CLI for VPN Gateway Connection Certificate based authentication

[brandonv191]

Preconditions

• No need to upgrade Python SDK or the Python SDK is ready.

Related command

Azure/azure-powershell#28642 Powershell PR with changes

Added - New-AzVirtualNetworkGatewayCertificateAuthentication.

Added -AuthenticationType and -CertificateAuthentication parameters to New-AzVirtualNetworkGatewayConnection and Set-AzVirtualNetworkGatewayConnection

Added -Identity and -UserAssignedIdentityId parameter to Set-AzVirtualNetworkGateway to New-AzVirtualNetworkGateway

Resource Provider

Microsoft.Network

Description of Feature or Work Requested

We have implemented certificate-based authentication for in the latest powershell and swagger releases for vpn gateway connections. This needs to be extended to azure cli.

The PR is linked below for the swagger.

• User should be able to create/update a virtual network gateway with a managed identity
• Support should be added to create/update vpn gateway connections with certificate based authentication.
• Connections should have an option to specify authentication type and CertificateAuthentication object. More information can also be found on the public api

https://learn.microsoft.com/en-us/rest/api/network-gateway/virtual-network-gateway-connections/create-or-update?view=rest-network-gateway-2025-01-01&viewFallbackFrom=rest-network-gateway-2024-05-01&tabs=HTTP

Minimum API Version Required

2025-01-01

Swagger PR link / SDK link

https://github.com/Azure/azure-rest-api-specs/blob/main/specification/network/resource-manager/Microsoft.Network/stable/2025-01-01/virtualNetworkGateway.json

Pull request: Azure/azure-rest-api-specs#37176

Request Example

No response

Target Date

2025-12-15

PM Contact

fabferri@microsoft.com

Engineer Contact

brandonvilla@microsoft.com, faahmad@microsoft.com

Additional context

No response

[yonzhan]

Thank you for opening this issue, we will look into it.

[github-actions]

Here are some similar issues that might help you. Please check if they can solve your problem.

• CLI for VNG : p2s multiple authentication #17260
• High Bandwidth VPN Gateway: Update AzCLI commands #31068

Powered by issue-sentinel

[github-actions]

Here are some similar issues that might help you. Please check if they can solve your problem.

• CLI for VNG : p2s multiple authentication #17260

Powered by issue-sentinel

[necusjz]

@brandonv191 plz provide the azure cli commands that this feature applies to.

[brandonv191]

@necusjz We want to add the managed identity option to az network vnet-gateway.
https://learn.microsoft.com/en-us/cli/azure/network/vnet-gateway?view=azure-cli-latest#az-network-vnet-gateway-create

• az network vnet-gateway create
• az network vnet-gateway update

And we want to add authentication type and certificate based authentication options to

• az network vpn-connection create
• az network vpn-connection update

https://learn.microsoft.com/en-us/cli/azure/network/vpn-connection?view=azure-cli-latest#az-network-vpn-connection-create

These are for vpn gateways. thanks