yonzhan
commented
1 year ago @jiasli for awareness
Open yuvalyaron opened 1 year ago
yonzhan
commented
1 year ago @jiasli for awareness
jiasli
commented
1 year ago @yuvalyaron, I personally can't agree. Azure Cloud Service's domain name can be queried from the resource itself:
For example, this is the JSON of the Cloud Service (classic) resource /subscriptions/0b1f6471-1bf0-4dda-aec3-cb9272f09590/resourcegroups/jiasli-rg/providers/Microsoft.ClassicCompute/domainNames/jlcs:
{
"properties": {
"provisioningState": "Succeeded",
"status": "Created",
"label": "jlcs",
"hostName": "jlcs.cloudapp.net" // Here is the domain name
},
"id": "/subscriptions/0b1f6471-1bf0-4dda-aec3-cb9272f09590/resourceGroups/jiasli-rg/providers/Microsoft.ClassicCompute/domainNames/jlcs",
"name": "jlcs",
"type": "Microsoft.ClassicCompute/domainNames",
"location": "centralus"
}So Azure Cloud Service's domain name shouldn't be constructed from a suffix.
Besides, the ARM metadata endpoint doesn't return a suffix for Azure Cloud Services:
https://management.azure.com/metadata/endpoints?api-version=2022-09-01
{
"portal": "https://portal.azure.com",
"authentication": {
"loginEndpoint": "https://login.microsoftonline.com",
"audiences": [
"https://management.core.windows.net/",
"https://management.azure.com/"
],
"tenant": "common",
"identityProvider": "AAD"
},
"media": "https://rest.media.azure.net",
"graphAudience": "https://graph.windows.net/",
"graph": "https://graph.windows.net/",
"name": "AzureCloud",
"suffixes": {
"azureDataLakeStoreFileSystem": "azuredatalakestore.net",
"acrLoginServer": "azurecr.io",
"sqlServerHostname": "database.windows.net",
"azureDataLakeAnalyticsCatalogAndJob": "azuredatalakeanalytics.net",
"keyVaultDns": "vault.azure.net",
"storage": "core.windows.net",
"azureFrontDoorEndpointSuffix": "azurefd.net",
"storageSyncEndpointSuffix": "afs.azure.net",
"mhsmDns": "managedhsm.azure.net",
"mysqlServerEndpoint": "mysql.database.azure.com",
"postgresqlServerEndpoint": "postgres.database.azure.com",
"mariadbServerEndpoint": "mariadb.database.azure.com",
"synapseAnalytics": "dev.azuresynapse.net",
"attestationEndpoint": "attest.azure.net"
},
"batch": "https://batch.core.windows.net/",
"resourceManager": "https://management.azure.com/",
"vmImageAliasDoc": "https://raw.githubusercontent.com/Azure/azure-rest-api-specs/master/arm-compute/quickstart-templates/aliases.json",
"activeDirectoryDataLake": "https://datalake.azure.net/",
"sqlManagement": "https://management.core.windows.net:8443/",
"microsoftGraphResourceId": "https://graph.microsoft.com/",
"appInsightsResourceId": "https://api.applicationinsights.io",
"appInsightsTelemetryChannelResourceId": "https://dc.applicationinsights.azure.com/v2/track",
"attestationResourceId": "https://attest.azure.net",
"synapseAnalyticsResourceId": "https://dev.azuresynapse.net",
"logAnalyticsResourceId": "https://api.loganalytics.io",
"ossrDbmsResourceId": "https://ossrdbms-aad.database.windows.net"
}So it is totally reasonable for az cloud show to not show the suffix for Azure Cloud Services.
jiasli
commented
1 year ago For Cloud Service (extended support), it is similar.
You can check the publicIPAddress property of the cloudServices resource /subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.Compute/cloudServices/xxx:
"publicIPAddress": {
"id": "/subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.Network/publicIPAddresses/xxx"
}The fqdn property of the publicIPAddresses resource /subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.Network/publicIPAddresses/xxx contains the domain name:
"fqdn": "xxx.eastasia.cloudapp.azure.com"
yuvalyaron
commented
1 year ago Thanks @jiasli, However, in our use case, we cannot query the resource because we construct the URL before creating the resource. The request here is to include the suffix in the metadata (if necessary for your implementation), is it possible to do so? Alternatively, is there another way to obtain the suffix for the cloud environment without relying on a created resource?
jiasli
commented
1 year ago Hi @yuvalyaron, let's follow up on this topic internally. I will contact ARM team and file a feature request to add Cloud Service suffix to metadata API: https://management.azure.com/metadata/endpoints?api-version=2022-09-01
Then Azure CLI will support it in az cloud show accordingly/automatically.
bganapa
commented
1 year ago @yuvalyaron by any chance are you referring to the classic Azure Cloud Services (https://learn.microsoft.com/en-us/azure/cloud-services/cloud-services-choose-me) ? This service is deprecated and i dont see any value in adding it now
yuvalyaron
commented
1 year ago @bganapa specifically, in my use case I need the FQDN that is generated when you create a public IP address: https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/public-ip-addresses#dns-name-label as you can see in this document, the suffix is ".cloudapp.azure.com" (for the public cloud).
however, I've noticed that this suffix is used by more services: Azure Cloud Services and Azure Virtual Machines Azure Service Fabric
The
az cloud showcommand is missing the suffix for Azure cloud servicesRelated command
az cloud showIs your feature request related to a problem? Please describe. The
az cloud showcommand does not provide the Azure cloud services endpoint, in my case I need it to access a Web App, but this suffix is used by other Azure services as well. This suffix is also referenced in this Microsoft Learn document which is used to compare the public cloud and US government cloud.Describe the solution you'd like
az cloud showshould provide the Azure Cloud Services suffix as part of its suffixesfor
AzureCloudthe command should return.cloudapp.azure.comforAzureUSGovernmentthe command should return.cloudapp.usgovcloudapi.netand so on...Example:
Describe alternatives you've considered Hardcoded mapping of the endpoints in my code