[Compute] Update command az sig create, az sig show and add command group az sig identity to manage the service identity of a Shared Image Gallery (SIG)

src/azure-cli/azure/cli/command_modules/vm/_client_factory.py

@@ -67,10 +67,6 @@ def cf_rolling_upgrade_commands(cli_ctx, _):
     return _compute_client_factory(cli_ctx).virtual_machine_scale_set_rolling_upgrades
 
 
-def cf_galleries(cli_ctx, _):
-    return _compute_client_factory(cli_ctx).galleries
-
-
 def cf_gallery_images(cli_ctx, _):
     return _compute_client_factory(cli_ctx).gallery_images
 

src/azure-cli/azure/cli/command_modules/vm/_validators.py

@@ -1411,6 +1411,15 @@ def _validate_vm_vmss_msi(cmd, namespace, is_identity_assign=False):
         _enable_msi_for_trusted_launch(namespace)
 
 
+def process_sig_remove_identity_namespace(cmd, namespace):
+    if namespace.identities:
+        for i, identity in enumerate(namespace.identities):
+            namespace.identities[i] = _get_resource_id(cmd.cli_ctx, identity,
+                                                       namespace.resource_group_name,
+                                                       'userAssignedIdentities',
+                                                       'Microsoft.ManagedIdentity')
+
+
 def _enable_msi_for_trusted_launch(namespace):
     # Enable system assigned msi by default when Trusted Launch configuration is met
     is_trusted_launch = namespace.security_type and namespace.security_type.lower() == 'trustedlaunch' \

src/azure-cli/azure/cli/command_modules/vm/aaz/latest/sig/_create.py

@@ -19,12 +19,21 @@ class Create(AAZCommand):
 
     :example: Create a shared image gallery
         az sig create --resource-group MyResourceGroup --gallery-name MyGallery
+
+    :example: Create a shared image gallery with enabled system assigned identity.
+        az sig create --resource-group MyResourceGroup --gallery-name MyGallery123 --system-assigned
+
+    :example: Create a shared image gallery with a user assigned identity.
+        az sig create --resource-group MyResourceGroup --gallery-name MyGallery123 --user-assigned id1
+
+    :example: Create a shared image gallery with both system and user assigned identity.
+        az sig create --resource-group MyResourceGroup --gallery-name MyGallery123 --system-assigned --user-assigned id1
     """
 
     _aaz_info = {
-        "version": "2021-10-01",
+        "version": "2025-03-03",
         "resources": [
-            ["mgmt-plane", "/subscriptions/{}/resourcegroups/{}/providers/microsoft.compute/galleries/{}", "2021-10-01"],
+            ["mgmt-plane", "/subscriptions/{}/resourcegroups/{}/providers/microsoft.compute/galleries/{}", "2025-03-03"],
         ]
     }
 
@@ -47,8 +56,11 @@ def _build_arguments_schema(cls, *args, **kwargs):
         _args_schema = cls._args_schema
         _args_schema.gallery_name = AAZStrArg(
             options=["-r", "--gallery-name"],
-            help="The name of the Shared Image Gallery to be deleted.",
+            help="The name of the Shared Image Gallery.",
             required=True,
+            fmt=AAZStrArgFormat(
+                pattern="^[^_\\W][\\w._-]{0,79}(?<![-.])$",
+            ),
         )
         _args_schema.resource_group = AAZResourceGroupNameArg(
             required=True,
@@ -98,6 +110,25 @@ def _build_arguments_schema(cls, *args, **kwargs):
         tags = cls._args_schema.tags
         tags.Element = AAZStrArg()
 
+        # define Arg Group "Identity"
+
+        _args_schema = cls._args_schema
+        _args_schema.mi_system_assigned = AAZStrArg(
+            options=["--system-assigned", "--mi-system-assigned"],
+            arg_group="Identity",
+            help="Set the system managed identity.",
+            blank="True",
+        )
+        _args_schema.mi_user_assigned = AAZListArg(
+            options=["--user-assigned", "--mi-user-assigned"],
+            arg_group="Identity",
+            help="Set the user managed identities.",
+            blank=[],
+        )
+
+        mi_user_assigned = cls._args_schema.mi_user_assigned
+        mi_user_assigned.Element = AAZStrArg()
+
         # define Arg Group "Properties"
 
         _args_schema = cls._args_schema
@@ -156,7 +187,7 @@ def __call__(self, *args, **kwargs):
                     session,
                     self.on_200_201,
                     self.on_error,
-                    lro_options={"final-state-via": "azure-async-operation"},
+                    lro_options={"final-state-via": "location"},
                     path_format_arguments=self.url_parameters,
                 )
             if session.http_response.status_code in [200, 201]:
@@ -165,7 +196,7 @@ def __call__(self, *args, **kwargs):
                     session,
                     self.on_200_201,
                     self.on_error,
-                    lro_options={"final-state-via": "azure-async-operation"},
+                    lro_options={"final-state-via": "location"},
                     path_format_arguments=self.url_parameters,
                 )
 
@@ -208,7 +239,7 @@ def url_parameters(self):
         def query_parameters(self):
             parameters = {
                 **self.serialize_query_param(
-                    "api-version", "2021-10-01",
+                    "api-version", "2025-03-03",
                     required=True,
                 ),
             }
@@ -233,10 +264,20 @@ def content(self):
                 typ=AAZObjectType,
                 typ_kwargs={"flags": {"required": True, "client_flatten": True}}
             )
+            _builder.set_prop("identity", AAZIdentityObjectType)
             _builder.set_prop("location", AAZStrType, ".location", typ_kwargs={"flags": {"required": True}})
             _builder.set_prop("properties", AAZObjectType, typ_kwargs={"flags": {"client_flatten": True}})
             _builder.set_prop("tags", AAZDictType, ".tags")
 
+            identity = _builder.get(".identity")
+            if identity is not None:
+                identity.set_prop("userAssigned", AAZListType, ".mi_user_assigned", typ_kwargs={"flags": {"action": "create"}})
+                identity.set_prop("systemAssigned", AAZStrType, ".mi_system_assigned", typ_kwargs={"flags": {"action": "create"}})
+
+            user_assigned = _builder.get(".identity.userAssigned")
+            if user_assigned is not None:
+                user_assigned.set_elements(AAZStrType, ".")
+
             properties = _builder.get(".properties")
             if properties is not None:
                 properties.set_prop("description", AAZStrType, ".description")
@@ -295,9 +336,11 @@ class _CreateHelper:
     def _build_schema_gallery_read(cls, _schema):
         if cls._schema_gallery_read is not None:
             _schema.id = cls._schema_gallery_read.id
+            _schema.identity = cls._schema_gallery_read.identity
             _schema.location = cls._schema_gallery_read.location
             _schema.name = cls._schema_gallery_read.name
             _schema.properties = cls._schema_gallery_read.properties
+            _schema.system_data = cls._schema_gallery_read.system_data
             _schema.tags = cls._schema_gallery_read.tags
             _schema.type = cls._schema_gallery_read.type
             return
@@ -308,6 +351,7 @@ def _build_schema_gallery_read(cls, _schema):
         gallery_read.id = AAZStrType(
             flags={"read_only": True},
         )
+        gallery_read.identity = AAZIdentityObjectType()
         gallery_read.location = AAZStrType(
             flags={"required": True},
         )
@@ -317,11 +361,42 @@ def _build_schema_gallery_read(cls, _schema):
         gallery_read.properties = AAZObjectType(
             flags={"client_flatten": True},
         )
+        gallery_read.system_data = AAZObjectType(
+            serialized_name="systemData",
+            flags={"read_only": True},
+        )
         gallery_read.tags = AAZDictType()
         gallery_read.type = AAZStrType(
             flags={"read_only": True},
         )
 
+        identity = _schema_gallery_read.identity
+        identity.principal_id = AAZStrType(
+            serialized_name="principalId",
+            flags={"read_only": True},
+        )
+        identity.tenant_id = AAZStrType(
+            serialized_name="tenantId",
+            flags={"read_only": True},
+        )
+        identity.type = AAZStrType()
+        identity.user_assigned_identities = AAZDictType(
+            serialized_name="userAssignedIdentities",
+        )
+
+        user_assigned_identities = _schema_gallery_read.identity.user_assigned_identities
+        user_assigned_identities.Element = AAZObjectType()
+
+        _element = _schema_gallery_read.identity.user_assigned_identities.Element
+        _element.client_id = AAZStrType(
+            serialized_name="clientId",
+            flags={"read_only": True},
+        )
+        _element.principal_id = AAZStrType(
+            serialized_name="principalId",
+            flags={"read_only": True},
+        )
+
         properties = _schema_gallery_read.properties
         properties.description = AAZStrType()
         properties.identifier = AAZObjectType()
@@ -410,13 +485,35 @@ def _build_schema_gallery_read(cls, _schema):
             serialized_name="isSoftDeleteEnabled",
         )
 
+        system_data = _schema_gallery_read.system_data
+        system_data.created_at = AAZStrType(
+            serialized_name="createdAt",
+        )
+        system_data.created_by = AAZStrType(
+            serialized_name="createdBy",
+        )
+        system_data.created_by_type = AAZStrType(
+            serialized_name="createdByType",
+        )
+        system_data.last_modified_at = AAZStrType(
+            serialized_name="lastModifiedAt",
+        )
+        system_data.last_modified_by = AAZStrType(
+            serialized_name="lastModifiedBy",
+        )
+        system_data.last_modified_by_type = AAZStrType(
+            serialized_name="lastModifiedByType",
+        )
+
         tags = _schema_gallery_read.tags
         tags.Element = AAZStrType()
 
         _schema.id = cls._schema_gallery_read.id
+        _schema.identity = cls._schema_gallery_read.identity
         _schema.location = cls._schema_gallery_read.location
         _schema.name = cls._schema_gallery_read.name
         _schema.properties = cls._schema_gallery_read.properties
+        _schema.system_data = cls._schema_gallery_read.system_data
         _schema.tags = cls._schema_gallery_read.tags
         _schema.type = cls._schema_gallery_read.type
 

src/azure-cli/azure/cli/command_modules/vm/aaz/latest/sig/_show.py

@@ -19,9 +19,9 @@ class Show(AAZCommand):
     """
 
     _aaz_info = {
-        "version": "2021-10-01",
+        "version": "2025-03-03",
         "resources": [
-            ["mgmt-plane", "/subscriptions/{}/resourcegroups/{}/providers/microsoft.compute/galleries/{}", "2021-10-01"],
+            ["mgmt-plane", "/subscriptions/{}/resourcegroups/{}/providers/microsoft.compute/galleries/{}", "2025-03-03"],
         ]
     }
 
@@ -43,9 +43,12 @@ def _build_arguments_schema(cls, *args, **kwargs):
         _args_schema = cls._args_schema
         _args_schema.gallery_name = AAZStrArg(
             options=["-r", "--gallery-name"],
-            help="The name of the Shared Image Gallery to be deleted.",
+            help="The name of the Shared Image Gallery.",
             required=True,
             id_part="name",
+            fmt=AAZStrArgFormat(
+                pattern="^[^_\\W][\\w._-]{0,79}(?<![-.])$",
+            ),
         )
         _args_schema.resource_group = AAZResourceGroupNameArg(
             required=True,
@@ -133,7 +136,7 @@ def query_parameters(self):
                     "$select", self.ctx.args.select,
                 ),
                 **self.serialize_query_param(
-                    "api-version", "2021-10-01",
+                    "api-version", "2025-03-03",
                     required=True,
                 ),
             }
@@ -169,6 +172,7 @@ def _build_schema_on_200(cls):
             _schema_on_200.id = AAZStrType(
                 flags={"read_only": True},
             )
+            _schema_on_200.identity = AAZIdentityObjectType()
             _schema_on_200.location = AAZStrType(
                 flags={"required": True},
             )
@@ -178,11 +182,42 @@ def _build_schema_on_200(cls):
             _schema_on_200.properties = AAZObjectType(
                 flags={"client_flatten": True},
             )
+            _schema_on_200.system_data = AAZObjectType(
+                serialized_name="systemData",
+                flags={"read_only": True},
+            )
             _schema_on_200.tags = AAZDictType()
             _schema_on_200.type = AAZStrType(
                 flags={"read_only": True},
             )
 
+            identity = cls._schema_on_200.identity
+            identity.principal_id = AAZStrType(
+                serialized_name="principalId",
+                flags={"read_only": True},
+            )
+            identity.tenant_id = AAZStrType(
+                serialized_name="tenantId",
+                flags={"read_only": True},
+            )
+            identity.type = AAZStrType()
+            identity.user_assigned_identities = AAZDictType(
+                serialized_name="userAssignedIdentities",
+            )
+
+            user_assigned_identities = cls._schema_on_200.identity.user_assigned_identities
+            user_assigned_identities.Element = AAZObjectType()
+
+            _element = cls._schema_on_200.identity.user_assigned_identities.Element
+            _element.client_id = AAZStrType(
+                serialized_name="clientId",
+                flags={"read_only": True},
+            )
+            _element.principal_id = AAZStrType(
+                serialized_name="principalId",
+                flags={"read_only": True},
+            )
+
             properties = cls._schema_on_200.properties
             properties.description = AAZStrType()
             properties.identifier = AAZObjectType()
@@ -271,6 +306,26 @@ def _build_schema_on_200(cls):
                 serialized_name="isSoftDeleteEnabled",
             )
 
+            system_data = cls._schema_on_200.system_data
+            system_data.created_at = AAZStrType(
+                serialized_name="createdAt",
+            )
+            system_data.created_by = AAZStrType(
+                serialized_name="createdBy",
+            )
+            system_data.created_by_type = AAZStrType(
+                serialized_name="createdByType",
+            )
+            system_data.last_modified_at = AAZStrType(
+                serialized_name="lastModifiedAt",
+            )
+            system_data.last_modified_by = AAZStrType(
+                serialized_name="lastModifiedBy",
+            )
+            system_data.last_modified_by_type = AAZStrType(
+                serialized_name="lastModifiedByType",
+            )
+
             tags = cls._schema_on_200.tags
             tags.Element = AAZStrType()
 

src/azure-cli/azure/cli/command_modules/vm/aaz/latest/sig/_update.py

@@ -15,7 +15,7 @@
     "sig update",
 )
 class Update(AAZCommand):
-    """Update a share image gallery.
+    """Update a Shared Image Gallery.
 
     :example: Enable gallery to be shared to subscription or tenant
         az sig update --resource-group myResourceGroup --gallery-name myGallery --permissions groups