az confcom fragment
Note
This reference is part of the confcom extension for the Azure CLI (version 2.26.2 or higher). The extension will automatically install the first time you run an az confcom fragment command. Learn more about extensions.
Commands to handle Confidential Container Policy Fragments.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az confcom fragment attach |
Attach a Confidential Container Policy Fragment to an image in an ORAS registry. |
Extension | Preview |
| az confcom fragment push |
Push a Confidential Container Policy Fragment to an ORAS registry. |
Extension | Preview |
az confcom fragment attach
This command is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Attach a Confidential Container Policy Fragment to an image in an ORAS registry.
az confcom fragment attach --manifest-tag
[]Examples
Attach a signed fragment to a registry
az confcom fragment attach ./fragment.reg.cose --manifest-tag myregistry.azurecr.io/image:latestAttach the output of acifragmentgen to a registry
az confcom acifragmentgen --chain my.cert.pem --key my_key.pem --svn "1" --namespace contoso --feed "test-feed" --input ./fragment_spec.json | az confcom fragment attach --manifest-tag myregistry.azurecr.io/image:latestRequired Parameters
The reference to attach the signed fragment to.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Signed fragment to attach.
| Property | Value |
|---|---|
| Parameter group: | Positional |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az confcom fragment push
This command is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Push a Confidential Container Policy Fragment to an ORAS registry.
az confcom fragment push --manifest-tag
[]Examples
Push a signed fragment to a registry
az confcom fragment push ./fragment.reg.cose --manifest-tag myregistry.azurecr.io/fragment:latestPush the output of acifragmentgen to a registry
az confcom acifragmentgen --chain my.cert.pem --key my_key.pem --svn "1" --namespace contoso --feed "test-feed" --input ./fragment_spec.json | az confcom fragment push --manifest-tag myregistry.azurecr.io/fragment:latestRequired Parameters
The reference to push the signed fragment to.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Signed fragment to push.
| Property | Value |
|---|---|
| Parameter group: | Positional |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
