Alex-wdy shares comprehensive updates from Microsoft Ignite 2025, focusing on Azure CLI, Azure PowerShell, and new AI-driven features, including security and quality improvements.

Azure CLI and Azure PowerShell: Ignite 2025 Update

Microsoft announced major improvements to Azure CLI and Azure PowerShell for 2025, emphasizing quality, security, and AI-driven features. This update brings new capabilities, feature enhancements, and security standards compliance for cloud automation practitioners.

Key Investment Areas

Quality and Security: Focused upgrades, including enforcement of Multi-Factor Authentication (MFA) and mitigation of CVEs, underpin the commitment to secure automation.
User Experience: Features and upgrades designed to simplify usage, improve error handling, and bolster reliability.
AI Integration: New ‘What-If’ and ‘Export Bicep’ parameters leverage AI to assist with previewing infrastructure changes and auto-generating Bicep templates, streamlining infrastructure-as-code workflows.

Feature Highlights

Security Enhancements

MFA Enforcement: Azure Resource Manager (ARM) now requires MFA for sensitive operations, with improved claims challenge mechanisms and troubleshooting guidance.
CVE Mitigations: Azure CLI upgraded from version 2.76 to 2.77 to close remote code execution and certificate validation vulnerabilities, in full alignment with security best practices.

Python 3.13 Support

Azure CLI now requires Python 3.13 for strict SSL verification, improving security but potentially causing proxy compatibility issues. Users should update proxy certificates accordingly.

New Modules, Extensions, and Service Coverage

Services Updated: ACR, ACS, AKS, App Config, App Service, ARM, Backup, Batch, Compute, Cosmos DB, Cognitive Services, IoT, Key Vault, SQL, Storage, and more.
Extensions Added: arize-ai, connectedmachine, containerapp, lambda-test, migrate, neon, pscloud, sftp, site, storage-blob-preview.
GA Modules: DeviceRegistry, DataMigration, FirmwareAnalysis, LoadTesting, StorageDiscovery, DataTransfer, ArizeAI, Fabric, StorageAction, Oracle.

ARM API and Endpoint Discovery

Azure CLI now leverages ARM API version 2022-09-01 for more accurate cloud registration and endpoint management, supporting better service compatibility and forward-compatibility.

Pagination Support in PowerShell

Invoke-AzRestMethod gains a new ‘-Paginate’ parameter to improve efficiency with large datasets, supporting server-driven pagination while maintaining backward compatibility.

Intelligent Change Preview and Template Export

What-If Analysis: Preview infrastructure modifications before deployment, identifying resources impacted by commands.
Export Bicep: Automatically generate Bicep templates to speed up infrastructure-as-code adoption, both features utilizing AI-assisted logic.

Handling Claims Challenges for MFA

When performing create, update, or delete operations, users must address claims challenges issued by ARM if MFA is not configured, with well-documented guidance for both Azure CLI and PowerShell workflows.

Azure CLI Example:

az login --tenant "aaaabbbb-0000-cccc-1111-dddd2222eeee" --scope "https://management.core.windows.net//.default" --claims-challenge "<claims-challenge-token>"

Azure PowerShell Example:

Connect-AzAccount -Tenant yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyy -Subscription zzzzzzzz-zzzz-zzzz-zzzz-zzzzzzzz -ClaimsChallenge <claims-challenge-token>

Breaking Changes and Migration Guidance

Guidance and migration documents for the latest breaking changes:

Get Involved

Feedback and updates are welcome on GitHub:
- Azure CLI GitHub
- Azure PowerShell GitHub
Follow updates on X (Twitter): @azureposh, @AzureCli

Additional Resources

This update was prepared by Alex-wdy for the Tech Community. Stay tuned for further features and improvements in the Azure command-line ecosystem.

This post appeared first on “Microsoft Tech Community”. Read the entire article here