL/TLS connections for the PostgreSQL server to reject unencrypted traffic. Deprecated due to the retirement of Azure PostgreSQL Single Server. Required permissions: Microsoft.DBforPostgreSQL/servers/read, Microsoft.DBforPostgreSQL/servers/write.
-
azure-rm-resource-groups-listGets all resource groups for a subscription. Required Permissions: Microsoft.Resources/subscriptions/resourceGroups/read.
-
azure-set-function-app-http-version2-0-quick-actionDeprecatedEnables HTTP 2.0 for the Function App. Deprecated. Use Set Web App HTTP Version to 2.0 instead. Required permissions: Microsoft.Web/sites/config/read, Microsoft.Web/sites/config/write.
-
azure-set-storage-account-https-only-quick-actionEnforces HTTPS-only traffic for the storage account, rejecting any requests made over HTTP. Required permissions: Microsoft.Storage/storageAccounts/read, Microsoft.Storage/storageAccounts/write.
-
azure-sql-db-threat-policy-updateDeprecatedUpdates the database's threat detection policy. Deprecated. Use the azure-sqldb-security-alert-policy-update command instead. Required permissions: Microsoft.Sql/servers/databases/securityAlertPolicies/read, Microsoft.Sql/servers/databases/securityAlertPolicies/write.
-
azure-sql-db-threat-policy-update-quick-actionEnables email notifications to account administrators for SQL database threat detection alerts.
-
azure-sql-db-transparent-data-encryption-enable-tde-quick-actionEnables Transparent Data Encryption (TDE) for the SQL database to encrypt data at rest.
-
azure-sql-db-transparent-data-encryption-setUpdates a logical database's transparent data encryption configuration. Required permissions: Microsoft.Sql/servers/databases/transparentDataEncryption/read, Microsoft.Sql/servers/databases/transparentDataEncryption/write.
-
azure-sqldb-security-alert-policy-updateUpdates a database's security alert policy. The required permissions are: Microsoft.Sql/servers/databases/securityAlertPolicies/read, Microsoft.Sql/servers/databases/securityAlertPolicies/write.
-
azure-storage-account-updateUpdates a specific account storage. Required permissions: Microsoft.Storage/storageAccounts/read, Microsoft.Storage/storageAccounts/write.
-
azure-storage-allow-access-quick-actionConfigures the storage account's network rules to allow traffic from trusted Azure services. Required permissions: Microsoft.Storage/storageAccounts/read, Microsoft.Storage/storageAccounts/write.
-
azure-storage-blob-container-updateUpdates container properties as specified in request body. Properties not mentioned in the request will be unchanged. Update fails if the specified container doesn't already exist. Required permissions: Microsoft.Storage/storageAccounts/blobServices/containers/write.
-
azure-storage-blob-containers-updateDeprecatedRun this command to update a specific blob container. The command is deprecated, please use azure-storage-blob-container-update.
-
azure-storage-blob-createCreate a new Blob under the specified Container. Required permissions: Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write.
-
azure-storage-blob-enable-soft-delete-quick-actionDeprecatedEnables blob soft delete for the storage account to retain deleted blobs for 30 days. The quick action is now deprecated, please use Enable Blob Soft Deletion. Required permissions: Microsoft.Storage/storageAccounts/blobServices/read, Microsoft.Storage/storageAccounts/blobServices/write.
-
azure-storage-blob-getRetrieve a Blob from a Container. Required permissions: Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read.
-
azure-storage-blob-property-getRetrieve Blob properties. Required Permissions: Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read.
-
azure-storage-blob-property-setSet Blob properties. Required permissions: Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write.
-
azure-storage-blob-service-properties-getDeprecatedRun this command to get the blob service properties of a specific account storage. The command is deprecated, please use azure-storage-blob-service-property-get.
-
azure-storage-blob-service-properties-setDeprecatedSets properties for the blob service in a specific account storage. The command is deprecated, please use azure-storage-blob-service-property-set.Required permissions: Microsoft.Storage/storageAccounts/blobServices/read, Microsoft.Storage/storageAccounts/blobServices/write.
-
azure-storage-blob-service-property-getRun this command to get the blob service properties of a specific account storage. Required permissions: Microsoft.Storage/storageAccounts/blobServices/read.
-
azure-storage-blob-service-property-setSets properties for the blob service in a specific account storage. Required permissions: Microsoft.Storage/storageAccounts/blobServices/read, Microsoft.Storage/storageAccounts/blobServices/write.
-
azure-storage-blob-soft-deletion-enable-quick-actionEnables blob soft delete for the storage account to retain deleted blobs for 30 days. Required permissions: Microsoft.Storage/storageAccounts/blobServices/read, Microsoft.Storage/storageAccounts/blobServices/write.
-
azure-storage-blob-tag-getRetrieve the tags of the specified Blob. Required Permissions: Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read.
-
azure-storage-blob-tag-setUpdates the tags for the specified Blob. The command can replace the entire tags of the Blob and can be used to remove tags. Required permissions: Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write.
-
azure-storage-container-blob-createDeprecatedCreates a new Blob under the specified Container. Deprecated. Use the azure-storage-blob-create command instead. Required permission: Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write.
-
azure-storage-container-blob-getDeprecatedRetrieves a Blob from a Container. Deprecated. Use the azure-storage-blob-get command instead. Required permission: Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read.
-
azure-storage-container-blob-property-getDeprecatedRetrieves Blob properties. Deprecated. Use the azure-storage-blob-property-get command instead. Required permission: Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read.
-
azure-storage-container-blob-property-setDeprecatedSets Blob properties. Deprecated. Use the azure-storage-blob-property-set command instead. Required permission: Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write.
-
azure-storage-container-blob-tag-getDeprecatedRetrieves the tags of a specific Blob. Deprecated. Use the azure-storage-blob-tag-get command instead. Required permission: Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read.
-
azure-storage-container-blob-tag-setDeprecatedUpdates the tags for a specific Blob. Replaces all existing tags or removes them if none are provided. Deprecated. Use the azure-storage-blob-tag-set command instead. Required permissions: Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read, Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write.
-
azure-storage-container-createCreates a new Container under the specified account. Required permission: Microsoft.Storage/storageAccounts/blobServices/containers/write.
-
azure-storage-container-deleteMarks a specific Container for deletion. The Container and any Blobs contained within it will be deleted during garbage collection. Required permission: Microsoft.Storage/storageAccounts/blobServices/containers/delete.
-
azure-storage-container-property-getRetrieves properties for a specific Container. Required permission: Microsoft.Storage/storageAccounts/blobServices/containers/read.
-
azure-storage-container-public-access-blockBlocks public access to a container. Required permission: Microsoft.Storage/storageAccounts/blobServices/containers/setAcl/action.
-
azure-storage-disable-cross-tenant-replication-quick-actionDisables cross-tenant object replication for the storage account, preventing data from being copied to other Azure AD tenants. Required permissions: Microsoft.Storage/storageAccounts/read, Microsoft.Storage/storageAccounts/write.
-
azure-storage-disable-storage-account-public-access-quick-actionDisables public access to blobs for the storage account, blocking anonymous/public read access to containers and blobs. Required permissions: Microsoft.Storage/storageAccounts/read, Microsoft.Storage/storageAccounts/write.
-
azure-vm-instance-details-getDeprecatedRetrieves the properties of a specific virtual machine. Deprecated. Use the azure-compute-vm-get command instead. Required permission: Microsoft.Compute/virtualMachines/read.
-
azure-vm-instance-power-offDeprecatedPowers off a specific virtual machine. Deprecated. Use the azure-compute-vm-power-off command instead. Required permissions: Microsoft.Compute/virtualMachines/read, Microsoft.Compute/virtualMachines/poweroff/action.
-
azure-vm-instance-startDeprecatedPowers on a specific virtual machine. Deprecated. Use the azure-compute-vm-start command instead. Required permissions: Microsoft.Compute/virtualMachines/read, Microsoft.Compute/virtualMachines/start/action.
-
azure-vm-network-interface-details-getDeprecatedRetrieves the properties of a specific network interface. Deprecated. Use the azure-vn-network-interface-get command instead. Required permission: Microsoft.Network/networkInterfaces/read.
-
azure-vm-public-ip-details-getDeprecatedRetrieves the properties of a specific public IP address. Deprecated. Use the azure-vn-public-ip-address-get command instead. Required permission: Microsoft.Network/publicIPAddresses/read.
-
azure-vn-network-interface-getGets the properties of a given network interface. Required permissions: Microsoft.Network/networkInterfaces/read.
-
azure-vn-network-interface-updateUpdates a network interface. Required Permissions: Microsoft.Network/networkInterfaces/read, Microsoft.Network/networkInterfaces/write, Microsoft.Network/virtualNetworks/subnets/join/action, Microsoft.Network/publicIPAddresses/join/action, Microsoft.Network/networkSecurityGroups/join/action, Microsoft.Network/loadBalancers/backendAddressPools/join/action.
-
azure-vn-network-interfaces-listGets network interfaces in a resource group. Required permissions: Microsoft.Network/networkInterfaces/read.
-
azure-vn-public-ip-address-getGets the properties of a given public IP address. Permissions required: Microsoft.Network/publicIPAddresses/read.
-
azure-vn-public-ip-addresses-listGets public IP addresses in a resource group. Required permissions: Microsoft.Network/publicIPAddresses/read.
-
azure-vn-security-group-createCreates a network security group. Required Permissions: Microsoft.Network/networkSecurityGroups/write.
-
azure-vn-security-groups-listList all network security groups. Required permissions: Microsoft.Network/networkSecurityGroups/read.
-
azure-vn-security-rule-createCreate a security rule. Required permissions: Microsoft.Network/networkSecurityGroups/securityRules/read, Microsoft.Network/networkSecurityGroups/securityRules/write.
-
azure-vn-security-rule-deleteDelete a security rule. Required permissions: Microsoft.Network/networkSecurityGroups/securityRules/delete.
-
azure-vn-security-rule-getGet a specific rule. Required permissions: Microsoft.Network/networkSecurityGroups/securityRules/read.
-
azure-vn-security-rule-updateUpdate a security rule. If one does not exist, it will be created. Required permissions: Microsoft.Network/networkSecurityGroups/securityRules/read, Microsoft.Network/networkSecurityGroups/securityRules/write.
-
azure-vn-security-rules-listGets all security rules in a network security group. Required permissions: Microsoft.Network/networkSecurityGroups/securityRules/read.
-
azure-webapp-assign-managed-identity-quick-actionDeprecatedAssigns a system managed identity to the web app, enabling secure access to other Azure services without managing credentials. Deprecated. Use Assign Web App Managed Identity instead. Required permission: Microsoft.Web/sites/read, Microsoft.Web/sites/write.
-
azure-webapp-auth-updateDeprecatedUpdates the authentication and authorization settings of an existing Azure Web App. Deprecated. Use the azure-appservice-webapp-auth-settings-update command instead. Required permissions: Microsoft.Web/sites/config/read, Microsoft.Web/sites/config/write.
-
azure-webapp-auth-update-quick-actionDeprecatedEnables App Service Authentication for the web app. Deprecated. Use Enable Azure App Service Authentication instead. Required permissions: Microsoft.Web/sites/config/read, Microsoft.Web/sites/config/write.
-
azure-webapp-config-setDeprecatedUpdates the configuration settings of an existing Azure Web App. Deprecated. Use the azure-appservice-webapp-config-update command instead. Required permissions: Microsoft.Web/sites/config/read, Microsoft.Web/sites/config/write.
-
azure-webapp-disable-remote-debugging-quick-actionDeprecatedDisables remote debugging for the web app to reduce the risk of unauthorized code access. Deprecated. Use Disable Remote Debugging on Web App instead. Required permissions: Microsoft.Web/sites/config/read, Microsoft.Web/sites/config/write.
-
azure-webapp-enable-client-cert-quick-actionEnables client certificate authentication for the App Service to secure incoming requests. Only clients that have a valid certificate will be able to reach the app.
-
azure-webapp-set-http2-quick-actionDeprecatedEnables HTTP 2.0 for the web app. Deprecated. Use Set Web App HTTP Version to 2.0 instead. Required permissions: Microsoft.Web/sites/config/read, Microsoft.Web/sites/config/write.
-
azure-webapp-set-min-tls-version-quick-actionDeprecatedSets the web app's minimum accepted TLS version to 1.2 to enhance security. Deprecated. Use Set Web App Minimum TLS Version instead. Required permissions: Microsoft.Web/sites/config/read, Microsoft.Web/sites/config/write.
-
azure-webapp-set-webapp-to-https-only-quick-actionEnforces HTTPS-only traffic for the App Service.
-
azure-webapp-updateDeprecatedUpdates an Azure Web App. Deprecated. Use the azure-appservice-webapp-update command instead. Required permissions: Microsoft.Web/sites/read, Microsoft.Web/sites/write.
-
azure-webapp-update-assign-managed-identity-quick-actionDeprecatedAssigns a system-managed identity to the identified Function App, enabling secure access to Azure services without manual credential management. Deprecated. Use Assign Web App Managed Identity instead. Required permissions: Microsoft.Web/sites/read, Microsoft.Web/sites/write.