yonzhan
commented
1 year ago Thank you for opening this issue, we will look into it.
Open veerun14 opened 1 year ago
yonzhan
commented
1 year ago Thank you for opening this issue, we will look into it.
veerun14
commented
1 year ago Workaround to add role assignments myself seems to be working.
Role assignment for the user or a group to access Grafana dashboard.
az role assignment create --assignee {USER OR GROUP} --role "Grafana Admin or Grafana User" --scope $GRAFANA_RESOURCEIDMonitoring Data reader role assignment for the auto created system managed identity to access any data source at a specified level. The example below is at a resource group level, but you can provide a subscription scope as well which then will have the reader access across all workspaces, storages in that subscription.
az role assignment create --assignee-object-id {OBJECT_ID_OF_SYSTEM_MANAGED-IDENTITY} --role "Monitoring Data Reader" --scope {RESOUCEID_OF_THE_RESOURCEGROUP}
duongneo
commented
1 year ago Hi there, i have same issue on Azure devops pipelines.
veerun14
commented
1 year ago @PramodValavala-MSFT When you get a chance, please let us know if this is fixed
tungvx-sh
commented
1 year ago @PramodValavala-MSFT Do you have any updates on this current issue?
yugangw-msft
commented
1 year ago @veerun14 @tungvx-sh, sorry for the late response. If you are still experiencing this issue still, could you please tell me how you installed the CLI. 2020-04-01-preview is supposed to be in the SDK installed by Azure CLI
owaisrehman
commented
1 year ago I am also facing this issue from both azure pipeline and from AZ CLI on local machine.
@yugangw-msft I've installed CLI using this.
veerun14
commented
1 year ago I am terribly sorry @yugangw-msft. I had a work-around working so wasn't paying much attention. To answer your question, I have installed Azure CLI using this:
yugangw-msft
commented
1 year ago We are aware of this issue. @ABZhang0 is on it
ABZhang0
commented
11 months ago Hi @veerun14, apologies for the delayed follow-up. This issue was fixed last month: https://github.com/Azure/azure-cli-extensions/pull/6896/commits/082f409ecd58a68f96ebc265d6415762334abc90
veerun14
commented
8 months ago Yup. I can confirm that this works now
danielkimuipath
commented
8 months ago This does not work on mac
az extension add --name amg --version 1.3.1
Default enabled including preview versions for extension installation now. Disabled in May 2024. Use '--allow-preview true' to enable it specifically if needed. Use '--allow-preview false' to install stable version only.az grafana data-source list --name name-of-grafana
The command failed with an unexpected error. Here is the traceback:
No module named 'azure.mgmt.dashboard'
Traceback (most recent call last):
File "/opt/homebrew/Cellar/azure-cli/2.58.0/libexec/lib/python3.11/site-packages/knack/cli.py", line 233, in invoke
cmd_result = self.invocation.execute(args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/homebrew/Cellar/azure-cli/2.58.0/libexec/lib/python3.11/site-packages/azure/cli/core/commands/__init__.py", line 562, in execute
self.commands_loader.load_arguments(command)
File "/opt/homebrew/Cellar/azure-cli/2.58.0/libexec/lib/python3.11/site-packages/azure/cli/core/__init__.py", line 522, in load_arguments
loader.load_arguments(command) # this adds entries to the argument registries
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/daniel.kim/.azure/cliextensions/amg/azext_amg/__init__.py", line 28, in load_arguments
load_arguments(self, command)
File "/Users/daniel.kim/.azure/cliextensions/amg/azext_amg/_params.py", line 14, in load_arguments
from azure.mgmt.dashboard.models import ZoneRedundancy
ModuleNotFoundError: No module named 'azure.mgmt.dashboard'
To check existing issues, please visit: https://github.com/Azure/azure-cli/issuesCan someone share what was the workaround?
danielkimuipath
commented
8 months ago I tried with 1.3.0, 1.31 - does not work with same error above.
But the 1.2.10 worked for me.
ABZhang0
commented
8 months ago @danielkimuipath Looking into this now, appears to be a package import problem with Mac
ABZhang0
commented
8 months ago Hi @danielkimuipath, I've found the root cause - it's a dependency problem that's specific to Homebrew, and I'm working on getting the fix out now. In the meantime, if needed, you can unblock by not using Homebrew. I'll let you know once the fix is in.
ABZhang0
commented
8 months ago @danielkimuipath the newest version of the Azure CLI AMG extension (1.3.2) should fix the issue you're running into.
danielkimuipath
commented
8 months ago Hi @ABZhang0 , i tried with 1.3.2 and it worked now. Thank you for the fix!
lgmorand
commented
2 weeks ago Not the exact same error for role assignments but a simple az grafana create -n XX -g XXX is failing for me with the very last version of the CLI is failing
WARNING: Grafana instance of 'grafana-netwobs-demo' was created. Now creating default role assignments for its managed identity, and current CLI account unless --principal-ids are provided.
ERROR: The command failed with an unexpected error. Here is the traceback:
ERROR: 'pop from an empty set'
Traceback (most recent call last):
File "/opt/az/azcliextensions/amg/azext_amg/custom.py", line 183, in _create_role_assignment
assignments_client.create(scope=scope, role_assignment_name=assignment_name,
File "/opt/az/lib/python3.11/site-packages/azure/core/tracing/decorator.py", line 76, in wrapper_use_tracer
return func(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^
File "/opt/az/lib/python3.11/site-packages/azure/mgmt/authorization/v2022_04_01/operations/_role_assignments_operations.py", line 904, in create
raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat)
azure.core.exceptions.HttpResponseError: (UnmatchedPrincipalType) The PrincipalId '7183c50c438047a8918c275e7fdac8cc' has type 'ServicePrincipal' , which is different from specified PrinciaplType 'Group'.
Code: UnmatchedPrincipalType
Message: The PrincipalId '7183c50c438047a8918c275e7fdac8cc' has type 'ServicePrincipal' , which is different from specified PrinciaplType 'Group'.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/opt/az/lib/python3.11/site-packages/knack/cli.py", line 233, in invoke
cmd_result = self.invocation.execute(args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/az/lib/python3.11/site-packages/azure/cli/core/commands/__init__.py", line 666, in execute
raise ex
File "/opt/az/lib/python3.11/site-packages/azure/cli/core/commands/__init__.py", line 733, in _run_jobs_serially
results.append(self._run_job(expanded_arg, cmd_copy))
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/az/lib/python3.11/site-packages/azure/cli/core/commands/__init__.py", line 714, in _run_job
result = LongRunningOperation(cmd_copy.cli_ctx, 'Starting {}'.format(cmd_copy.name))(result)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/az/lib/python3.11/site-packages/azure/cli/core/commands/__init__.py", line 1062, in __call__
result = poller.result()
^^^^^^^^^^^^^^^
File "/opt/az/lib/python3.11/site-packages/azure/cli/core/aaz/_poller.py", line 111, in result
return self._result_callback(resource)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/az/azcliextensions/amg/azext_amg/custom.py", line 90, in _output
_create_role_assignment(cli_ctx, principal_id, principal_types, grafana_admin_role_id,
File "/opt/az/azcliextensions/amg/azext_amg/custom.py", line 193, in _create_role_assignment
principal_type=principal_types.pop())
^^^^^^^^^^^^^^^^^^^^^
KeyError: 'pop from an empty set'And from cloudshell, I have a totally different error, he can't read the rg parameter
louis-guillaume [ ~ ]$ az grafana create --name grafgl --resource-group graflfdemo
The command failed with an unexpected error. Here is the traceback:
"Model 'AAZArgumentsSchema' has no field named 'resource_group_name'"
Traceback (most recent call last):
File "/usr/lib64/az/lib/python3.9/site-packages/knack/cli.py", line 233, in invoke
cmd_result = self.invocation.execute(args)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/__init__.py", line 666, in execute
raise ex
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/__init__.py", line 733, in _run_jobs_serially
results.append(self._run_job(expanded_arg, cmd_copy))
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/__init__.py", line 714, in _run_job
result = LongRunningOperation(cmd_copy.cli_ctx, 'Starting {}'.format(cmd_copy.name))(result)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/__init__.py", line 1062, in __call__
result = poller.result()
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_poller.py", line 108, in result
self.wait(timeout)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/core/tracing/decorator.py", line 76, in wrapper_use_tracer
return func(*args, **kwargs)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_poller.py", line 130, in wait
raise self._exception
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_poller.py", line 83, in _start
for polling_method in self._polling_generator:
File "/home/louis-guillaume/.azure/cliextensions/amg/azext_amg/aaz/latest/grafana/_create.py", line 136, in _execute_operations
self.pre_operations()
File "/home/louis-guillaume/.azure/cliextensions/amg/azext_amg/custom.py", line 65, in pre_operations
process_grafana_create_namespace(self.ctx, self.ctx.args)
File "/home/louis-guillaume/.azure/cliextensions/amg/azext_amg/_validators.py", line 18, in process_grafana_create_namespace
get_default_location_from_resource_group(cmd, namespace)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/validators.py", line 81, in get_default_location_from_resource_group
rg = resource_client.resource_groups.get(namespace.resource_group_name)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_field_value.py", line 84, in __getattr__
return self[key]
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_field_value.py", line 66, in __getitem__
attr_schema, name = self._get_attr_schema_and_name(key)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_field_value.py", line 154, in _get_attr_schema_and_name
attr_schema = self._schema[key] # will raise error if key not exist
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_field_type.py", line 128, in __getitem__
raise AAZUnknownFieldError(self, key)
azure.cli.core.aaz.exceptions.AAZUnknownFieldError: "Model 'AAZArgumentsSchema' has no field named 'resource_group_name'"Hi @lgmorand, thanks for bringing this to my attention. I'm taking a look now.
lgmorand
commented
2 weeks ago @ABZhang0 I'm a MSFT if you need access to my env/logs/anything else which can help :)
ABZhang0
commented
1 week ago Hi @lgmorand, there's a new version (2.5.2) of the extension available. Can you please check if the new version fixes your issue?
lgmorand
commented
1 week ago looks way better. Thanks :)
az grafana createcommand creates a grafana instance, but fails with the following error: Grafana instance of 'mygrafana' was created. Now creating default role assignments for its managed identity, and current CLI account unless --principal-ids are provided The command failed with an unexpected error. Here is the traceback: No module named 'azure.mgmt.authorization.v2020_04_01_preview'Command Name
az grafana create Extension Name: amg. Version: 1.2.3.Errors:
To Reproduce:
Steps to reproduce the behavior. Note that argument values have been redacted, as they may contain sensitive information.
az grafana create --name {} --resource-group {} --location {}Expected Behavior
Grafana instance is created, and the system managed identity should also be created. In addition, this system managed identity should have a
monitoring data readerrole at the subscription level.Environment Summary
Additional Context