The azure-native:resources:AzureCliScript resource, part of the Pulumi Azure Native provider, defines an Azure deployment script that runs Azure CLI commands in a managed container environment. This guide focuses on one capability: creating deployment script resources with automatic infrastructure provisioning.
Deployment scripts require an existing resource group. Azure automatically provisions Azure Container Instances and storage for script execution unless you provide custom settings. The examples are intentionally small. Combine them with your own script content, managed identities, and environment variables.
Create a deployment script with minimal configuration
Most workflows begin by defining a script resource with a name and resource group, letting Azure handle the execution infrastructure automatically.
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const azureCliScript = new azure_native.resources.AzureCliScript("azureCliScript", {
resourceGroupName: "script-rg",
scriptName: "MyDeploymentScript",
});
import pulumi
import pulumi_azure_native as azure_native
azure_cli_script = azure_native.resources.AzureCliScript("azureCliScript",
resource_group_name="script-rg",
script_name="MyDeploymentScript")
package main
import (
resources "github.com/pulumi/pulumi-azure-native-sdk/resources/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := resources.NewAzureCliScript(ctx, "azureCliScript", &resources.AzureCliScriptArgs{
ResourceGroupName: pulumi.String("script-rg"),
ScriptName: pulumi.String("MyDeploymentScript"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var azureCliScript = new AzureNative.Resources.AzureCliScript("azureCliScript", new()
{
ResourceGroupName = "script-rg",
ScriptName = "MyDeploymentScript",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.resources.AzureCliScript;
import com.pulumi.azurenative.resources.AzureCliScriptArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var azureCliScript = new AzureCliScript("azureCliScript", AzureCliScriptArgs.builder()
.resourceGroupName("script-rg")
.scriptName("MyDeploymentScript")
.build());
}
}
resources:
azureCliScript:
type: azure-native:resources:AzureCliScript
properties:
resourceGroupName: script-rg
scriptName: MyDeploymentScript
The resourceGroupName places the script resource in an existing resource group. The scriptName provides a unique identifier. Azure provisions Azure Container Instances and a storage account automatically to run your script. The azCliVersion property specifies which Azure CLI version to use, and retentionInterval controls how long Azure keeps the script resource after execution completes (using ISO 8601 duration format like P1D for one day).
Beyond these examples
These snippets focus on basic script resource creation and automatic infrastructure provisioning. They’re intentionally minimal rather than full deployment automation solutions.
The examples reference pre-existing infrastructure such as Azure resource groups. They focus on configuring the script resource rather than defining the actual script logic or execution environment details.
To keep things focused, common deployment script patterns are omitted, including:
- Script content and arguments (scriptContent, arguments, primaryScriptUri)
- Managed identity configuration (identity property)
- Custom storage accounts (storageAccountSettings)
- Container customization (containerSettings, including subnet placement)
- Environment variables and secrets (environmentVariables)
- Execution timeout and cleanup settings (timeout, cleanupPreference)
These omissions are intentional: the goal is to illustrate how the deployment script resource is wired, not provide drop-in automation modules. See the AzureCliScript resource reference for all available configuration options.
Let's execute Azure CLI Scripts with Deployment
Get started with Pulumi Cloud, then follow our quick setup guide to deploy this infrastructure.
Try Pulumi Cloud for FREEFrequently Asked Questions
Script Configuration & Execution
scriptContent for inline scripts, or primaryScriptUri for external scripts hosted at a URI. The primaryScriptUri serves as the entry point for external scripts.arguments property with space-separated values, for example: -Name blue* -Location 'West US 2'.P1D (one day). Specify custom timeouts using ISO 8601 duration format (e.g., PT30M for 30 minutes, P2D for 2 days).forceUpdateTag property to a current timestamp or GUID. This forces execution even when the script resource hasn’t changed.Identity & Permissions
identity property.Resource Lifecycle & Management
retentionInterval expires. You must specify retentionInterval (required) using ISO 8601 format, such as P1D for one day.cleanupPreference is Always, meaning resources are cleaned up when the script reaches a terminal state.location, resourceGroupName, and scriptName properties are immutable and cannot be changed after creation.outputs property, and execution details are in the status property. The provisioningState shows the current execution state.Using a different cloud?
Explore integration guides for other cloud providers: