Azure / azure-cli

Azure Command-Line Interface
MIT License
4.03k stars 3k forks source link

Inconsistent default behaviour for VNet peering in portal and command line #26066

Open yamorish opened 1 year ago

yamorish commented 1 year ago

Related command az network vnet peering create

Is your feature request related to a problem? Please describe. Default behaviour of az cli to create VNet peering is block access for each VNet, while Azure Portal and Azure PowerShell allow access by default. We should have the same behaviour for default values in portal and command line. this is confusing and error prone.

Portal image

PowerShell (It allows access for each VNet) image https://learn.microsoft.com/en-us/powershell/module/az.network/add-azvirtualnetworkpeering?view=azps-9.6.0

Describe the solution you'd like Default value for parameter of --allow-vnet-access to be true.

Describe alternatives you've considered Introduce warning message when customer doesn't pass --allow-vnet-access parameter that VMs between each VNet can't connect each other without this parameter. https://learn.microsoft.com/en-us/cli/azure/network/vnet/peering?view=azure-cli-latest#az-network-vnet-peering-create

Additional context Updating these default values will be breaking changes and may affect existing codes. Then adding warning message might be more feasible workaround than changing default behaviour.

yonzhan commented 1 year ago

Thank you for opening this issue, we will look into it.