Skip to content

Az.Compute: Add managed identity support to Gallery cmdlets#29264

Draft
Copilot wants to merge 2 commits intomainfrom
copilot/az-compute-gallery-managed-identity
Draft

Az.Compute: Add managed identity support to Gallery cmdlets#29264
Copilot wants to merge 2 commits intomainfrom
copilot/az-compute-gallery-managed-identity

Conversation

Copy link
Contributor

Copilot AI commented Mar 12, 2026
edited
Loading

Adds EnableSystemAssignedIdentity and UserAssignedIdentity parameters to New-AzGallery and Update-AzGallery, and exposes Identity in the Get-AzGallery output object.

Changes

  • PSGallery.cs — Added Identity property (GalleryIdentity); AutoMapper picks it up automatically from the SDK model
  • GalleryCreateOrUpdateMethod.cs
    • New-AzGallery / Update-AzGallery: new parameters -EnableSystemAssignedIdentity (SwitchParameter) and -UserAssignedIdentity (string[])
    • Identity type is derived from which parameters are provided: SystemAssigned, UserAssigned, or SystemAssigned, UserAssigned
    • Fixed pre-existing bug in Update-AzGallery: GalleriesClient.CreateOrUpdate() return value was discarded, causing the cmdlet to output an empty gallery object on non-sharing updates
  • Help docs (New-AzGallery.md, Update-AzGallery.md) — Updated syntax blocks and added identity examples
  • Tests — Added Test-GalleryWithSystemAssignedIdentity and Test-UpdateGalleryWithSystemAssignedIdentity scenario tests

Usage

# New gallery with system-assigned identity
New-AzGallery -ResourceGroupName $rg -Name $galleryName -Location $loc -EnableSystemAssignedIdentity

# New gallery with user-assigned identity
$uid = Get-AzUserAssignedIdentity -ResourceGroupName $rg -Name $identityName
New-AzGallery -ResourceGroupName $rg -Name $galleryName -Location $loc -UserAssignedIdentity $uid.Id

# Update gallery to add both identity types
Get-AzGallery -ResourceGroupName $rg -Name $galleryName |
    Update-AzGallery -EnableSystemAssignedIdentity -UserAssignedIdentity $uid.Id

# Identity is now included in Get-AzGallery output
(Get-AzGallery -ResourceGroupName $rg -Name $galleryName).Identity

Parameter naming follows the repo's managed identity best practices.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • 1n8vsblobprodwus2184.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • 6yfvsblobprodwus2121.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • 7t8vsblobprodwus2168.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • 84hvsblobprodwus2148.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • 8wdvsblobprodwus2137.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • 9yyvsblobprodwus2157.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • b53vsblobprodwus2154.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • ba0vsblobprodwus2130.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • balvsblobprodwus2129.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • cbvvsblobprodwus2131.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • cffvsblobprodwus218.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • d94vsblobprodwus2119.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • ezcvsblobprodwus2170.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • faxvsblobprodwus2122.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • g3xvsblobprodwus2151.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • i01vsblobprodwus216.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • isvvsblobprodwus2147.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • jhgvsblobprodwus2167.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • k4pvsblobprodwus2140.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • mt2vsblobprodwus2110.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • nudvsblobprodwus214.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • p2tvsblobprodwus2189.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • tn2vsblobprodwus2124.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • wlnvsblobprodwus2188.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • x0dvsblobprodwus2111.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • y5lvsblobprodwus2179.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)
  • zt8vsblobprodwus2176.vsblob.vsassets.io
    • Triggering command: /usr/bin/dotnet dotnet build src/Compute/Compute.sln (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

Original prompt

This section details on the original issue you should resolve

<issue_title>Az.Compute - Create, Update, Get, Az Compute Gallery with Managed Identity</issue_title>
<issue_description>

Guidelines

The purpose of the Azure PowerShell design review is to ensure that the cmdlets follow the same pattern across the Azure modules. An early design review reduces the risk of unnecessary implementation changes caused by a cmdlet syntax design change.

Please ensure your cmdlets comply with the design guidelines outlined in the PowerShell Design Guidelines document.

Please generate cmdlets syntax using GenerateCmdletDesignMarkdown.ps1 for review if your cmdlet is generated from API spec directly by Autorest.PowerShell.

If you just add parameter to existing cmdlets and parameter definition complies with guideline, the design review is not expected.

  • Have you read above statement?

    • YES

Service Release Details

  • Is this an Embargoed Preview, A Public Preview, or a General Release?

    • General Release

  • What is the expected service release date?

    • 2026-03-15

  • Which Powershell module are these changes being made in?

    • Az.Compute

Contact Information

  • Main developer contacts (emails + github aliases)

    • bhbrahma@microsoft.com @D1v38om83r

  • PM contact (email + github alias)

    • Tanmay.Gore@microsoft.com @tanmaygore

  • Other people who should attend a design review (email)

    • Joseph.Calev@microsoft.com

High Level Scenarios

  • Describe how your feature is intended to be used by customers.

    • New-AzGallery command should allow user to specify managed identities when creating an Azure Compute Gallery
    • Update-AzGallery should accept the updated PSObject of type Microsoft.Compute/galleries with Managed Identity information and also allow user to specify managed identities.
    • Get-AzGallery command should be able to fetch updated PSObject of type Microsoft.Compute/galleries with Managed Identity information

  • Piping scenarios / how these cmdlets are used with existing cmdlets

      $uid1 = Get-AzUserAssignedIdentity -ResourceGroupName azure-rg-test -Name uai-pwsh01
      $uid2 = Get-AzUserAssignedIdentity -ResourceGroupName azure-rg-test -Name uai-pwsh02
      New-AzGallery -ResourceGroupName $rgname -Name $galleryName -Location $location -UserAssginedIdentities $uid1 $uid2 -SystemAssignedIdentity

     $uid1 = Get-AzUserAssignedIdentity -ResourceGroupName azure-rg-test -Name uai-pwsh01
     $uid2 = Get-AzUserAssignedIdentity -ResourceGroupName azure-rg-test -Name uai-pwsh02
     Get-AzGallery -ResourceGroupName $rgname -Name $galleryName | Update-AzGallery -UserAssginedIdentities $uid1 $uid2 -SystemAssignedIdentity

  • Sample of end-to-end usage

    • Please provide comprehensive examples that don't assume additional setup. It helps the audience understand your feature.

    • New-AzGallery -ResourceGroupName $rgname -Name $galleryName -Location $location -SystemAssignedIdentity

    • $uid1 = Get-AzUserAssignedIdentity -ResourceGroupName azure-rg-test -Name uai-pwsh01; New-AzGallery -ResourceGroupName $rgname -Name $galleryName -Location $location -UserAssignedIdentities $uid1

    • $gallery = Get-AzGallery -ResourceGroupName $rgname -Name $galleryName; Update-AzGallery -inputObject gallery SystemAssignedIdentity

    • $uid1 = Get-AzUserAssignedIdentity -ResourceGroupName azure-rg-test -Name uai-pwsh01; $gallery = Get-AzGallery -ResourceGroupName $rgname -Name $galleryName; Update-AzGallery -inputObject $gallery -UserAssginedIdentities $uid1

Syntax changes

Indicate if you are requesting an edit to existing cmdlets, adding new cmdlets, or both. Then edit the corresponding section below.

  • Update parameters to existing cmdlets

Changed cmdlet

List the names of the cmdlets that are being edited.

  • New-AzGallery, Get-AzGallery, Update-AzGallery

List the new parameters for the cmdlet, the parameter types, and their allowed values if applicable.

  • New-AzGallery [-SystemAssignedIdentity]
  • New-AzGallery [-UserAssginedIdentities] <Microsoft.ManagedIdentity/userAssignedIdentities[]>
  • Get-AzGallery no change in parameters, update to output object
  • Update-AzGallery [-SystemAssignedIdentity]
  • Update-AzGallery [-UserAssginedIdentities] <Microsoft.ManagedIdentity/userAssignedIdentities[]>

Please describe the new business logic of the cmdlet and paramet...

Custom agent used: Compute PowerShell Pull Request Agent
Specialized agent for creating PowerShell pull requests based on a design request

  • Fixes Azure/azure-powershell-cmdlet-review-pr#1540

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

@azure-client-tools-bot-prd
Copy link

azure-client-tools-bot-prd bot commented Mar 12, 2026

Thanks for your contribution! The pull request validation has started. Please revisit this comment for updated status.

@audreyttt
Add managed identity support to New-AzGallery and Update-AzGallery cm…
90fef0c 
…dlets

Co-authored-by: audreyttt <225061541+audreyttt@users.noreply.github.com>
Copilot AI changed the title [WIP] Add Az.Compute cmdlets for managing compute gallery with managed identity Az.Compute: Add managed identity support to Gallery cmdlets Mar 12, 2026
Copilot AI requested a review from audreyttt March 12, 2026 21:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@audreyttt audreyttt Awaiting requested review from audreyttt audreyttt is a code owner

@ookoka ookoka Awaiting requested review from ookoka ookoka will be requested when the pull request is marked ready for review ookoka is a code owner

@haagha haagha Awaiting requested review from haagha haagha will be requested when the pull request is marked ready for review haagha is a code owner

@wyunchi-ms wyunchi-ms Awaiting requested review from wyunchi-ms wyunchi-ms will be requested when the pull request is marked ready for review wyunchi-ms is a code owner

@dolauli dolauli Awaiting requested review from dolauli dolauli will be requested when the pull request is marked ready for review dolauli is a code owner

@isra-fel isra-fel Awaiting requested review from isra-fel isra-fel will be requested when the pull request is marked ready for review isra-fel is a code owner

@VeryEarly VeryEarly Awaiting requested review from VeryEarly VeryEarly will be requested when the pull request is marked ready for review VeryEarly is a code owner

@YanaXu YanaXu Awaiting requested review from YanaXu YanaXu will be requested when the pull request is marked ready for review YanaXu is a code owner

@vidai-msft vidai-msft Awaiting requested review from vidai-msft vidai-msft will be requested when the pull request is marked ready for review vidai-msft is a code owner

@NoriZC NoriZC Awaiting requested review from NoriZC NoriZC will be requested when the pull request is marked ready for review NoriZC is a code owner

@notyashhh notyashhh Awaiting requested review from notyashhh notyashhh will be requested when the pull request is marked ready for review notyashhh is a code owner

@Pan-Qi Pan-Qi Awaiting requested review from Pan-Qi Pan-Qi will be requested when the pull request is marked ready for review Pan-Qi is a code owner

@DanielMicrosoft DanielMicrosoft Awaiting requested review from DanielMicrosoft DanielMicrosoft will be requested when the pull request is marked ready for review DanielMicrosoft is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

Copilot code review Copilot

@audreyttt audreyttt

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@audreyttt