Merge pull request #275310 from schaffererin/updateparams3

prmerger-automator[bot] · web-flow · commit 974a47f49663 · 2024-05-13T22:34:28.000Z
Updated command parameters with long-form formatting
diff --git a/articles/aks/access-control-managed-azure-ad.md b/articles/aks/access-control-managed-azure-ad.md
@@ -95,7 +95,7 @@ When you integrate Microsoft Entra ID with your AKS cluster, you can use [Condit
 6. Create the AKS cluster with AKS-managed Microsoft Entra integration using the [`az aks create`][az-aks-create] command with the `--aad-admin-group-objects-ids` and `--aad-tenant-id parameters` and include the values noted in the steps earlier.
 
     ```azurecli-interactive
-    az aks create -g myResourceGroup -n myManagedCluster --enable-aad --aad-admin-group-object-ids <object-id> --aad-tenant-id <tenant-id>
+    az aks create --resource-group myResourceGroup --name myManagedCluster --enable-aad --aad-admin-group-object-ids <object-id> --aad-tenant-id <tenant-id>
     ```
 
 7. In the Azure portal, select **Activity** > **Privileged Access (Preview)** > **Enable Privileged Access**.
diff --git a/articles/aks/enable-authentication-microsoft-entra-id.md b/articles/aks/enable-authentication-microsoft-entra-id.md
@@ -54,7 +54,7 @@ The following requirements need to be met in order to properly install the AKS a
 2. Create an AKS cluster and enable administration access for your Microsoft Entra group using the [`az aks create`][az-aks-create] command.
 
     ```azurecli-interactive
-    az aks create -g myResourceGroup -n myManagedCluster --enable-aad --aad-admin-group-object-ids <id> [--aad-tenant-id <id>]
+    az aks create --resource-group myResourceGroup --name myManagedCluster --enable-aad --aad-admin-group-object-ids <id> [--aad-tenant-id <id>]
     ```
 
     A successful creation of an AKS-managed Microsoft Entra ID cluster has the following section in the response body:
@@ -77,7 +77,7 @@ The following requirements need to be met in order to properly install the AKS a
 Enable AKS-managed Microsoft Entra integration on your existing Kubernetes RBAC enabled cluster using the [`az aks update`][az-aks-update] command. Make sure to set your admin group to keep access on your cluster.
 
 ```azurecli-interactive
-az aks update -g MyResourceGroup -n myManagedCluster --enable-aad --aad-admin-group-object-ids <id-1>,<id-2> [--aad-tenant-id <id>]
+az aks update --resource-group MyResourceGroup --name myManagedCluster --enable-aad --aad-admin-group-object-ids <id-1>,<id-2> [--aad-tenant-id <id>]
 ```
 
 A successful activation of an AKS-managed Microsoft Entra ID cluster has the following section in the response body:
@@ -106,7 +106,7 @@ If your cluster uses legacy Microsoft Entra integration, you can upgrade to AKS-
 > After the upgrade, the kubeconfig content changes. You need to run `az aks get-credentials --resource-group <AKS resource group name> --name <AKS cluster name>` to merge the new credentials into the kubeconfig file. 
 
 ```azurecli-interactive
-az aks update -g myResourceGroup -n myManagedCluster --enable-aad --aad-admin-group-object-ids <id> [--aad-tenant-id <id>]
+az aks update --resource-group myResourceGroup --name myManagedCluster --enable-aad --aad-admin-group-object-ids <id> [--aad-tenant-id <id>]
 ```
 
 A successful migration of an AKS-managed Microsoft Entra ID cluster has the following section in the response body:
diff --git a/articles/aks/manage-azure-rbac.md b/articles/aks/manage-azure-rbac.md
@@ -39,7 +39,7 @@ az group create --name myResourceGroup --location westus2
 Create an AKS cluster with managed Microsoft Entra integration and Azure RBAC for Kubernetes Authorization using the [`az aks create`][az-aks-create] command.
 
 ```azurecli-interactive
-az aks create -g myResourceGroup -n myManagedCluster --enable-aad --enable-azure-rbac
+az aks create --resource-group myResourceGroup --name myManagedCluster --enable-aad --enable-azure-rbac
 ```
 
 The output will look similar to the following example output:
@@ -61,15 +61,15 @@ The output will look similar to the following example output:
 Add Azure RBAC for Kubernetes Authorization into an existing AKS cluster using the [`az aks update`][az-aks-update] command with the `enable-azure-rbac` flag.
 
 ```azurecli-interactive
-az aks update -g myResourceGroup -n myAKSCluster --enable-azure-rbac
+az aks update --resource-group myResourceGroup --name myAKSCluster --enable-azure-rbac
 ```
 
 ## Disable Azure RBAC for Kubernetes Authorization from an AKS cluster
 
 Remove Azure RBAC for Kubernetes Authorization from an existing AKS cluster using the [`az aks update`][az-aks-update] command with the `disable-azure-rbac` flag.
 
 ```azurecli-interactive
-az aks update -g myResourceGroup -n myAKSCluster --disable-azure-rbac
+az aks update --resource-group myResourceGroup --name myAKSCluster --disable-azure-rbac
 ```
 
 ## Create role assignments for users to access the cluster
@@ -88,7 +88,7 @@ Roles assignments scoped to the **entire AKS cluster** can be done either on the
 Get your AKS resource ID using the [`az aks show`][az-aks-show] command.
 
 ```azurecli
-AKS_ID=$(az aks show -g myResourceGroup -n myManagedCluster --query id -o tsv)
+AKS_ID=$(az aks show --resource-group myResourceGroup --name myManagedCluster --query id -o tsv)
 ```
 
 Create a role assignment using the [`az role assignment create`][az-role-assignment-create] command. `<AAD-ENTITY-ID>` can be a username or the client ID of a service principal.
@@ -150,7 +150,7 @@ az role assignment create --role "AKS Deployment Reader" --assignee <AAD-ENTITY-
 Make sure you have the [Azure Kubernetes Service Cluster User](../role-based-access-control/built-in-roles.md#azure-kubernetes-service-cluster-user-role) built-in role, and then get the kubeconfig of your AKS cluster using the [`az aks get-credentials`][az-aks-get-credentials] command.
 
 ```azurecli-interactive
-az aks get-credentials -g myResourceGroup -n myManagedCluster
+az aks get-credentials --resource-group myResourceGroup --name myManagedCluster
 ```
 
 Now, you can use `kubectl` manage your cluster. For example, you can list the nodes in your cluster using `kubectl get nodes`. The first time you run it, you'll need to sign in, as shown in the following example:
@@ -203,13 +203,13 @@ az role assignment delete --ids <LIST OF ASSIGNMENT IDS>
 ### Delete role definition
 
 ```azurecli-interactive
-az role definition delete -n "AKS Deployment Reader"
+az role definition delete --name "AKS Deployment Reader"
 ```
 
 ### Delete resource group and AKS cluster
 
 ```azurecli-interactive
-az group delete -n myResourceGroup
+az group delete --name myResourceGroup
 ```
 
 ## Next steps
diff --git a/articles/aks/manage-local-accounts-managed-azure-ad.md b/articles/aks/manage-local-accounts-managed-azure-ad.md
@@ -33,7 +33,7 @@ You can disable local accounts using the parameter `disable-local-accounts`. The
 1. Create a new AKS cluster without any local accounts using the [`az aks create`][az-aks-create] command with the `disable-local-accounts` flag.
 
     ```azurecli-interactive
-    az aks create -g <resource-group> -n <cluster-name> --enable-aad --aad-admin-group-object-ids <aad-group-id> --disable-local-accounts
+    az aks create --resource-group <resource-group> --name <cluster-name> --enable-aad --aad-admin-group-object-ids <aad-group-id> --disable-local-accounts
     ```
 
 2. In the output, confirm local accounts are disabled by checking that the field `properties.disableLocalAccounts` is set to `true`.
@@ -63,7 +63,7 @@ You can disable local accounts using the parameter `disable-local-accounts`. The
 1. Disable local accounts on an existing Microsoft Entra integration enabled AKS cluster using the [`az aks update`][az-aks-update] command with the `disable-local-accounts` parameter.
 
     ```azurecli-interactive
-    az aks update -g <resource-group> -n <cluster-name> --disable-local-accounts
+    az aks update --resource-group <resource-group> --name <cluster-name> --disable-local-accounts
     ```
 
 2. In the output, confirm local accounts are disabled by checking that the field `properties.disableLocalAccounts` is set to `true`.
@@ -93,7 +93,7 @@ You can disable local accounts using the parameter `disable-local-accounts`. The
 1. Re-enable a disabled local account on an existing cluster using the [`az aks update`][az-aks-update] command with the `enable-local-accounts` parameter.
 
     ```azurecli-interactive
-    az aks update -g <resource-group> -n <cluster-name> --enable-local-accounts
+    az aks update --resource-group <resource-group> --name <cluster-name> --enable-local-accounts
     ```
 
 2. In the output, confirm local accounts are re-enabled by checking that the field `properties.disableLocalAccounts` is set to `false`.
diff --git a/articles/aks/use-azure-ad-pod-identity.md b/articles/aks/use-azure-ad-pod-identity.md
@@ -91,7 +91,7 @@ Create an AKS cluster with Azure CNI and pod-managed identity enabled. The follo
 
 ```azurecli-interactive
 az group create --name myResourceGroup --location eastus
-az aks create -g myResourceGroup -n myAKSCluster --enable-pod-identity --network-plugin azure
+az aks create --resource-group myResourceGroup --name myAKSCluster --enable-pod-identity --network-plugin azure
 ```
 
 Use [az aks get-credentials][az-aks-get-credentials] to sign in to your AKS cluster. This command also downloads and configures the `kubectl` client certificate on your development computer.
@@ -108,7 +108,7 @@ az aks get-credentials --resource-group myResourceGroup --name myAKSCluster
 Update an existing AKS cluster with Azure CNI to include pod-managed identity.
 
 ```azurecli-interactive
-az aks update -g $MY_RESOURCE_GROUP -n $MY_CLUSTER --enable-pod-identity
+az aks update --resource-group $MY_RESOURCE_GROUP --name $MY_CLUSTER --enable-pod-identity
 ```
 
 <a name='using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities'></a>
@@ -155,15 +155,15 @@ spec:
 Create an AKS cluster with Kubenet network plugin and pod-managed identity enabled.
 
 ```azurecli-interactive
-az aks create -g $MY_RESOURCE_GROUP -n $MY_CLUSTER --enable-pod-identity --enable-pod-identity-with-kubenet
+az aks create --resource-group $MY_RESOURCE_GROUP --name $MY_CLUSTER --enable-pod-identity --enable-pod-identity-with-kubenet
 ```
 
 ## Update an existing AKS cluster with Kubenet network plugin
 
 Update an existing AKS cluster with Kubenet network plugin to include pod-managed identity.
 
 ```azurecli-interactive
-az aks update -g $MY_RESOURCE_GROUP -n $MY_CLUSTER --enable-pod-identity --enable-pod-identity-with-kubenet
+az aks update --resource-group $MY_RESOURCE_GROUP --name $MY_CLUSTER --enable-pod-identity --enable-pod-identity-with-kubenet
 ```
 
 ## Create an identity
@@ -178,8 +178,8 @@ az group create --name myIdentityResourceGroup --location eastus
 export IDENTITY_RESOURCE_GROUP="myIdentityResourceGroup"
 export IDENTITY_NAME="application-identity"
 az identity create --resource-group ${IDENTITY_RESOURCE_GROUP} --name ${IDENTITY_NAME}
-export IDENTITY_CLIENT_ID="$(az identity show -g ${IDENTITY_RESOURCE_GROUP} -n ${IDENTITY_NAME} --query clientId -otsv)"
-export IDENTITY_RESOURCE_ID="$(az identity show -g ${IDENTITY_RESOURCE_GROUP} -n ${IDENTITY_NAME} --query id -otsv)"
+export IDENTITY_CLIENT_ID="$(az identity show --resource-group ${IDENTITY_RESOURCE_GROUP} --name ${IDENTITY_NAME} --query clientId -o tsv)"
+export IDENTITY_RESOURCE_ID="$(az identity show --resource-group ${IDENTITY_RESOURCE_GROUP} --name ${IDENTITY_NAME} --query id -o tsv)"
 ```
 
 ## Assign permissions for the managed identity
@@ -190,10 +190,10 @@ To run the demo, the *IDENTITY_CLIENT_ID* managed identity must have Virtual Mac
 
 ```azurecli-interactive
 # Obtain the name of the resource group containing the Virtual Machine Scale set of your AKS cluster, commonly called the node resource group
-NODE_GROUP=$(az aks show -g myResourceGroup -n myAKSCluster --query nodeResourceGroup -o tsv)
+NODE_GROUP=$(az aks show --resource-group myResourceGroup --name myAKSCluster --query nodeResourceGroup -o tsv)
 
 # Obtain the id of the node resource group 
-NODES_RESOURCE_ID=$(az group show -n $NODE_GROUP -o tsv --query "id")
+NODES_RESOURCE_ID=$(az group show --name $NODE_GROUP -o tsv --query "id")
 
 # Create a role assignment granting your managed identity permissions on the node resource group
 az role assignment create --role "Virtual Machine Contributor" --assignee "$IDENTITY_CLIENT_ID" --scope $NODES_RESOURCE_ID
@@ -334,7 +334,7 @@ az aks pod-identity delete --name ${POD_IDENTITY_NAME} --namespace ${POD_IDENTIT
 ```
 
 ```azurecli
-az identity delete -g ${IDENTITY_RESOURCE_GROUP} -n ${IDENTITY_NAME}
+az identity delete --resource-group ${IDENTITY_RESOURCE_GROUP} --name ${IDENTITY_NAME}
 ```
 
 ```azurecli
diff --git a/articles/aks/use-azure-dedicated-hosts.md b/articles/aks/use-azure-dedicated-hosts.md
@@ -37,7 +37,7 @@ The following limitations apply when you integrate Azure Dedicated Host with Azu
 Not all host SKUs are available in all regions, and availability zones. You can list host availability, and any offer restrictions before you start provisioning dedicated hosts.
 
 ```azurecli-interactive
-az vm list-skus -l eastus  -r hostGroups/hosts  -o table
+az vm list-skus --location eastus --resource-type hostGroups/hosts  -o table
 ```
 
 > [!NOTE]
@@ -49,7 +49,7 @@ az vm list-skus -l eastus  -r hostGroups/hosts  -o table
 Evaluate [host utilization][host-utilization-evaluate] to determine the number of allocatable VMs by size before you deploy.
 
 ```azurecli-interactive
-az vm host get-instance-view -g myDHResourceGroup --host-group MyHostGroup --name MyHost
+az vm host get-instance-view --resource-group myDHResourceGroup --host-group MyHostGroup --name MyHost
 ```
 
 ## Add a Dedicated Host Group to an AKS cluster
@@ -76,8 +76,8 @@ In this example, we'll use [az vm host group create][az-vm-host-group-create] to
 ```azurecli-interactive
 az vm host group create \
 --name myHostGroup \
--g myDHResourceGroup \
--z 1 \
+--resource-group myDHResourceGroup \
+--zone 1 \
 --platform-fault-domain-count 1 \
 --automatic-placement true
 ```
@@ -94,7 +94,7 @@ az vm host create \
 --name myHost \
 --sku DSv3-Type1 \
 --platform-fault-domain 1 \
--g myDHResourceGroup
+--resource-group myDHResourceGroup
 ```
 
 ## Use a user-assigned Identity
@@ -106,7 +106,7 @@ az vm host create \
 First, create a Managed Identity
 
 ```azurecli-interactive
-az identity create -g <Resource Group> -n <Managed Identity name>
+az identity create --resource-group <Resource Group> --name <Managed Identity name>
 ```
 
 Assign Managed Identity
@@ -120,7 +120,7 @@ az role assignment create --assignee <id> --role "Contributor" --scope <Resource
 Create an AKS cluster, and add the Host Group you just configured.
 
 ```azurecli-interactive
-az aks create -g MyResourceGroup -n MyManagedCluster --location eastus --nodepool-name agentpool1 --node-count 1 --host-group-id <id> --node-vm-size Standard_D2s_v3 --enable-managed-identity --assign-identity <id>
+az aks create --resource-group MyResourceGroup --name MyManagedCluster --location eastus --nodepool-name agentpool1 --node-count 1 --host-group-id <id> --node-vm-size Standard_D2s_v3 --enable-managed-identity --assign-identity <id>
 ```
 
 ## Add a Dedicated Host Node Pool to an existing AKS cluster
diff --git a/articles/aks/workload-identity-deploy-cluster.md b/articles/aks/workload-identity-deploy-cluster.md
@@ -52,7 +52,7 @@ export FEDERATED_IDENTITY_CREDENTIAL_NAME="myFedIdentity"
 Create an AKS cluster using the [az aks create][az-aks-create] command with the `--enable-oidc-issuer` parameter to use the OIDC Issuer. The following example creates a cluster named *myAKSCluster* with one node in the *myResourceGroup*:
 
 ```azurecli-interactive
-az aks create -g "${RESOURCE_GROUP}" -n myAKSCluster --enable-oidc-issuer --enable-workload-identity --generate-ssh-keys
+az aks create --resource-group "${RESOURCE_GROUP}" --name myAKSCluster --enable-oidc-issuer --enable-workload-identity --generate-ssh-keys
 ```
 
 After a few minutes, the command completes and returns JSON-formatted information about the cluster.
@@ -65,15 +65,15 @@ After a few minutes, the command completes and returns JSON-formatted informatio
 You can update an AKS cluster using the [az aks update][az aks update] command with the `--enable-oidc-issuer` and the `--enable-workload-identity` parameter to use the OIDC Issuer and enable workload identity. The following example updates a cluster named *myAKSCluster*:
 
 ```azurecli-interactive
-az aks update -g "${RESOURCE_GROUP}" -n myAKSCluster --enable-oidc-issuer --enable-workload-identity
+az aks update --resource-group "${RESOURCE_GROUP}" --name myAKSCluster --enable-oidc-issuer --enable-workload-identity
 ```
 
 ## Retrieve the OIDC Issuer URL
 
-To get the OIDC Issuer URL and save it to an environmental variable, run the following command. Replace the default value for the arguments `-n`, which is the name of the cluster:
+To get the OIDC Issuer URL and save it to an environmental variable, run the following command. Replace the default value for the arguments `--name`, which is the name of the cluster:
 
 ```bash
-export AKS_OIDC_ISSUER="$(az aks show -n myAKSCluster -g "${RESOURCE_GROUP}" --query "oidcIssuerProfile.issuerUrl" -o tsv)"
+export AKS_OIDC_ISSUER="$(az aks show --name myAKSCluster --resource-group "${RESOURCE_GROUP}" --query "oidcIssuerProfile.issuerUrl" -o tsv)"
 ```
 
 The variable should contain the Issuer URL similar to the following example:
@@ -103,7 +103,7 @@ export USER_ASSIGNED_CLIENT_ID="$(az identity show --resource-group "${RESOURCE_
 Create a Kubernetes service account and annotate it with the client ID of the managed identity created in the previous step. Use the [az aks get-credentials][az-aks-get-credentials] command and replace the values for the cluster name and the resource group name.
 
 ```azurecli-interactive
-az aks get-credentials -n myAKSCluster -g "${RESOURCE_GROUP}"
+az aks get-credentials --name myAKSCluster --resource-group "${RESOURCE_GROUP}"
 ```
 
 Copy and paste the following multi-line input in the Azure CLI.
@@ -195,7 +195,7 @@ You can retrieve this information using the Azure CLI command: [az keyvault list
 
 3. Export Key Vault URL:
     ```azurecli-interactive
-    export KEYVAULT_URL="$(az keyvault show -g ${KEYVAULT_RESOURCE_GROUP} -n ${KEYVAULT_NAME} --query properties.vaultUri -o tsv)"
+    export KEYVAULT_URL="$(az keyvault show --resource-group ${KEYVAULT_RESOURCE_GROUP} --name ${KEYVAULT_NAME} --query properties.vaultUri -o tsv)"
     ```
 
 4. Deploy a pod that references the service account and Key Vault URL above:
diff --git a/articles/aks/workload-identity-migrate-from-pod-identity.md b/articles/aks/workload-identity-migrate-from-pod-identity.md
@@ -80,7 +80,7 @@ If you don't have a managed identity created and assigned to your pod, perform t
 3. To get the OIDC Issuer URL and save it to an environmental variable, run the following command. Replace the default values for the cluster name and the resource group name.
 
     ```bash
-    export AKS_OIDC_ISSUER="$(az aks show -n myAKSCluster -g myResourceGroup --query "oidcIssuerProfile.issuerUrl" -otsv)"
+    export AKS_OIDC_ISSUER="$(az aks show --name myAKSCluster --resource-group myResourceGroup --query "oidcIssuerProfile.issuerUrl" -o tsv)"
     ```
 
     The variable should contain the Issuer URL similar to the following example:
@@ -96,7 +96,7 @@ If you don't have a managed identity created and assigned to your pod, perform t
 If you don't have a dedicated Kubernetes service account created for this application, perform the following steps to create and then annotate it with the client ID of the managed identity created in the previous step. Use the [az aks get-credentials][az-aks-get-credentials] command and replace the values for the cluster name and the resource group name.
 
 ```azurecli-interactive
-az aks get-credentials -n myAKSCluster -g "${RESOURCE_GROUP}"
+az aks get-credentials --name myAKSCluster --resource-group "${RESOURCE_GROUP}"
 ```
 
 Copy and paste the following multi-line input in the Azure CLI.
