Skip to content

feat: carry Foundry agent and resource definitions in azure.yaml#8779

Open
huimiu wants to merge 55 commits into
huimiu/foundry-azure-yamlfrom
hui/foundry-agent-shape-migration
Open

feat: carry Foundry agent and resource definitions in azure.yaml#8779
huimiu wants to merge 55 commits into
huimiu/foundry-azure-yamlfrom
hui/foundry-agent-shape-migration

Conversation

@huimiu

@huimiu huimiu commented Jun 23, 2026
edited
Loading

Copy link
Copy Markdown
Member

Summary

azure.yaml becomes the single source of truth for a Foundry agent and its companion resources. The agent definition moves off disk into the agent's service entry, and every Foundry resource — the project and its model deployments, connections, toolboxes, skills, and routines — becomes a first-class service with a real azd deploy target. Existing projects keep working through legacy fallbacks that emit deprecation signals.

What changed

  • Agent definition lives in azure.yaml. Carried inline on the azure.ai.agent service entry instead of a separate on-disk agent.yaml. init stops writing that file; every agent command (deploy, run, listen, update, endpoint show) reads from the service entry. Projects on the old on-disk shape still load, with a deprecation warning and a telemetry signal.
  • Each Foundry resource is its own deploy target. Model deployments, connections, toolboxes, skills, and routines become sibling host: azure.ai.<kind> entries, each owned by its extension. azd deploy now performs a real upsert per resource (previously placeholders); init writes the entries and wires their provision/deploy order.
  • Connect to an existing project (endpoint:). When a Foundry service sets endpoint:, provisioning is skipped and azd connects to that project instead of creating one.
  • Routine inputs resolve ${VAR} from the azd environment at deploy time, while server-side ${{...}} placeholders are preserved.
  • Schema. The azure.yaml JSON schema (stable + alpha) gains per-host validation for all six Foundry hosts; the legacy single microsoft.foundry host stays accepted so existing projects keep validating.
  • Shared core helpers. The $ref resolver, the azure.yaml edit helper, and the ${VAR} expander move into core (pkg/foundry) so all Foundry extensions share one implementation.
  • Telemetry. A new field flags projects still on the legacy agent shape; the telemetry docs and the coverage test move in lockstep.

Before merge

The connections, routines, and toolboxes extensions temporarily replace the azd core dependency with the in-tree checkout to build against the new pkg/foundry helpers. Remove these directives once the core change lands and bump the published dependency.

huimiu added 24 commits June 12, 2026 17:11
@huimiu
feat(agents): add microsoft.foundry service target for a single hoste…
8c53106 
…d agent
@huimiu
feat: resolve Foundry project from endpoint so deploy runs without pr…
1b8a0ee 
…ovision
@huimiu
fix(agents): expand endpoint vars and use correct error codes in foun…
f3ac0f7 
…dry service target
@huimiu
fix(agents): validate foundry project endpoint to enforce https and r…
d6b04b4 
…eject ports
@huimiu
fix(foundry): persist FOUNDRY_PROJECT_ENDPOINT in endpoint-only flow
4dfe0c2
@huimiu
merge: add Foundry service-target line onto schema base
21439bc
@huimiu
feat: split Foundry init into per-resource azure.yaml services
08fad8d
@huimiu
feat: remove unregistered microsoft.foundry service target
e8737f5
@huimiu
fix: fall back to bundled agent config for pre-split azure.yaml
74b448f
@huimiu
fix: emit ai-project for siblings and detect name collisions
391faf7
@huimiu
fix: drop duplicate provisionToolboxes doc comment
4850744
@huimiu
feat: register foundry resource hosts in agents extension
6112642
@huimiu
feat(agents): always emit ai-project service entry
5f0e7b9
@huimiu
feat: generalize $ref resolver for separate-services azure.yaml
ffb505f
@huimiu
feat: add $ref-aware azure.yaml edit helper for Foundry services
89a5d3a
@huimiu
test: add EntryRef edge-case tests for empty/nil/numeric \
6399807
@huimiu
test: guard substring order assertions
8529134
@huimiu
feat: carry foundry agent definition in azure.yaml
66c22a8
@huimiu
feat: wire foundry commands to inline agent definition
79bcd97
@huimiu
test: cover inline agent definition and migration fallback
d66bb15
@huimiu
docs: document foundry legacy agent shape telemetry field
d83b553
@huimiu
test: drop unused containsAll helper
6f70bac
@huimiu
feat: extract shared foundry ExpandEnv into core pkg/foundry
54f6a75
@huimiu
ci: allowlist example identifiers for cspell
b660ccd
@huimiu huimiu mentioned this pull request Jun 23, 2026
Merged
Base automatically changed from huimiu/foundry-unified-init to huimiu/foundry-azure-yaml June 24, 2026 03:24
jongio
jongio reviewed Jun 24, 2026
View reviewed changes

@jongio jongio left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Solid architectural change. The decomposition of Foundry resources into individual azure.yaml service entries with uses: ordering is well-designed, and the fallback collectors (sibling service wins, bundled agent config is the legacy fallback) are cleanly implemented with good test coverage. A few observations below.

Comment thread cli/azd/extensions/azure.ai.agents/internal/cmd/resource_services.go
Comment thread cli/azd/extensions/azure.ai.skills/internal/cmd/service_target.go
Comment thread cli/azd/extensions/azure.ai.agents/internal/project/agent_definition.go Outdated
Comment thread cli/azd/extensions/azure.ai.agents/internal/cmd/resource_services.go
@github-actions github-actions Bot added the ext-foundry azure.ai.{agents,connections,inspector,projects,routines,skills,toolboxes}, microsoft.foundry label Jun 24, 2026
@github-actions github-actions Bot mentioned this pull request Jun 24, 2026
Open
jongio
jongio reviewed Jun 24, 2026
View reviewed changes

@jongio jongio left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Incremental review (22 commits since last pass at 01463ff). CI is green, overall architecture is clean. The new pkg/foundry package is well-designed: proper cycle detection, depth bounds, error typing, and good test coverage. The resource-service split across per-host extensions is consistent and well-factored.

Prior unresolved items (4 comments from my earlier review remain open with no replies):

  • sanitizeServiceName only strips spaces (resource_services.go:193)
  • Path traversal in resolveSkillInstructions (skills service_target.go:180)
  • Silent yaml.Marshal skip (agent_definition.go:348)
  • Silent empty connName skip (resource_services.go:87)

I won't re-post these, but they still apply to the current HEAD.

New observations on the pkg/foundry package:

  1. ExpandEnv sentinel restoration correctness (templating.go:68-70): The sentinel is guaranteed absent from the input, but env var expansion runs after masking. If an env var resolves to a string containing the sentinel prefix (azdFoundryTemplateSpan_0_), strings.Replace will match it and inject a Foundry span where it doesn't belong. Extremely unlikely in practice, but the correctness invariant ("Foundry expressions are always returned byte-for-byte") is violated in that case. A simple fix: after expansion, verify each placeholder appears exactly once before replacing, or use a sentinel that encodes a random token per call.

  2. looksLikeInstructionsPath heuristic (includes.go:262-268): Inline prose that ends with .md or .txt (e.g., "Follow the steps in README.md") will be incorrectly classified as a file path and rebased. The current check (single-line + suffix) is a reasonable heuristic, but consider also requiring a path separator or ./ prefix, or at least documenting the false-positive risk so authors of $ref'd files know to avoid ambiguous instructions values.

  3. Nil map-value guard (resource_services.go:222-229, 255-261, 287-293): The collectProjectDeployments/collectConnections/collectToolboxes collectors iterate the services map and dereference each value's Host field. If a map ever contains a nil value (unlikely from azd core, but possible from test code or future refactors), this panics. A nil guard in sortedServices would be cheap insurance.

All three are low-to-medium severity. The overall approach is solid; the design of ResolveFileRefs + YAMLDocument as a read/write pair sharing path logic is thoughtful. Ship it once the prior items are addressed.

jongio
jongio reviewed Jun 24, 2026
View reviewed changes

@jongio jongio left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Incremental review (1 commit since last pass at e59e938). The fix commit d6fd4da is clean and well-scoped:

  1. Legacy host restored: microsoft.foundry added to FoundryServiceHosts for backward compat. Tests cover mixed-host ambiguity detection. Schema ref correctly points to /main/...microsoft.foundry.json.

  2. Whitespace endpoint trimming: strings.TrimSpace applied consistently in foundryServiceEndpoint, warnNetworkIgnoredInBrownfield, and the synthesizer's brownfield check. Blank endpoints now correctly trigger greenfield mode. Test added.

  3. Missing brownfield warning: warnNetworkIgnoredInBrownfield was only called on the synthesizer path. Now also called on the on-disk Bicep path when endpoint: is set. Good catch.

No concerns. CI is green for the core pipelines; agents-public build is still pending (expected timing). LGTM on this increment.

@azure-sdk

azure-sdk commented Jun 24, 2026

Copy link
Copy Markdown
Collaborator

Azure Dev CLI Install Instructions

Install scripts

MacOS/Linux

May elevate using sudo on some platforms and configurations

bash:

curl -fsSL https://azuresdkartifacts.z5.web.core.windows.net/azd/standalone/pr/8779/uninstall-azd.sh | bash;
curl -fsSL https://azuresdkartifacts.z5.web.core.windows.net/azd/standalone/pr/8779/install-azd.sh | bash -s -- --base-url https://azuresdkartifacts.z5.web.core.windows.net/azd/standalone/pr/8779 --version '' --verbose --skip-verify

pwsh:

Invoke-RestMethod 'https://azuresdkartifacts.z5.web.core.windows.net/azd/standalone/pr/8779/uninstall-azd.ps1' -OutFile uninstall-azd.ps1; ./uninstall-azd.ps1
Invoke-RestMethod 'https://azuresdkartifacts.z5.web.core.windows.net/azd/standalone/pr/8779/install-azd.ps1' -OutFile install-azd.ps1; ./install-azd.ps1 -BaseUrl 'https://azuresdkartifacts.z5.web.core.windows.net/azd/standalone/pr/8779' -Version '' -SkipVerify -Verbose

Windows

PowerShell install

powershell -c "Set-ExecutionPolicy Bypass Process; irm 'https://azuresdkartifacts.z5.web.core.windows.net/azd/standalone/pr/8779/uninstall-azd.ps1' > uninstall-azd.ps1; ./uninstall-azd.ps1;"
powershell -c "Set-ExecutionPolicy Bypass Process; irm 'https://azuresdkartifacts.z5.web.core.windows.net/azd/standalone/pr/8779/install-azd.ps1' > install-azd.ps1; ./install-azd.ps1 -BaseUrl 'https://azuresdkartifacts.z5.web.core.windows.net/azd/standalone/pr/8779' -Version '' -SkipVerify -Verbose;"

MSI install

powershell -c "irm 'https://azuresdkartifacts.z5.web.core.windows.net/azd/standalone/pr/8779/azd-windows-amd64.msi' -OutFile azd-windows-amd64.msi; msiexec /i azd-windows-amd64.msi /qn"

Standalone Binary

MSI

Documentation

learn.microsoft.com documentation

title: Azure Developer CLI reference
description: This article explains the syntax and parameters for the various Azure Developer CLI commands.
author: alexwolfmsft
ms.author: alexwolf
ms.date: 06/24/2026
ms.service: azure-dev-cli
ms.topic: conceptual
ms.custom: devx-track-azdevcli

Azure Developer CLI reference

This article explains the syntax and parameters for the various Azure Developer CLI commands.

azd

The Azure Developer CLI (azd) is an open-source tool that helps onboard and manage your project on Azure

Options

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
      --docs                 Opens the documentation for azd in your web browser.
  -e, --environment string   The name of the environment to use.
  -h, --help                 Gets help for azd.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

  • azd add: Add a component to your project.
  • azd auth: Authenticate with Azure.
  • azd completion: Generate shell completion scripts.
  • azd config: Manage azd configurations (ex: default Azure subscription, location).
  • azd copilot: Manage GitHub Copilot agent settings. (Preview)
  • azd deploy: Deploy your project code to Azure.
  • azd down: Delete your project's Azure resources.
  • azd env: Manage environments (ex: default environment, environment variables).
  • azd exec: Execute commands and scripts with azd environment context.
  • azd extension: Manage azd extensions.
  • azd hooks: Develop, test and run hooks for a project.
  • azd infra: Manage your Infrastructure as Code (IaC).
  • azd init: Initialize a new application.
  • azd mcp: Manage Model Context Protocol (MCP) server. (Alpha)
  • azd monitor: Monitor a deployed project.
  • azd package: Packages the project's code to be deployed to Azure.
  • azd pipeline: Manage and configure your deployment pipelines.
  • azd provision: Provision Azure resources for your project.
  • azd publish: Publish a service to a container registry.
  • azd restore: Restores the project's dependencies.
  • azd show: Display information about your project and its resources.
  • azd template: Find and view template details.
  • azd tool: Manage Azure development tools.
  • azd up: Provision and deploy your project to Azure with a single command.
  • azd update: Updates azd to the latest version.
  • azd version: Print the version number of Azure Developer CLI.

azd add

Add a component to your project.

azd add [flags]

Options

      --docs   Opens the documentation for azd add in your web browser.
  -h, --help   Gets help for add.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd auth

Authenticate with Azure.

Options

      --docs   Opens the documentation for azd auth in your web browser.
  -h, --help   Gets help for auth.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd auth login

Log in to Azure.

Synopsis

Log in to Azure.

When run without any arguments, log in interactively using a browser. To log in using a device code, pass
--use-device-code.

To log in as a service principal, pass --client-id and --tenant-id as well as one of: --client-secret,
--client-certificate, or --federated-credential-provider.

To log in using a managed identity, pass --managed-identity, which will use the system assigned managed identity.
To use a user assigned managed identity, pass --client-id in addition to --managed-identity with the client id of
the user assigned managed identity you wish to use.

When already logged in, azd automatically clears cached authentication data (such as stale tokens)
before re-authenticating. This ensures a clean login state and prevents issues with expired or
corrupted cached credentials.

azd auth login [flags]

Options

      --check-status                           Checks the log-in status instead of logging in.
      --client-certificate string              The path to the client certificate for the service principal to authenticate with.
      --client-id string                       The client id for the service principal to authenticate with.
      --client-secret string                   The client secret for the service principal to authenticate with. Set to the empty string to read the value from the console.
      --docs                                   Opens the documentation for azd auth login in your web browser.
      --federated-credential-provider string   The provider to use to acquire a federated token to authenticate with. Supported values: github, azure-pipelines, oidc
  -h, --help                                   Gets help for login.
      --managed-identity                       Use a managed identity to authenticate.
      --redirect-port int                      Choose the port to be used as part of the redirect URI during interactive login.
      --tenant-id string                       The tenant id or domain name to authenticate with.
      --use-device-code[=true]                 When true, log in by using a device code instead of a browser.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd auth logout

Log out of Azure.

Synopsis

Log out of Azure

azd auth logout [flags]

Options

      --docs   Opens the documentation for azd auth logout in your web browser.
  -h, --help   Gets help for logout.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd auth status

Show the current authentication status.

Synopsis

Display whether you are logged in to Azure and the associated account information.

azd auth status [flags]

Options

      --docs   Opens the documentation for azd auth status in your web browser.
  -h, --help   Gets help for status.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd completion

Generate shell completion scripts.

Synopsis

Generate shell completion scripts for azd.

The completion command allows you to generate autocompletion scripts for your shell,
currently supports bash, zsh, fish and PowerShell.

See each sub-command's help for details on how to use the generated script.

Options

      --docs   Opens the documentation for azd completion in your web browser.
  -h, --help   Gets help for completion.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd completion bash

Generate bash completion script.

azd completion bash

Options

      --docs   Opens the documentation for azd completion bash in your web browser.
  -h, --help   Gets help for bash.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd completion fig

Generate Fig autocomplete spec.

azd completion fig

Options

      --docs                       Opens the documentation for azd completion fig in your web browser.
  -h, --help                       Gets help for fig.
      --include-help-subcommands   Include subcommands under the help command in the Fig spec

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd completion fish

Generate fish completion script.

azd completion fish

Options

      --docs   Opens the documentation for azd completion fish in your web browser.
  -h, --help   Gets help for fish.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd completion powershell

Generate PowerShell completion script.

azd completion powershell

Options

      --docs   Opens the documentation for azd completion powershell in your web browser.
  -h, --help   Gets help for powershell.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd completion zsh

Generate zsh completion script.

azd completion zsh

Options

      --docs   Opens the documentation for azd completion zsh in your web browser.
  -h, --help   Gets help for zsh.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd config

Manage azd configurations (ex: default Azure subscription, location).

Synopsis

Manage the Azure Developer CLI user configuration, which includes your default Azure subscription and location.

Available since azure-dev-cli_0.4.0-beta.1.

The easiest way to configure azd for the first time is to run azd init. The subscription and location you select will be stored in the config.json file located in the config directory. To configure azd anytime afterwards, you'll use azd config set.

The default value of the config directory is:

  • $HOME/.azd on Linux and macOS
  • %USERPROFILE%.azd on Windows

The configuration directory can be overridden by specifying a path in the AZD_CONFIG_DIR environment variable.

Options

      --docs   Opens the documentation for azd config in your web browser.
  -h, --help   Gets help for config.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd config get

Gets a configuration.

Synopsis

Gets a configuration in the configuration path.

The default value of the config directory is:

  • $HOME/.azd on Linux and macOS
  • %USERPROFILE%\.azd on Windows

The configuration directory can be overridden by specifying a path in the AZD_CONFIG_DIR environment variable.

azd config get <path> [flags]

Options

      --docs   Opens the documentation for azd config get in your web browser.
  -h, --help   Gets help for get.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd config list-alpha

Display the list of available features in alpha stage.

azd config list-alpha [flags]

Options

      --docs   Opens the documentation for azd config list-alpha in your web browser.
  -h, --help   Gets help for list-alpha.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd config options

List all available configuration settings.

Synopsis

List all possible configuration settings that can be set with azd, including descriptions and allowed values.

azd config options [flags]

Options

      --docs   Opens the documentation for azd config options in your web browser.
  -h, --help   Gets help for options.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd config reset

Resets configuration to default.

Synopsis

Resets all configuration in the configuration path.

The default value of the config directory is:

  • $HOME/.azd on Linux and macOS
  • %USERPROFILE%\.azd on Windows

The configuration directory can be overridden by specifying a path in the AZD_CONFIG_DIR environment variable to the default.

azd config reset [flags]

Options

      --docs    Opens the documentation for azd config reset in your web browser.
  -f, --force   Force reset without confirmation.
  -h, --help    Gets help for reset.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd config set

Sets a configuration.

Synopsis

Sets a configuration in the configuration path.

The default value of the config directory is:

  • $HOME/.azd on Linux and macOS
  • %USERPROFILE%\.azd on Windows

The configuration directory can be overridden by specifying a path in the AZD_CONFIG_DIR environment variable.

azd config set <path> <value> [flags]

Examples

azd config set defaults.subscription <yourSubscriptionID>
azd config set defaults.location eastus

Options

      --docs   Opens the documentation for azd config set in your web browser.
  -h, --help   Gets help for set.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd config show

Show all the configuration values.

Synopsis

Show all configuration values in the configuration path.

The default value of the config directory is:

  • $HOME/.azd on Linux and macOS
  • %USERPROFILE%\.azd on Windows

The configuration directory can be overridden by specifying a path in the AZD_CONFIG_DIR environment variable.

azd config show [flags]

Options

      --docs   Opens the documentation for azd config show in your web browser.
  -h, --help   Gets help for show.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd config sub-filter

Manage subscription filters for tenant-scoped subscription prompts.

Synopsis

Manage per-tenant subscription filters that control which subscriptions are shown during interactive prompts.
Filters are stored locally in your user configuration and apply per-device.

Options

      --docs   Opens the documentation for azd config sub-filter in your web browser.
  -h, --help   Gets help for sub-filter.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd config sub-filter remove

Remove a saved subscription filter for a tenant.

Synopsis

Remove the subscription filter for a tenant so that all subscriptions are shown during prompts.

azd config sub-filter remove [flags]

Options

      --docs   Opens the documentation for azd config sub-filter remove in your web browser.
  -h, --help   Gets help for remove.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd config sub-filter set

Set a subscription filter for a tenant.

Synopsis

Select which subscriptions to include when prompted for a subscription under a specific tenant.
If a filter already exists, the previously selected subscriptions are pre-checked.

azd config sub-filter set [flags]

Options

      --docs   Opens the documentation for azd config sub-filter set in your web browser.
  -h, --help   Gets help for set.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd config unset

Unsets a configuration.

Synopsis

Removes a configuration in the configuration path.

The default value of the config directory is:

  • $HOME/.azd on Linux and macOS
  • %USERPROFILE%\.azd on Windows

The configuration directory can be overridden by specifying a path in the AZD_CONFIG_DIR environment variable.

azd config unset <path> [flags]

Examples

azd config unset defaults.location

Options

      --docs   Opens the documentation for azd config unset in your web browser.
  -h, --help   Gets help for unset.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd copilot

Manage GitHub Copilot agent settings. (Preview)

Options

      --docs   Opens the documentation for azd copilot in your web browser.
  -h, --help   Gets help for copilot.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd copilot consent

Manage tool consent.

Synopsis

Manage consent rules for tool execution.

Options

      --docs   Opens the documentation for azd copilot consent in your web browser.
  -h, --help   Gets help for consent.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd copilot consent grant

Grant consent trust rules.

Synopsis

Grant trust rules for tools and servers.

This command creates consent rules that allow tools to execute
without prompting for permission. You can specify different permission
levels and scopes for the rules.

Examples:
Grant always permission to all tools globally
azd copilot consent grant --global --permission always

Grant project permission to a specific tool with read-only scope
azd copilot consent grant --server my-server --tool my-tool --permission project --scope read-only

azd copilot consent grant [flags]

Options

      --action string       Action type: 'all' or 'readonly' (default "all")
      --docs                Opens the documentation for azd copilot consent grant in your web browser.
      --global              Apply globally to all servers
  -h, --help                Gets help for grant.
      --operation string    Operation type: 'tool' or 'sampling' (default "tool")
      --permission string   Permission: 'allow', 'deny', or 'prompt' (default "allow")
      --scope string        Rule scope: 'global', or 'project' (default "global")
      --server string       Server name
      --tool string         Specific tool name (requires --server)

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd copilot consent list

List consent rules.

Synopsis

List all consent rules for tools.

azd copilot consent list [flags]

Options

      --action string       Action type to filter by (all, readonly)
      --docs                Opens the documentation for azd copilot consent list in your web browser.
  -h, --help                Gets help for list.
      --operation string    Operation to filter by (tool, sampling)
      --permission string   Permission to filter by (allow, deny, prompt)
      --scope string        Consent scope to filter by (global, project). If not specified, lists rules from all scopes.
      --target string       Specific target to operate on (server/tool format)

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd copilot consent revoke

Revoke consent rules.

Synopsis

Revoke consent rules for tools.

azd copilot consent revoke [flags]

Options

      --action string       Action type to filter by (all, readonly)
      --docs                Opens the documentation for azd copilot consent revoke in your web browser.
  -h, --help                Gets help for revoke.
      --operation string    Operation to filter by (tool, sampling)
      --permission string   Permission to filter by (allow, deny, prompt)
      --scope string        Consent scope to filter by (global, project). If not specified, revokes rules from all scopes.
      --target string       Specific target to operate on (server/tool format)

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd deploy

Deploy your project code to Azure.

azd deploy <service> [flags]

Options

      --all                   Deploys all services that are listed in azure.yaml
      --docs                  Opens the documentation for azd deploy in your web browser.
  -e, --environment string    The name of the environment to use.
      --from-package string   Deploys the packaged service located at the provided path. Supports zipped file packages (file path) or container images (image tag).
  -h, --help                  Gets help for deploy.
      --timeout int           Maximum time in seconds for azd to wait for each service deployment. This stops azd from waiting but does not cancel the Azure-side deployment. (default: 1200) (default 1200)

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd down

Delete your project's Azure resources.

azd down [<layer>] [flags]

Options

      --docs                 Opens the documentation for azd down in your web browser.
  -e, --environment string   The name of the environment to use.
      --force                Does not require confirmation before it deletes resources.
  -h, --help                 Gets help for down.
      --purge                Does not require confirmation before it permanently deletes resources that are soft-deleted by default (for example, key vaults).

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd env

Manage environments (ex: default environment, environment variables).

Options

      --docs   Opens the documentation for azd env in your web browser.
  -h, --help   Gets help for env.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd env config

Manage environment configuration (ex: stored in .azure/{environment}/config.json).

Options

      --docs   Opens the documentation for azd env config in your web browser.
  -h, --help   Gets help for config.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd env config get

Gets a configuration value from the environment.

Synopsis

Gets a configuration value from the environment's config.json file.

azd env config get <path> [flags]

Options

      --docs                 Opens the documentation for azd env config get in your web browser.
  -e, --environment string   The name of the environment to use.
  -h, --help                 Gets help for get.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd env config set

Sets a configuration value in the environment.

Synopsis

Sets a configuration value in the environment's config.json file.

Values are automatically parsed as JSON types when possible. Booleans (true/false),
numbers (42, 3.14), arrays ([...]), and objects ({...}) are stored with their native
JSON types. Plain text values are stored as strings. To force a JSON-typed value to be
stored as a string, wrap it in JSON quotes (e.g. '"true"' or '"8080"').

azd env config set <path> <value> [flags]

Examples

azd env config set myapp.endpoint https://example.com
azd env config set myapp.debug true
azd env config set myapp.count 42
azd env config set infra.parameters.tags '{"env":"dev"}'
azd env config set myapp.port '"8080"'

Options

      --docs                 Opens the documentation for azd env config set in your web browser.
  -e, --environment string   The name of the environment to use.
  -h, --help                 Gets help for set.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd env config unset

Unsets a configuration value in the environment.

Synopsis

Removes a configuration value from the environment's config.json file.

azd env config unset <path> [flags]

Examples

azd env config unset myapp.endpoint

Options

      --docs                 Opens the documentation for azd env config unset in your web browser.
  -e, --environment string   The name of the environment to use.
  -h, --help                 Gets help for unset.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd env get-value

Get specific environment value.

azd env get-value <keyName> [flags]

Options

      --docs                 Opens the documentation for azd env get-value in your web browser.
  -e, --environment string   The name of the environment to use.
  -h, --help                 Gets help for get-value.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

  • azd env: Manage environments (ex: default environment, environment variables).
  • Back to top

azd env get-values

Get all environment values.

azd env get-values [flags]

Options

      --docs                 Opens the documentation for azd env get-values in your web browser.
  -e, --environment string   The name of the environment to use.
  -h, --help                 Gets help for get-values.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

  • azd env: Manage environments (ex: default environment, environment variables).
  • Back to top

azd env list

List environments.

azd env list [flags]

Options

      --docs   Opens the documentation for azd env list in your web browser.
  -h, --help   Gets help for list.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

  • azd env: Manage environments (ex: default environment, environment variables).
  • Back to top

azd env new

Create a new environment and set it as the default.

azd env new <environment> [flags]

Options

      --docs                  Opens the documentation for azd env new in your web browser.
  -h, --help                  Gets help for new.
  -l, --location string       Azure location for the new environment
      --subscription string   ID of an Azure subscription to use for the new environment

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

  • azd env: Manage environments (ex: default environment, environment variables).
  • Back to top

azd env refresh

Refresh environment values by using information from a previous infrastructure provision.

azd env refresh <environment> [flags]

Options

      --docs                 Opens the documentation for azd env refresh in your web browser.
  -e, --environment string   The name of the environment to use.
  -h, --help                 Gets help for refresh.
      --hint string          Hint to help identify the environment to refresh
      --layer string         Provisioning layer to refresh the environment from.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

  • azd env: Manage environments (ex: default environment, environment variables).
  • Back to top

azd env remove

Remove an environment.

azd env remove <environment> [flags]

Options

      --docs                 Opens the documentation for azd env remove in your web browser.
  -e, --environment string   The name of the environment to use.
      --force                Skips confirmation before performing removal.
  -h, --help                 Gets help for remove.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

  • azd env: Manage environments (ex: default environment, environment variables).
  • Back to top

azd env select

Set the default environment.

azd env select [<environment>] [flags]

Options

      --docs   Opens the documentation for azd env select in your web browser.
  -h, --help   Gets help for select.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

  • azd env: Manage environments (ex: default environment, environment variables).
  • Back to top

azd env set

Set one or more environment values.

Synopsis

Set one or more environment values using key-value pairs or by loading from a .env formatted file.

azd env set [<key> <value>] | [<key>=<value> ...] | [--file <filepath>] [flags]

Options

      --docs                 Opens the documentation for azd env set in your web browser.
  -e, --environment string   The name of the environment to use.
      --file string          Path to .env formatted file to load environment values from.
  -h, --help                 Gets help for set.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

  • azd env: Manage environments (ex: default environment, environment variables).
  • Back to top

azd env set-secret

Set a name as a reference to a Key Vault secret in the environment.

Synopsis

You can either create a new Key Vault secret or select an existing one.
The provided name is the key for the .env file which holds the secret reference to the Key Vault secret.

azd env set-secret <name> [flags]

Options

      --docs                 Opens the documentation for azd env set-secret in your web browser.
  -e, --environment string   The name of the environment to use.
  -h, --help                 Gets help for set-secret.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

  • azd env: Manage environments (ex: default environment, environment variables).
  • Back to top

azd exec

Execute commands and scripts with azd environment context.

Synopsis

Execute commands and scripts with full access to azd environment variables.

Commands are run with the azd environment loaded into the child process.
Multiple arguments use direct process execution (no shell wrapping).
A single quoted argument uses shell inline execution.

Examples:
azd exec python script.py # Direct exec (exact argv)
azd exec npm run dev # Direct exec (no shell)
azd exec -- python app.py --port 8000 # Direct exec with flags
azd exec 'echo $AZURE_ENV_NAME' # Inline via shell
azd exec ./setup.sh # Execute script file
azd exec --shell pwsh "Write-Host 'Hello'" # Inline PowerShell
azd exec ./build.sh -- --verbose # Script with args
azd exec -i ./init.sh # Interactive mode

azd exec [command] [args...] [-- script-args...] [flags]

Options

      --docs                 Opens the documentation for azd exec in your web browser.
  -e, --environment string   The name of the environment to use.
  -h, --help                 Gets help for exec.
  -i, --interactive          Run in interactive mode (connect stdin)
  -s, --shell string         Shell to use (bash, sh, zsh, pwsh, powershell, cmd). Auto-detected if not specified.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd extension

Manage azd extensions.

Options

      --docs   Opens the documentation for azd extension in your web browser.
  -h, --help   Gets help for extension.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd extension install

Installs specified extensions.

Synopsis

Installs one or more extensions by id from a registered extension source.

You can also pass the path to a self-contained extension bundle (.zip): azd
extracts it and installs the bundled extension. Bundled extensions aren't
tracked for updates; reinstall from a newer bundle to update.

azd extension install <extension-id|extension-bundle.zip> [flags]

Options

      --docs             Opens the documentation for azd extension install in your web browser.
  -f, --force            Force installation, including downgrades and reinstalls
  -h, --help             Gets help for install.
  -s, --source string    The extension source to use for installs
  -v, --version string   The version of the extension to install

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd extension list

List available extensions.

azd extension list [--installed] [flags]

Options

      --docs            Opens the documentation for azd extension list in your web browser.
  -h, --help            Gets help for list.
      --installed       List installed extensions
      --source string   Filter extensions by source
      --tags strings    Filter extensions by tags

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd extension show

Show details for a specific extension.

azd extension show <extension-id> [flags]

Options

      --docs            Opens the documentation for azd extension show in your web browser.
  -h, --help            Gets help for show.
  -s, --source string   The extension source to use.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd extension source

View and manage extension sources

Options

      --docs   Opens the documentation for azd extension source in your web browser.
  -h, --help   Gets help for source.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd extension source add

Add an extension source with the specified name

azd extension source add [flags]

Options

      --docs              Opens the documentation for azd extension source add in your web browser.
  -h, --help              Gets help for add.
  -l, --location string   The location of the extension source
  -n, --name string       The name of the extension source
  -t, --type string       The type of the extension source. Supported types are 'file' and 'url'

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd extension source list

List extension sources

azd extension source list [flags]

Options

      --docs   Opens the documentation for azd extension source list in your web browser.
  -h, --help   Gets help for list.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd extension source remove

Remove an extension source with the specified name

azd extension source remove <name> [flags]

Options

      --docs   Opens the documentation for azd extension source remove in your web browser.
  -h, --help   Gets help for remove.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd extension source validate

Validate an extension source's registry.json file.

Synopsis

Validate an extension source's registry.json file.

Accepts a source name (from 'azd extension source list'), a local file path,
or a URL. Checks required fields, valid capabilities, semver version format,
platform artifact structure, and extension ID format.

azd extension source validate <name-or-path-or-url> [flags]

Options

      --docs     Opens the documentation for azd extension source validate in your web browser.
  -h, --help     Gets help for validate.
      --strict   Enable strict validation (require checksums)

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd extension uninstall

Uninstall specified extensions.

azd extension uninstall [extension-id] [flags]

Options

      --all    Uninstall all installed extensions
      --docs   Opens the documentation for azd extension uninstall in your web browser.
  -h, --help   Gets help for uninstall.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd extension upgrade

Upgrade installed extensions to the latest version.

Synopsis

Upgrade one or more installed extensions.

By default, uses the stored registry source for each extension. If the stored
source is unavailable, falls back to the main (azd) registry. Extensions that
were installed from a non-main registry (e.g., dev) are automatically promoted
to the main registry when a newer version is available there.

Use --source to explicitly override the registry source for the upgrade. Use
--all to upgrade all installed extensions in a single batch; failures in one
extension do not prevent the remaining extensions from being upgraded.

When upgrading an extension that has dependencies, any installed
dependencies are automatically upgraded too, to the highest version
satisfying the extension's declared constraints. Use
--no-dependency-upgrades to opt out and upgrade only the named
extension.

Use --output json for a structured report of all upgrade results.

azd extension upgrade [extension-id] [flags]

Options

      --all                      Upgrade all installed extensions
      --docs                     Opens the documentation for azd extension upgrade in your web browser.
  -h, --help                     Gets help for upgrade.
      --no-dependency-upgrades   Do not upgrade dependencies when upgrading an extension that has dependencies
  -s, --source string            The extension source to use for upgrades
  -v, --version string           The version of the extension to upgrade to

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd hooks

Develop, test and run hooks for a project.

Options

      --docs   Opens the documentation for azd hooks in your web browser.
  -h, --help   Gets help for hooks.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd hooks run

Runs the specified hook for the project, provisioning layers, and services

azd hooks run <name> [flags]

Options

      --docs                 Opens the documentation for azd hooks run in your web browser.
  -e, --environment string   The name of the environment to use.
  -h, --help                 Gets help for run.
      --layer string         Only runs hooks for the specified provisioning layer.
      --platform string      Forces hooks to run for the specified platform.
      --service string       Only runs hooks for the specified service.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd infra

Manage your Infrastructure as Code (IaC).

Options

      --docs   Opens the documentation for azd infra in your web browser.
  -h, --help   Gets help for infra.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd infra generate

Write IaC for your project to disk, allowing you to manually manage it.

azd infra generate [flags]

Options

      --docs                 Opens the documentation for azd infra generate in your web browser.
  -e, --environment string   The name of the environment to use.
      --force                Overwrite any existing files without prompting
  -h, --help                 Gets help for generate.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd init

Initialize a new application.

Synopsis

Initialize a new application.

When used with --template, a new directory is created (named after the template)
and the project is initialized inside it — similar to git clone.
Pass "." as the directory to initialize in the current directory instead.

Re-running init in an initialized project is idempotent: the existing environment is
reused instead of failing. With --no-prompt and no -e, the recorded default environment
is reused.

azd init [flags]

Options

  -b, --branch string         The template branch to initialize from. Must be used with a template argument (--template or -t).
      --docs                  Opens the documentation for azd init in your web browser.
  -e, --environment string    The name of the environment to use.
  -f, --filter strings        The tag(s) used to filter template results. Supports comma-separated values.
      --from-code             Initializes a new application from your existing code.
  -h, --help                  Gets help for init.
  -l, --location string       Azure location for the new environment
  -m, --minimal               Initializes a minimal project.
  -s, --subscription string   ID of an Azure subscription to use for the new environment
  -t, --template string       Initializes a new application from a template. You can use a Full URI, <owner>/<repository>, <repository> if it's part of the azure-samples organization, or a local directory path (./dir, ../dir, or absolute path).
      --up                    Provision and deploy to Azure after initializing the project from a template.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd mcp

Manage Model Context Protocol (MCP) server. (Alpha)

Options

      --docs   Opens the documentation for azd mcp in your web browser.
  -h, --help   Gets help for mcp.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd mcp start

Starts the MCP server.

Synopsis

Starts the Model Context Protocol (MCP) server.

This command starts an MCP server that can be used by MCP clients to access
azd functionality through the Model Context Protocol interface.

azd mcp start [flags]

Options

      --docs   Opens the documentation for azd mcp start in your web browser.
  -h, --help   Gets help for start.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd monitor

Monitor a deployed project.

azd monitor [flags]

Options

      --docs                 Opens the documentation for azd monitor in your web browser.
  -e, --environment string   The name of the environment to use.
  -h, --help                 Gets help for monitor.
      --live                 Open a browser to Application Insights Live Metrics. Live Metrics is currently not supported for Python apps.
      --logs                 Open a browser to Application Insights Logs.
      --overview             Open a browser to Application Insights Overview Dashboard.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd package

Packages the project's code to be deployed to Azure.

azd package <service> [flags]

Options

      --all                  Packages all services that are listed in azure.yaml
      --docs                 Opens the documentation for azd package in your web browser.
  -e, --environment string   The name of the environment to use.
  -h, --help                 Gets help for package.
      --output-path string   File or folder path where the generated packages will be saved.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd pipeline

Manage and configure your deployment pipelines.

Options

      --docs   Opens the documentation for azd pipeline in your web browser.
  -h, --help   Gets help for pipeline.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd pipeline config

Configure your deployment pipeline to connect securely to Azure. (Beta)

azd pipeline config [flags]

Options

  -m, --applicationServiceManagementReference string   Service Management Reference. References application or service contact information from a Service or Asset Management database. This value must be a Universally Unique Identifier (UUID). You can set this value globally by running azd config set pipeline.config.applicationServiceManagementReference <UUID>.
      --auth-type string                               The authentication type used between the pipeline provider and Azure for deployment (Only valid for GitHub provider). Valid values: federated, client-credentials.
      --docs                                           Opens the documentation for azd pipeline config in your web browser.
  -e, --environment string                             The name of the environment to use.
  -h, --help                                           Gets help for config.
      --principal-id string                            The client id of the service principal to use to grant access to Azure resources as part of the pipeline.
      --principal-name string                          The name of the service principal to use to grant access to Azure resources as part of the pipeline.
      --principal-role stringArray                     The roles to assign to the service principal. By default the service principal will be granted the Contributor and User Access Administrator roles. (default [Contributor,User Access Administrator])
      --provider string                                The pipeline provider to use (github for Github Actions and azdo for Azure Pipelines).
      --remote-name string                             The name of the git remote to configure the pipeline to run on. (default "origin")

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd provision

Provision Azure resources for your project.

azd provision [<layer>] [flags]

Options

      --docs                  Opens the documentation for azd provision in your web browser.
  -e, --environment string    The name of the environment to use.
  -h, --help                  Gets help for provision.
  -l, --location string       Azure location for the new environment
      --no-state              (Bicep only) Forces a fresh deployment based on current Bicep template files, ignoring any stored deployment state.
      --preview               Preview changes to Azure resources.
      --subscription string   ID of an Azure subscription to use for the new environment

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd publish

Publish a service to a container registry.

azd publish <service> [flags]

Options

      --all                   Publishes all services that are listed in azure.yaml
      --docs                  Opens the documentation for azd publish in your web browser.
  -e, --environment string    The name of the environment to use.
      --from-package string   Publishes the service from a container image (image tag).
  -h, --help                  Gets help for publish.
      --to string             The target container image in the form '[registry/]repository[:tag]' to publish to.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd restore

Restores the project's dependencies.

azd restore <service> [flags]

Options

      --all                  Restores all services that are listed in azure.yaml
      --docs                 Opens the documentation for azd restore in your web browser.
  -e, --environment string   The name of the environment to use.
  -h, --help                 Gets help for restore.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd show

Display information about your project and its resources.

azd show [resource-name|resource-id] [flags]

Options

      --docs                 Opens the documentation for azd show in your web browser.
  -e, --environment string   The name of the environment to use.
  -h, --help                 Gets help for show.
      --show-secrets         Unmask secrets in output.

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd template

Find and view template details.

Options

      --docs   Opens the documentation for azd template in your web browser.
  -h, --help   Gets help for template.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd template list

Show list of sample azd templates. (Beta)

azd template list [flags]

Options

      --docs             Opens the documentation for azd template list in your web browser.
  -f, --filter strings   The tag(s) used to filter template results. Supports comma-separated values.
  -h, --help             Gets help for list.
  -s, --source string    Filters templates by source.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd template show

Show details for a given template. (Beta)

azd template show <template> [flags]

Options

      --docs   Opens the documentation for azd template show in your web browser.
  -h, --help   Gets help for show.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd template source

View and manage template sources. (Beta)

Options

      --docs   Opens the documentation for azd template source in your web browser.
  -h, --help   Gets help for source.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd template source add

Adds an azd template source with the specified key. (Beta)

Synopsis

The key can be any value that uniquely identifies the template source, with well-known values being:
・default: Default templates
・awesome-azd: Templates from https://aka.ms/awesome-azd

azd template source add <key> [flags]

Options

      --docs              Opens the documentation for azd template source add in your web browser.
  -h, --help              Gets help for add.
  -l, --location string   Location of the template source. Required when using type flag.
  -n, --name string       Display name of the template source.
  -t, --type string       Kind of the template source. Supported types are 'file', 'url' and 'gh'.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd template source list

Lists the configured azd template sources. (Beta)

azd template source list [flags]

Options

      --docs   Opens the documentation for azd template source list in your web browser.
  -h, --help   Gets help for list.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd template source remove

Removes the specified azd template source (Beta)

azd template source remove <key> [flags]

Options

      --docs   Opens the documentation for azd template source remove in your web browser.
  -h, --help   Gets help for remove.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd tool

Manage Azure development tools.

Synopsis

Discover, install, upgrade, and check status of Azure development tools.

Options

      --docs   Opens the documentation for azd tool in your web browser.
  -h, --help   Gets help for tool.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd tool check

Check for tool updates.

azd tool check [flags]

Options

      --docs   Opens the documentation for azd tool check in your web browser.
  -h, --help   Gets help for check.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd tool install

Install specified tools.

azd tool install [tool-name...] [flags]

Options

      --all       Install all recommended tools
      --docs      Opens the documentation for azd tool install in your web browser.
      --dry-run   Preview what would be installed without making changes
  -h, --help      Gets help for install.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd tool list

List all tools with status.

azd tool list [flags]

Options

      --docs   Opens the documentation for azd tool list in your web browser.
  -h, --help   Gets help for list.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd tool show

Show details for a specific tool.

azd tool show <tool-name> [flags]

Options

      --docs   Opens the documentation for azd tool show in your web browser.
  -h, --help   Gets help for show.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd tool upgrade

Upgrade installed tools.

azd tool upgrade [tool-name...] [flags]

Options

      --docs      Opens the documentation for azd tool upgrade in your web browser.
      --dry-run   Preview what would be upgraded without making changes
  -h, --help      Gets help for upgrade.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd up

Provision and deploy your project to Azure with a single command.

azd up [flags]

Options

      --docs                  Opens the documentation for azd up in your web browser.
  -e, --environment string    The name of the environment to use.
  -h, --help                  Gets help for up.
  -l, --location string       Azure location for the new environment
      --subscription string   ID of an Azure subscription to use for the new environment

Options inherited from parent commands

  -C, --cwd string   Sets the current working directory.
      --debug        Enables debugging and diagnostics logging.
      --no-prompt    Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd update

Updates azd to the latest version.

azd update [flags]

Options

      --channel string             Update channel: stable or daily.
      --check-interval-hours int   Override the update check interval in hours.
      --docs                       Opens the documentation for azd update in your web browser.
  -h, --help                       Gets help for update.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

azd version

Print the version number of Azure Developer CLI.

azd version [flags]

Options

      --docs   Opens the documentation for azd version in your web browser.
  -h, --help   Gets help for version.

Options inherited from parent commands

  -C, --cwd string           Sets the current working directory.
      --debug                Enables debugging and diagnostics logging.
  -e, --environment string   The name of the environment to use.
      --no-prompt            Runs without prompts. Uses existing values; fails if any required value or decision cannot be resolved automatically.

See also

@huimiu huimiu requested a review from Copilot June 24, 2026 08:44
Copilot AI reviewed Jun 24, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 91 out of 94 changed files in this pull request and generated 6 comments.

Comment thread cli/azd/extensions/azure.ai.connections/go.mod
Comment thread cli/azd/extensions/azure.ai.routines/go.mod
Comment thread cli/azd/extensions/azure.ai.toolboxes/go.mod
Comment thread cli/azd/extensions/azure.ai.projects/schemas/azure.ai.project.json
Comment thread cli/azd/extensions/azure.ai.agents/schemas/FileRef.json
Comment thread cli/azd/extensions/azure.ai.agents/schemas/README.md
jongio
jongio reviewed Jun 24, 2026
View reviewed changes

@jongio jongio left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Incremental review (5 new commits since d6fd4da). All five address prior review feedback:

  • Path traversal rejection in resolveSkillInstructions is correct: checks before filepath.Join, covers \ and / separators, has test coverage for nested traversal (sub/../../escape.md).
  • Warnings for empty sanitized names are user-facing on stderr, consistent with WarnLegacyAgentShape.
  • Schema docs now accurately reflect that remote URLs aren't supported.
  • azure.ai.*/schemas/*.json glob ensures cross-extension `` resolution works offline.
  • Marshal failure logging makes the validation skip visible during troubleshooting.

No new issues found in this increment.

trangevi
trangevi reviewed Jun 25, 2026
View reviewed changes
Comment thread cli/azd/pkg/foundry/includes.go
@@ -1,7 +1,7 @@
// Copyright (c) Microsoft Corporation. All rights reserved.

@trangevi trangevi Jun 24, 2026

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why are these files moved into the top level azd pkg?

Comment thread cli/azd/internal/tracing/fields/fields.go
// instead of service-level properties. Tracks migration of older Foundry
// projects off the legacy shape.
FoundryAgentLegacyConfigKey = AttributeKey{
Key: attribute.Key("foundry.agent.legacy_config_shape"),

@trangevi trangevi Jun 24, 2026

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What actually sets this? Is this something the azd folks are alright with being added to telemetry?

Comment thread cli/azd/extensions/azure.ai.agents/internal/project/agent_definition.go
@@ -0,0 +1,496 @@
// Copyright (c) Microsoft Corporation. All rights reserved.

@trangevi trangevi Jun 25, 2026

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the plan to stop supporting old formats? Adding this file now gives at least a third place where we have agent objects defined, making it all that much more difficult to make sure things are being updated in the right places. Would be good if we have an in place plan to switch completely and remove all of the extra logic

Comment thread cli/azd/extensions/azure.ai.agents/schemas/Connection.json
@@ -1,6 +1,6 @@
{

@trangevi trangevi Jun 25, 2026

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we need both these files, and the individual schemas in the other extensions?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jongio jongio jongio left review comments
@trangevi trangevi trangevi left review comments
Copilot code review Copilot Copilot left review comments
@vhvb1989 vhvb1989 Awaiting requested review from vhvb1989 vhvb1989 is a code owner
@tg-msft tg-msft Awaiting requested review from tg-msft tg-msft is a code owner
@RickWinter RickWinter Awaiting requested review from RickWinter RickWinter is a code owner
@JeffreyCA JeffreyCA Awaiting requested review from JeffreyCA JeffreyCA is a code owner
@glharper glharper Awaiting requested review from glharper glharper is a code owner
@trrwilson trrwilson Awaiting requested review from trrwilson trrwilson is a code owner
@therealjohn therealjohn Awaiting requested review from therealjohn therealjohn is a code owner
@hemarina hemarina Awaiting requested review from hemarina hemarina is a code owner

Assignees

@huimiu huimiu

Labels

area/extensions Extensions (general) ext-agents azure.ai.agents extension ext-connections azure.ai.connections extension ext-foundry azure.ai.{agents,connections,inspector,projects,routines,skills,toolboxes}, microsoft.foundry ext-projects azure.ai.projects extension ext-routines azure.ai.routines extension ext-skills azure.ai.skills extension ext-toolboxes azure.ai.toolboxes extension

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[ext-foundry]: make project/connection/toolbox Foundry resources real service targets

5 participants

@huimiu @azure-sdk @jongio @trangevi