yonzhan
commented
11 months ago Thank you for opening this issue, we will look into it.
Open dbradish-microsoft opened 11 months ago
yonzhan
commented
11 months ago Thank you for opening this issue, we will look into it.
microsoft-github-policy-service[bot]
commented
11 months ago Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @Azure/azure-iot-cli-triage.
Describe the bug
It looks like we have quite a few iopen ssues on
az role, but I'm not seeing this one exactly.The issue is that
az role assignment listdoesn't return the roles for a service principal. Please provide an alternative parameter combination that can replace our current instructions in SP tutorial step 5.Related command
az role assignment list
Errors
Here is a screen print showing my steps with blank output.
Issue script & Debug output
az role assignment list --assignee 36aa54f2-01d1-4def-b4ae-3b32e10585fd --debug
cli.knack.cli: Command arguments: ['role', 'assignment', 'list', '--assignee', '36aa54f2-01d1-4def-b4ae-3b32e10585fd', '--debug'] cli.knack.cli: init debug log: Enable color in terminal. cli.knack.cli: Event: Cli.PreExecute [] cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x7f29551251f0>, <function OutputProducer.on_global_arguments at 0x7f295503fd30>, <function CLIQuery.on_global_arguments at 0x7f2954fd7310>] cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate [] cli.azure.cli.core: Modules found from index for 'role': ['azure.cli.command_modules.role'] cli.azure.cli.core: Loading command modules: cli.azure.cli.core: Name Load Time Groups Commands cli.azure.cli.core: role 0.007 17 61 cli.azure.cli.core: Total (1) 0.007 17 61 cli.azure.cli.core: Loading extensions: cli.azure.cli.core: Name Load Time Groups Commands Directory cli.azure.cli.core: ai-examples 0.157 1 1 /usr/lib/python3.9/site-packages/azure-cli-extensions/ai-examples cli.azure.cli.core: next 0.003 1 1 /home/delora/.azure/cliextensions/next cli.azure.cli.core: Total (2) 0.160 2 2.add_subscription_parameter at 0x7f29543ff040>]
cli.knack.commands: Configured default 'DevEx-Data-Analysis2' for arg resource_group_name
cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad []
cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument..add_ids_arguments at 0x7f29543ff310>, <function register_cache_arguments..add_cache_arguments at 0x7f295440fee0>]
cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded []
cli.knack.cli: Event: CommandInvoker.OnPreParseArgs []
cli.knack.cli: Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x7f295503fdc0>, <function CLIQuery.handle_query_parameter at 0x7f2954fd73a0>, <function register_ids_argument..parse_ids_arguments at 0x7f295440fe50>]
cli.azure.cli.core.commands.client_factory: Getting management service client client_type=AuthorizationManagementClient
urllib3.connectionpool: Starting new HTTP connection (1): localhost:50342
urllib3.connectionpool: http://localhost:50342 "POST /oauth2/token HTTP/1.1" 200 2353
msrestazure.azure_active_directory: MSI: Retrieving a token from http://localhost:50342/oauth2/token, with payload {'resource': 'https://management.core.windows.net/'}
cli.azure.cli.core.util: Retrieving token for resource https://graph.microsoft.com/
urllib3.connectionpool: Starting new HTTP connection (1): localhost:50342
urllib3.connectionpool: http://localhost:50342 "POST /oauth2/token HTTP/1.1" 200 2720
msrestazure.azure_active_directory: MSI: Retrieving a token from http://localhost:50342/oauth2/token, with payload {'resource': 'https://graph.microsoft.com/'}
cli.azure.cli.core.auth.adal_authentication: MSIAuthenticationWrapper.get_token: scopes=('https://graph.microsoft.com//.default',), kwargs={}
urllib3.connectionpool: Starting new HTTP connection (1): localhost:50342
urllib3.connectionpool: http://localhost:50342 "POST /oauth2/token HTTP/1.1" 200 2720
msrestazure.azure_active_directory: MSI: Retrieving a token from http://localhost:50342/oauth2/token, with payload {'resource': 'https://graph.microsoft.com/'}
cli.azure.cli.core.auth.adal_authentication: Normalize expires_on: '1696275649' -> 1696275649
cli.azure.cli.core.util: Request URL: 'https://graph.microsoft.com/v1.0/servicePrincipals?$filter=servicePrincipalNames%2Fany%28c%3Ac%20eq%20%2736aa54f2-01d1-4def-b4ae-3b32e10585fd%27%29'
cli.azure.cli.core.util: Request method: 'GET'
cli.azure.cli.core.util: Request headers:
cli.azure.cli.core.util: 'User-Agent': 'python/3.9.14 (Linux-5.10.102.2-microsoft-standard-x86_64-with-glibc2.35) AZURECLI/2.53.0 (RPM) cloud-shell/1.0'
cli.azure.cli.core.util: 'Accept-Encoding': 'gzip, deflate'
cli.azure.cli.core.util: 'Accept': '/'
cli.azure.cli.core.util: 'Connection': 'keep-alive'
cli.azure.cli.core.util: 'x-ms-client-request-id': '491e403c-16ab-4c77-a1b3-63a030cacca0'
cli.azure.cli.core.util: 'CommandName': 'role assignment list'
cli.azure.cli.core.util: 'ParameterSetName': '--assignee --debug'
cli.azure.cli.core.util: 'Authorization': 'Bearer eyJ0eXAiOiJKV...'
cli.azure.cli.core.util: Request body:
cli.azure.cli.core.util: None
urllib3.connectionpool: Starting new HTTPS connection (1): graph.microsoft.com:443
urllib3.connectionpool: https://graph.microsoft.com:443 "GET /v1.0/servicePrincipals?$filter=servicePrincipalNames%2Fany%28c%3Ac%20eq%20%2736aa54f2-01d1-4def-b4ae-3b32e10585fd%27%29 HTTP/1.1" 200 None
cli.azure.cli.core.util: Response status: 200
cli.azure.cli.core.util: Response headers:
cli.azure.cli.core.util: 'Cache-Control': 'no-cache'
cli.azure.cli.core.util: 'Transfer-Encoding': 'chunked'
cli.azure.cli.core.util: 'Content-Type': 'application/json;odata.metadata=minimal;odata.streaming=true;IEEE754Compatible=false;charset=utf-8'
cli.azure.cli.core.util: 'Content-Encoding': 'gzip'
cli.azure.cli.core.util: 'Vary': 'Accept-Encoding'
cli.azure.cli.core.util: 'Strict-Transport-Security': 'max-age=31536000'
cli.azure.cli.core.util: 'request-id': '1a1cab44-4c1d-46d8-922d-71fd084950be'
cli.azure.cli.core.util: 'client-request-id': '1a1cab44-4c1d-46d8-922d-71fd084950be'
cli.azure.cli.core.util: 'x-ms-ags-diagnostic': '{"ServerInfo":{"DataCenter":"East US","Slice":"E","Ring":"5","ScaleUnit":"003","RoleInstance":"BL6PEPF0001A526"}}'
cli.azure.cli.core.util: 'x-ms-resource-unit': '1'
cli.azure.cli.core.util: 'OData-Version': '4.0'
cli.azure.cli.core.util: 'Date': 'Mon, 02 Oct 2023 19:34:47 GMT'
cli.azure.cli.core.util: Response content:
cli.azure.cli.core.util: {"@odata.context":"https://graph.microsoft.com/v1.0/$metadata#servicePrincipals","value":[{"id":"8c9b3372-b541-45c6-aad2-121fe0b2dbcf","deletedDateTime":null,"accountEnabled":true,"alternativeNames":[],"appDisplayName":"spNameForMyApp","appDescription":null,"appId":"36aa54f2-01d1-4def-b4ae-3b32e10585fd","applicationTemplateId":null,"appOwnerOrganizationId":"72f988bf-86f1-41af-91ab-2d7cd011db47","appRoleAssignmentRequired":false,"createdDateTime":"2023-09-29T19:32:58Z","description":null,"disabledByMicrosoftStatus":null,"displayName":"spNameForMyApp","homepage":null,"loginUrl":null,"logoutUrl":null,"notes":null,"notificationEmailAddresses":[],"preferredSingleSignOnMode":null,"preferredTokenSigningKeyThumbprint":null,"replyUrls":[],"servicePrincipalNames":["36aa54f2-01d1-4def-b4ae-3b32e10585fd"],"servicePrincipalType":"Application","signInAudience":"AzureADandPersonalMicrosoftAccount","tags":[],"tokenEncryptionKeyId":null,"samlSingleSignOnSettings":null,"addIns":[],"appRoles":[],"info":{"logoUrl":null,"marketingUrl":null,"privacyStatementUrl":null,"supportUrl":null,"termsOfServiceUrl":null},"keyCredentials":[{"customKeyIdentifier":"106E0C6C6AD016E4F5DE188305FC6558950A5750","displayName":"CN=CLI-Login","endDateTime":"2024-09-29T21:29:22Z","key":null,"keyId":"6022c3bf-a616-4964-815f-ce28b02abd65","startDateTime":"2023-09-30T00:23:07Z","type":"AsymmetricX509Cert","usage":"Verify"},{"customKeyIdentifier":"EC7358C2C8466A409286E55617A4B816714F46FF","displayName":"CN=CLI-Login","endDateTime":"2024-09-30T00:19:07Z","key":null,"keyId":"d1c693d9-26a5-4039-b67b-8392ef9770c1","startDateTime":"2023-09-30T00:19:07Z","type":"AsymmetricX509Cert","usage":"Verify"}],"oauth2PermissionScopes":[],"passwordCredentials":[],"resourceSpecificApplicationPermissions":[],"verifiedPublisher":{"displayName":null,"verifiedPublisherId":null,"addedDateTime":null}}]}
cli.azure.cli.core.auth.adal_authentication: MSIAuthenticationWrapper.get_token: scopes=('https://management.core.windows.net//.default',), kwargs={}
urllib3.connectionpool: Starting new HTTP connection (1): localhost:50342
urllib3.connectionpool: http://localhost:50342 "POST /oauth2/token HTTP/1.1" 200 2353
msrestazure.azure_active_directory: MSI: Retrieving a token from http://localhost:50342/oauth2/token, with payload {'resource': 'https://management.core.windows.net/'}
cli.azure.cli.core.auth.adal_authentication: Normalize expires_on: '1696275601' -> 1696275601
cli.azure.cli.core.sdk.policies: Request URL: 'https://management.azure.com/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/resourceGroups/DevEx-Data-Analysis2/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01'
cli.azure.cli.core.sdk.policies: Request method: 'GET'
cli.azure.cli.core.sdk.policies: Request headers:
cli.azure.cli.core.sdk.policies: 'Accept': 'application/json'
cli.azure.cli.core.sdk.policies: 'x-ms-client-request-id': 'bf058780-615a-11ee-9c57-00155d4ae2ea'
cli.azure.cli.core.sdk.policies: 'CommandName': 'role assignment list'
cli.azure.cli.core.sdk.policies: 'ParameterSetName': '--assignee --debug'
cli.azure.cli.core.sdk.policies: 'User-Agent': 'AZURECLI/2.53.0 (RPM) azsdk-python-azure-mgmt-authorization/4.0.0 Python/3.9.14 (Linux-5.10.102.2-microsoft-standard-x86_64-with-glibc2.35) cloud-shell/1.0'
cli.azure.cli.core.sdk.policies: 'Authorization': '*****'
cli.azure.cli.core.sdk.policies: Request body:
cli.azure.cli.core.sdk.policies: This request has no body
urllib3.connectionpool: Starting new HTTPS connection (1): management.azure.com:443
urllib3.connectionpool: https://management.azure.com:443 "GET /subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/resourceGroups/DevEx-Data-Analysis2/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01 HTTP/1.1" 200 16318
cli.azure.cli.core.sdk.policies: Response status: 200
cli.azure.cli.core.sdk.policies: Response headers:
cli.azure.cli.core.sdk.policies: 'Cache-Control': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Pragma': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Content-Length': '16318'
cli.azure.cli.core.sdk.policies: 'Content-Type': 'application/json; charset=utf-8'
cli.azure.cli.core.sdk.policies: 'Expires': '-1'
cli.azure.cli.core.sdk.policies: 'x-ms-request-id': 'c5c3f03e-c922-4daa-a6c3-32fb22d11ce5'
cli.azure.cli.core.sdk.policies: 'X-Content-Type-Options': 'nosniff'
cli.azure.cli.core.sdk.policies: 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
cli.azure.cli.core.sdk.policies: 'Set-Cookie': 'x-ms-gateway-slice=Production; path=/; secure; samesite=none; httponly'
cli.azure.cli.core.sdk.policies: 'x-ms-ratelimit-remaining-subscription-reads': '11995'
cli.azure.cli.core.sdk.policies: 'x-ms-correlation-request-id': '3dc71ad0-1c66-42b8-8855-33fdf48a9b1f'
cli.azure.cli.core.sdk.policies: 'x-ms-routing-request-id': 'EASTUS:20231002T193448Z:3dc71ad0-1c66-42b8-8855-33fdf48a9b1f'
cli.azure.cli.core.sdk.policies: 'Date': 'Mon, 02 Oct 2023 19:34:47 GMT'
cli.azure.cli.core.sdk.policies: Response content:
cli.azure.cli.core.sdk.policies: {"value":[{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/9b0f576e-fc2e-4256-9aa3-6fede171d599","principalId":"5c445532-1499-448e-970c-bda7db1e1f15","principalType":"ServicePrincipal","scope":"/","condition":null,"conditionVersion":null,"createdOn":"2023-07-13T16:20:06.8829118Z","updatedOn":"2023-07-13T16:20:06.8829118Z","createdBy":null,"updatedBy":null,"delegatedManagedIdentityResourceId":null,"description":"Allow AccessMonitorReader to read access details for compliance purpose"},"id":"/providers/Microsoft.Authorization/roleAssignments/fb6b898e-5323-404d-a8af-da5aafc3ecc0","type":"Microsoft.Authorization/roleAssignments","name":"fb6b898e-5323-404d-a8af-da5aafc3ecc0"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/9b0f576e-fc2e-4256-9aa3-6fede171d599","principalId":"612cdbb4-6edd-4998-aae9-129cdba53a9a","principalType":"ServicePrincipal","scope":"/","condition":null,"conditionVersion":null,"createdOn":"2023-07-19T22:13:56.3482970Z","updatedOn":"2023-07-19T22:13:56.3482970Z","createdBy":null,"updatedBy":null,"delegatedManagedIdentityResourceId":null,"description":"Allow AccessMonitorReader to read access details for compliance purpose"},"id":"/providers/Microsoft.Authorization/roleAssignments/3cdb16ce-2290-4f5f-bcab-5b07a458405f","type":"Microsoft.Authorization/roleAssignments","name":"3cdb16ce-2290-4f5f-bcab-5b07a458405f"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/9b0f576e-fc2e-4256-9aa3-6fede171d599","principalId":"a1cd43c2-c713-4af4-b885-50540e2c595f","principalType":"ServicePrincipal","scope":"/","condition":null,"conditionVersion":null,"createdOn":"2023-07-19T22:18:24.6119781Z","updatedOn":"2023-07-19T22:18:24.6119781Z","createdBy":null,"updatedBy":null,"delegatedManagedIdentityResourceId":null,"description":"Allow AccessMonitorReader to read access details for compliance purpose"},"id":"/providers/Microsoft.Authorization/roleAssignments/125160dd-5630-45b1-8260-4e5469d3e7b6","type":"Microsoft.Authorization/roleAssignments","name":"125160dd-5630-45b1-8260-4e5469d3e7b6"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635","principalId":"983f804a-f989-414b-961c-ace021b668b9","principalType":"User","scope":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1","condition":null,"conditionVersion":null,"createdOn":"2020-03-11T21:29:02.4908860Z","updatedOn":"2020-03-11T21:29:02.4908860Z","createdBy":"","updatedBy":"","delegatedManagedIdentityResourceId":null,"description":null},"id":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleAssignments/15871b7a-2c36-4d7b-acca-962bb8f2a4dc","type":"Microsoft.Authorization/roleAssignments","name":"15871b7a-2c36-4d7b-acca-962bb8f2a4dc"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c","principalId":"fb4d3248-867a-4802-b51b-2108697ad066","principalType":"ServicePrincipal","scope":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1","condition":null,"conditionVersion":null,"createdOn":"2022-02-23T21:45:48.5880616Z","updatedOn":"2022-02-23T21:45:48.5880616Z","createdBy":"983f804a-f989-414b-961c-ace021b668b9","updatedBy":"983f804a-f989-414b-961c-ace021b668b9","delegatedManagedIdentityResourceId":null,"description":null},"id":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleAssignments/5832e172-0daf-49ae-969b-4303e7888c5d","type":"Microsoft.Authorization/roleAssignments","name":"5832e172-0daf-49ae-969b-4303e7888c5d"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c","principalId":"8c9b3372-b541-45c6-aad2-121fe0b2dbcf","principalType":"ServicePrincipal","scope":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1","condition":null,"conditionVersion":null,"createdOn":"2023-10-02T17:40:30.0256099Z","updatedOn":"2023-10-02T17:40:30.0256099Z","createdBy":"983f804a-f989-414b-961c-ace021b668b9","updatedBy":"983f804a-f989-414b-961c-ace021b668b9","delegatedManagedIdentityResourceId":null,"description":null},"id":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleAssignments/a109fe67-ff23-4801-88af-49e3705b4d01","type":"Microsoft.Authorization/roleAssignments","name":"a109fe67-ff23-4801-88af-49e3705b4d01"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/fb1c8493-542b-48eb-b624-b4c8fea62acd","principalId":"f113c530-a6fe-4fe1-9e9a-46c715d722eb","principalType":"ServicePrincipal","scope":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b","condition":null,"conditionVersion":null,"createdOn":"2023-06-06T20:48:11.0181251Z","updatedOn":"2023-06-06T20:48:11.0181251Z","createdBy":"f7605050-d5b3-445f-b830-9776cae2d457","updatedBy":"f7605050-d5b3-445f-b830-9776cae2d457","delegatedManagedIdentityResourceId":null,"description":null},"id":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b/providers/Microsoft.Authorization/roleAssignments/d0a03d7a-9c23-4371-9144-064aa22d300f","type":"Microsoft.Authorization/roleAssignments","name":"d0a03d7a-9c23-4371-9144-064aa22d300f"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c","principalId":"eecef59f-a2dc-4554-b275-01b872bca380","principalType":"ServicePrincipal","scope":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b","condition":null,"conditionVersion":null,"createdOn":"2023-06-06T21:12:16.6138108Z","updatedOn":"2023-06-06T21:12:16.6138108Z","createdBy":"f7605050-d5b3-445f-b830-9776cae2d457","updatedBy":"f7605050-d5b3-445f-b830-9776cae2d457","delegatedManagedIdentityResourceId":null,"description":"Query ServiceTree data and replicate it in the Azure Management Group tree. \n"},"id":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b/providers/Microsoft.Authorization/roleAssignments/42300a6f-c873-4b70-96d6-97b7f8bb505d","type":"Microsoft.Authorization/roleAssignments","name":"42300a6f-c873-4b70-96d6-97b7f8bb505d"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/18d7d88d-d35e-4fb5-a5c3-7773c20a72d9","principalId":"eecef59f-a2dc-4554-b275-01b872bca380","principalType":"ServicePrincipal","scope":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b","condition":null,"conditionVersion":null,"createdOn":"2023-08-01T19:03:32.4988084Z","updatedOn":"2023-08-01T19:03:32.4988084Z","createdBy":"f7605050-d5b3-445f-b830-9776cae2d457","updatedBy":"f7605050-d5b3-445f-b830-9776cae2d457","delegatedManagedIdentityResourceId":null,"description":null},"id":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b/providers/Microsoft.Authorization/roleAssignments/b54b5e3a-5cd0-46ef-b13e-697c93dfb389","type":"Microsoft.Authorization/roleAssignments","name":"b54b5e3a-5cd0-46ef-b13e-697c93dfb389"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635","principalId":"1416b86a-0d38-42a9-82b2-d6b2cf17954d","principalType":"ServicePrincipal","scope":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b","condition":null,"conditionVersion":null,"createdOn":"2023-08-24T18:59:30.3665509Z","updatedOn":"2023-08-24T18:59:30.3665509Z","createdBy":"f7605050-d5b3-445f-b830-9776cae2d457","updatedBy":"f7605050-d5b3-445f-b830-9776cae2d457","delegatedManagedIdentityResourceId":null,"description":"Adding Owner Access to move subs out of the Default MG to respective MG's"},"id":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b/providers/Microsoft.Authorization/roleAssignments/14ff932f-81f7-41bd-8d16-e7d840cbcdb5","type":"Microsoft.Authorization/roleAssignments","name":"14ff932f-81f7-41bd-8d16-e7d840cbcdb5"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635","principalId":"d5f68f99-e07e-4453-add5-cebdba7b3c92","principalType":"ServicePrincipal","scope":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b","condition":null,"conditionVersion":null,"createdOn":"2023-08-24T18:59:30.4395981Z","updatedOn":"2023-08-24T18:59:30.4395981Z","createdBy":"f7605050-d5b3-445f-b830-9776cae2d457","updatedBy":"f7605050-d5b3-445f-b830-9776cae2d457","delegatedManagedIdentityResourceId":null,"description":"Adding Owner Access to move subs out of the Default MG to respective MG's"},"id":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b/providers/Microsoft.Authorization/roleAssignments/05246ecc-4dba-4214-8b30-1808dd857b48","type":"Microsoft.Authorization/roleAssignments","name":"05246ecc-4dba-4214-8b30-1808dd857b48"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635","principalId":"1957ba27-388e-4e3b-a797-fd4f8cd49282","principalType":"ServicePrincipal","scope":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b","condition":null,"conditionVersion":null,"createdOn":"2023-08-24T18:59:31.0813922Z","updatedOn":"2023-08-24T18:59:31.0813922Z","createdBy":"f7605050-d5b3-445f-b830-9776cae2d457","updatedBy":"f7605050-d5b3-445f-b830-9776cae2d457","delegatedManagedIdentityResourceId":null,"description":"Adding Owner Access to move subs out of the Default MG to respective MG's"},"id":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b/providers/Microsoft.Authorization/roleAssignments/9d72763e-e7b8-4fd8-84b5-fd5ffd423a80","type":"Microsoft.Authorization/roleAssignments","name":"9d72763e-e7b8-4fd8-84b5-fd5ffd423a80"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635","principalId":"1f75b9dd-4f1d-4e80-9521-321a8b1f5764","principalType":"ServicePrincipal","scope":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b","condition":null,"conditionVersion":null,"createdOn":"2023-08-24T18:59:30.4277317Z","updatedOn":"2023-08-24T18:59:30.4277317Z","createdBy":"f7605050-d5b3-445f-b830-9776cae2d457","updatedBy":"f7605050-d5b3-445f-b830-9776cae2d457","delegatedManagedIdentityResourceId":null,"description":"Adding Owner Access to move subs out of the Default MG to respective MG's"},"id":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b/providers/Microsoft.Authorization/roleAssignments/8fa05afd-e8cd-4f6a-a0b8-f9e3749b78c8","type":"Microsoft.Authorization/roleAssignments","name":"8fa05afd-e8cd-4f6a-a0b8-f9e3749b78c8"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635","principalId":"79235a60-9d18-4d7c-9454-5466687b3ecf","principalType":"ServicePrincipal","scope":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b","condition":null,"conditionVersion":null,"createdOn":"2023-08-24T18:59:30.4437807Z","updatedOn":"2023-08-24T18:59:30.4437807Z","createdBy":"f7605050-d5b3-445f-b830-9776cae2d457","updatedBy":"f7605050-d5b3-445f-b830-9776cae2d457","delegatedManagedIdentityResourceId":null,"description":"Adding Owner Access to move subs out of the Default MG to respective MG's"},"id":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b/providers/Microsoft.Authorization/roleAssignments/576c14be-2ed2-48b8-8d32-9db208c7dd1f","type":"Microsoft.Authorization/roleAssignments","name":"576c14be-2ed2-48b8-8d32-9db208c7dd1f"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635","principalId":"e20027f9-b6d1-464c-8715-552616132f35","principalType":"ServicePrincipal","scope":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b","condition":null,"conditionVersion":null,"createdOn":"2023-09-07T19:47:03.0369644Z","updatedOn":"2023-09-07T19:47:03.0369644Z","createdBy":"f7605050-d5b3-445f-b830-9776cae2d457","updatedBy":"f7605050-d5b3-445f-b830-9776cae2d457","delegatedManagedIdentityResourceId":null,"description":null},"id":"/providers/Microsoft.Management/managementGroups/062bf9fa-9fa9-463d-958c-b81ad162452b/providers/Microsoft.Authorization/roleAssignments/7e3238f9-4396-46c7-858b-0fe8949540bc","type":"Microsoft.Authorization/roleAssignments","name":"7e3238f9-4396-46c7-858b-0fe8949540bc"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7","principalId":"ce2366a6-64d7-441b-939c-c9d23f91cccd","principalType":"ServicePrincipal","scope":"/providers/Microsoft.Management/managementGroups/72f988bf-86f1-41af-91ab-2d7cd011db47","condition":null,"conditionVersion":null,"createdOn":"2020-03-12T20:43:06.5941189Z","updatedOn":"2020-03-12T20:43:06.5941189Z","createdBy":"606f48c8-d219-4875-991d-ae6befaf0756","updatedBy":"606f48c8-d219-4875-991d-ae6befaf0756","delegatedManagedIdentityResourceId":null,"description":null},"id":"/providers/Microsoft.Management/managementGroups/72f988bf-86f1-41af-91ab-2d7cd011db47/providers/Microsoft.Authorization/roleAssignments/ad9e2cd7-0ff7-4931-9b17-656c8f17934b","type":"Microsoft.Authorization/roleAssignments","name":"ad9e2cd7-0ff7-4931-9b17-656c8f17934b"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/18d7d88d-d35e-4fb5-a5c3-7773c20a72d9","principalId":"1c8b3602-77a2-4e8a-8c1e-f127f2af5ca2","principalType":"ServicePrincipal","scope":"/providers/Microsoft.Management/managementGroups/72f988bf-86f1-41af-91ab-2d7cd011db47","condition":null,"conditionVersion":null,"createdOn":"2023-02-21T22:32:46.2324804Z","updatedOn":"2023-02-21T22:32:46.2324804Z","createdBy":"7f1579a6-c648-43a1-ac1e-0c3020dd9b8e","updatedBy":"7f1579a6-c648-43a1-ac1e-0c3020dd9b8e","delegatedManagedIdentityResourceId":null,"description":null},"id":"/providers/Microsoft.Management/managementGroups/72f988bf-86f1-41af-91ab-2d7cd011db47/providers/Microsoft.Authorization/roleAssignments/df7c1e07-5c2d-4b22-b7b9-fd11a8569db3","type":"Microsoft.Authorization/roleAssignments","name":"df7c1e07-5c2d-4b22-b7b9-fd11a8569db3"},{"properties":{"roleDefinitionId":"/subscriptions/896e1936-a2ce-4761-9c66-5e3cec0bbba1/providers/Microsoft.Authorization/roleDefinitions/de139f84-1756-47ae-9be6-808fbbe84772","principalId":"2dd1ea73-4024-489e-83a4-45cb3e962f69","principalType":"ServicePrincipal","scope":"/providers/Microsoft.Management/managementGroups/72f988bf-86f1-41af-91ab-2d7cd011db47","condition":null,"conditionVersion":null,"createdOn":"2023-05-04T20:23:16.3808369Z","updatedOn":"2023-05-04T20:23:16.3808369Z","createdBy":"fa00c2de-57d5-4527-9254-4d513f482d0a","updatedBy":"fa00c2de-57d5-4527-9254-4d513f482d0a","delegatedManagedIdentityResourceId":null,"description":null},"id":"/providers/Microsoft.Management/managementGroups/72f988bf-86f1-41af-91ab-2d7cd011db47/providers/Microsoft.Authorization/roleAssignments/59109645-7b2b-4278-831a-2e4627ec603d","type":"Microsoft.Authorization/roleAssignments","name":"59109645-7b2b-4278-831a-2e4627ec603d"}]}
cli.knack.cli: Event: CommandInvoker.OnTransformResult [<function _resource_group_transform at 0x7f2954447310>, <function _x509_from_base64_to_hex_transform at 0x7f29544473a0>]
cli.knack.cli: Event: CommandInvoker.OnFilterResult []
[]
cli.knack.cli: Event: Cli.SuccessfulExecute []
cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x7f295447e670>]
az_command_data_logger: exit code: 0
cli.main: Command ran in 0.963 seconds (init: 0.180, invoke: 0.783)
telemetry.main: Begin splitting cli events and extra events, total events: 1
telemetry.client: Accumulated 0 events. Flush the clients.
telemetry.main: Finish splitting cli events and extra events, cli events: 1
telemetry.save: Save telemetry record of length 3416 in cache
telemetry.main: Begin creating telemetry upload process.
telemetry.process: Creating upload process: "/usr/bin/python3.9 /usr/lib/az/lib/python3.9/site-packages/azure/cli/telemetry/init.py /home/delora/.azure"
telemetry.process: Return from creating process
telemetry.main: Finish creating telemetry upload process.
cli.azure.cli.core: Loaded 19 groups, 63 commands. cli.azure.cli.core: Found a match in the command table. cli.azure.cli.core: Raw command : role assignment list cli.azure.cli.core: Command table: role assignment list cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x7f295447e430>] cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to '/home/delora/.azure/commands/2023-10-02.19-34-47.role_assignment_list.1975.log'. az_command_data_logger: command args: role assignment list --assignee {} --debug cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument.
Expected behavior
The customer expects a list of roles for the provided service principal
Environment Summary
Azure Cloud Shell with extensions ...
$ az version { "azure-cli": "2.53.0", "azure-cli-core": "2.53.0", "azure-cli-telemetry": "1.1.0", "extensions": { "account": "0.2.1", "ai-examples": "0.2.5", "alias": "0.5.2", "application-insights": "0.1.9", "arcdata": "1.4.10", "attestation": "0.2.0", "azure-devops": "0.18.0", "azure-iot": "0.10.10", "blueprint": "0.2.1", "command-change": "1.0.0b1", "connectedmachine": "0.3.0", "containerapp": "0.3.28", "datashare": "0.1.1", "deploy-to-azure": "0.2.0", "functionapp": "0.1.1", "fzf": "1.0.2", "hardware-security-modules": "0.1.0", "init": "0.1.0", "kusto": "0.3.0", "ml": "2.20.0", "next": "0.1.3", "partnercenter": "0.2.3", "portal": "0.1.1", "resource-graph": "2.1.0", "scenario-guide": "0.1.1", "spring-cloud": "2.3.0", "ssh": "2.0.1", "virtual-wan": "0.2.4" } }
Additional context
No response