search

Azure / azure-cli

Azure Command-Line Interface
MIT License
4.01k stars 2.99k forks source link

az network private-endpoint-connection list fails to return Key Vault name attribute for private endpoint #28256

Open blackc0at-3cloud opened 9 months ago

blackc0at-3cloud commented 9 months ago

Describe the bug

The name attribute is not returned in the JSON payload much like it is with Storage Accounts or other Azure resources.

azure-cli version 2.56.0

The JSON payload looks like the following:

[
  {
    "id": "/subscriptions/mySubscriptionID/resourceGroups/myResourceGroupName/providers/Microsoft.KeyVault/vaults/myKeyVaultName/privateEndpointConnections/myKeyVaultPrivateEndpointName",
    "properties": {
      "privateEndpoint": {
        "id": "/subscriptions/mySubscriptionID/resourceGroups/myResourceGroupName/providers/Microsoft.Network/privateEndpoints/myKeyVaultPrivateEndpointName",
        "resourceGroup": "myResourceGroupName"
      },
      "privateLinkServiceConnectionState": {
        "actionsRequired": "None",
        "status": "Approved"
      },
      "provisioningState": "Succeeded"
    },
    "resourceGroup": "myResourceGroupName"
  }
]

Related command

az network private-endpoint-connection list -g "ResourceGroupName" -n "KeyVaultName" --type Microsoft.KeyVault/vaults

Errors

There is no error returned, but the name attribute is not returned in the JSON payload much like it is with Storage Accounts or other Azure resources.

Issue script & Debug output

N/A

Expected behavior

The JSON should return the name attributes of all private endpoints for that queried resource.

Environment Summary

az --version azure-cli 2.56.0

core 2.56.0 telemetry 1.1.0

Dependencies: msal 1.24.0b2 azure-mgmt-resource 23.1.0b2

Additional context

:confused:

yonzhan commented 9 months ago

Thank you for opening this issue, we will look into it.

necusjz commented 9 months ago

@blackc0at-3cloud could you please provide the whole debugging log with --debug?

blackc0at-3cloud commented 9 months ago

@necusjz sure thing, the whole debugging log:

JZ1qjWP4seF5xUhoW1zCoxYFj1pUI1G0@bclpdadovml01:~$ az network private-endpoint-connection list -g "bclp-d-eaus-data_hub-rg-01" -n "bclpdeausdatahubkv01" --type Microsoft.KeyVault/vaults --debug
cli.knack.cli: Command arguments: ['network', 'private-endpoint-connection', 'list', '-g', 'bclp-d-eaus-data_hub-rg-01', '-n', 'bclpdeausdatahubkv01', '--type', 'Microsoft.KeyVault/vaults', '--debug']
cli.knack.cli: __init__ debug log:
Enable color in terminal.
cli.knack.cli: Event: Cli.PreExecute []
cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x7f969f9193a0>, <function OutputProducer.on_global_arguments at 0x7f969f8b9da0>, <function CLIQuery.on_global_arguments at 0x7f969f8f3880>]
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate []
cli.azure.cli.core: Modules found from index for 'network': ['azure.cli.command_modules.network', 'azure.cli.command_modules.privatedns']
cli.azure.cli.core: Loading command modules:
cli.azure.cli.core: Name                  Load Time    Groups  Commands
cli.azure.cli.core: network                   0.672       114       354
cli.azure.cli.core: privatedns                0.017        14        60
cli.azure.cli.core: Total (2)                 0.689       128       414
cli.azure.cli.core: Loaded 127 groups, 414 commands.
cli.azure.cli.core: Found a match in the command table.
cli.azure.cli.core: Raw command  : network private-endpoint-connection list
cli.azure.cli.core: Command table: network private-endpoint-connection list
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x7f969ea7cf40>]
cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to '/home/JZ1qjWP4seF5xUhoW1zCoxYFj1pUI1G0/.azure/commands/2024-01-29.13-07-35.network_private-endpoint-connection_list.22852.log'.
az_command_data_logger: command args: network private-endpoint-connection list -g {} -n {} --type {} --debug
cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument.<locals>.add_subscription_parameter at 0x7f969e83b420>]
cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad []
cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument.<locals>.add_ids_arguments at 0x7f969e899120>, <function register_cache_arguments.<locals>.add_cache_arguments at 0x7f969e899260>]
cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded []
cli.knack.cli: Event: CommandInvoker.OnPreParseArgs []
cli.knack.cli: Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x7f969f8b9e40>, <function CLIQuery.handle_query_parameter at 0x7f969f8f3920>, <function register_ids_argument.<locals>.parse_ids_arguments at 0x7f969e8991c0>]
cli.azure.cli.command_modules.network._validators: Resource ID will be ignored since other three arguments have been provided.
cli.azure.cli.core.util: Found subscription ID af8cff68-2e9e-4464-a71b-e4245d263d2b in the URL https://management.azure.com/subscriptions/af8cff68-2e9e-4464-a71b-e4245d263d2b/resourceGroups/bclp-d-eaus-data_hub-rg-01/providers/Microsoft.Keyvault/vaults/bclpdeausdatahubkv01?api-version=2019-09-01
cli.azure.cli.core.util: Retrieving token for resource https://management.core.windows.net/, subscription af8cff68-2e9e-4464-a71b-e4245d263d2b
cli.azure.cli.core.auth.persistence: build_persistence: location='/home/JZ1qjWP4seF5xUhoW1zCoxYFj1pUI1G0/.azure/service_principal_entries.json', encrypt=False
cli.azure.cli.core.auth.persistence: build_persistence: location='/home/JZ1qjWP4seF5xUhoW1zCoxYFj1pUI1G0/.azure/msal_token_cache.json', encrypt=False
cli.azure.cli.core.auth.binary_cache: load: /home/JZ1qjWP4seF5xUhoW1zCoxYFj1pUI1G0/.azure/msal_http_cache.bin
urllib3.util.retry: Converted retries value: 1 -> Retry(total=1, connect=None, read=None, redirect=None, status=None)
msal.authority: openid_config = {'token_endpoint': 'https://login.microsoftonline.com/f4dcdb22-a4c7-4f4c-a390-1954365b828c/oauth2/v2.0/token', 'token_endpoint_auth_methods_supported': ['client_secret_post', 'private_key_jwt', 'client_secret_basic'], 'jwks_uri': 'https://login.microsoftonline.com/f4dcdb22-a4c7-4f4c-a39
0-1954365b828c/discovery/v2.0/keys', 'response_modes_supported': ['query', 'fragment', 'form_post'], 'subject_types_supported': ['pairwise'], 'id_token_signing_alg_values_supported': ['RS256'], 'response_types_supported': ['code', 'id_token', 'code id_token', 'id_token token'], 'scopes_supported': ['openid', 'profile'
, 'email', 'offline_access'], 'issuer': 'https://login.microsoftonline.com/f4dcdb22-a4c7-4f4c-a390-1954365b828c/v2.0', 'request_uri_parameter_supported': False, 'userinfo_endpoint': 'https://graph.microsoft.com/oidc/userinfo', 'authorization_endpoint': 'https://login.microsoftonline.com/f4dcdb22-a4c7-4f4c-a390-1954365
b828c/oauth2/v2.0/authorize', 'device_authorization_endpoint': 'https://login.microsoftonline.com/f4dcdb22-a4c7-4f4c-a390-1954365b828c/oauth2/v2.0/devicecode', 'http_logout_supported': True, 'frontchannel_logout_supported': True, 'end_session_endpoint': 'https://login.microsoftonline.com/f4dcdb22-a4c7-4f4c-a390-195436
5b828c/oauth2/v2.0/logout', 'claims_supported': ['sub', 'iss', 'cloud_instance_name', 'cloud_instance_host_name', 'cloud_graph_host_name', 'msgraph_host', 'aud', 'exp', 'iat', 'auth_time', 'acr', 'nonce', 'preferred_username', 'name', 'tid', 'ver', 'at_hash', 'c_hash', 'email'], 'kerberos_endpoint': 'https://login.mic
rosoftonline.com/f4dcdb22-a4c7-4f4c-a390-1954365b828c/kerberos', 'tenant_region_scope': 'NA', 'cloud_instance_name': 'microsoftonline.com', 'cloud_graph_host_name': 'graph.windows.net', 'msgraph_host': 'graph.microsoft.com', 'rbac_url': 'https://pas.windows.net'}
msal.application: Broker enabled? False
msal.application: Region to be used: None
cli.azure.cli.core.auth.msal_authentication: ServicePrincipalCredential.get_token: scopes=('https://management.core.windows.net//.default',), kwargs={}
msal.application: Cache hit an AT
msal.telemetry: Generate or reuse correlation_id: 92544b9a-d3af-4d71-8056-671a82ae6140
cli.azure.cli.core.util: Request URL: 'https://management.azure.com/subscriptions/af8cff68-2e9e-4464-a71b-e4245d263d2b/resourceGroups/bclp-d-eaus-data_hub-rg-01/providers/Microsoft.Keyvault/vaults/bclpdeausdatahubkv01?api-version=2019-09-01'
cli.azure.cli.core.util: Request method: 'GET'
cli.azure.cli.core.util: Request headers:
cli.azure.cli.core.util:     'User-Agent': 'python/3.11.5 (Linux-6.2.0-1019-azure-x86_64-with-glibc2.35) AZURECLI/2.56.0 (DEB)'
cli.azure.cli.core.util:     'Accept-Encoding': 'gzip, deflate'
cli.azure.cli.core.util:     'Accept': '*/*'
cli.azure.cli.core.util:     'Connection': 'keep-alive'
cli.azure.cli.core.util:     'x-ms-client-request-id': 'ff459a04-e912-4323-9ea6-22f6d0318e1b'
cli.azure.cli.core.util:     'CommandName': 'network private-endpoint-connection list'
cli.azure.cli.core.util:     'ParameterSetName': '-g -n --type --debug'
cli.azure.cli.core.util:     'Authorization': 'Bearer eyJ0eXAiOiJKV...'
cli.azure.cli.core.util: Request body:
cli.azure.cli.core.util: None
urllib3.connectionpool: Starting new HTTPS connection (1): management.azure.com:443
urllib3.connectionpool: https://management.azure.com:443 "GET /subscriptions/af8cff68-2e9e-4464-a71b-e4245d263d2b/resourceGroups/bclp-d-eaus-data_hub-rg-01/providers/Microsoft.Keyvault/vaults/bclpdeausdatahubkv01?api-version=2019-09-01 HTTP/1.1" 200 3352
cli.azure.cli.core.util: Response status: 200
cli.azure.cli.core.util: Response headers:
cli.azure.cli.core.util:     'Cache-Control': 'no-cache'
cli.azure.cli.core.util:     'Pragma': 'no-cache'
cli.azure.cli.core.util:     'Content-Length': '3352'
cli.azure.cli.core.util:     'Content-Type': 'application/json; charset=utf-8'
cli.azure.cli.core.util:     'Expires': '-1'
cli.azure.cli.core.util:     'x-ms-client-request-id': 'ff459a04-e912-4323-9ea6-22f6d0318e1b'
cli.azure.cli.core.util:     'x-ms-keyvault-service-version': '1.5.1051.0'
cli.azure.cli.core.util:     'x-ms-request-id': '1f4160a0-9768-4716-80fa-af1dffcc0bb6'
cli.azure.cli.core.util:     'X-Content-Type-Options': 'nosniff'
cli.azure.cli.core.util:     'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
cli.azure.cli.core.util:     'Server': 'Microsoft-IIS/10.0'
cli.azure.cli.core.util:     'X-AspNet-Version': '4.0.30319'
cli.azure.cli.core.util:     'x-ms-ratelimit-remaining-subscription-reads': '11999'
cli.azure.cli.core.util:     'x-ms-correlation-request-id': '785dbd73-f54f-41aa-8b1d-c32ca465dac1'
cli.azure.cli.core.util:     'x-ms-routing-request-id': 'EASTUS:20240129T130736Z:785dbd73-f54f-41aa-8b1d-c32ca465dac1'
cli.azure.cli.core.util:     'Date': 'Mon, 29 Jan 2024 13:07:35 GMT'
cli.azure.cli.core.util: Response content:
cli.azure.cli.core.util: {"id":"/subscriptions/af8cff68-2e9e-4464-a71b-e4245d263d2b/resourceGroups/bclp-d-eaus-data_hub-rg-01/providers/Microsoft.KeyVault/vaults/bclpdeausdatahubkv01","name":"bclpdeausdatahubkv01","type":"Microsoft.KeyVault/vaults","location":"eastus","tags":{"ApplicationName":"BCLP","CostCenter":"000
0","CreatedBy":"BCLP-IaC","CreatedOn":"2024.01.23","Criticality":"High","DataClassification":"Proprietary","Email":"infra_iac@baxter.com","Environment":"Dev","Owner":"DevOps"},"properties":{"sku":{"family":"A","name":"standard"},"tenantId":"f4dcdb22-a4c7-4f4c-a390-1954365b828c","networkAcls":{"bypass":"AzureServices",
"defaultAction":"Deny","ipRules":[],"virtualNetworkRules":[]},"privateEndpointConnections":[{"id":"/subscriptions/af8cff68-2e9e-4464-a71b-e4245d263d2b/resourceGroups/bclp-d-eaus-data_hub-rg-01/providers/Microsoft.KeyVault/vaults/bclpdeausdatahubkv01/privateEndpointConnections/bclp-d-eaus-psc-bclpdeausdatahubkv01-01","
properties":{"provisioningState":"Succeeded","privateEndpoint":{"id":"/subscriptions/af8cff68-2e9e-4464-a71b-e4245d263d2b/resourceGroups/bclp-d-eaus-data_hub-rg-01/providers/Microsoft.Network/privateEndpoints/bclp-d-eaus-pep-bclpdeausdatahubkv01-01"},"privateLinkServiceConnectionState":{"status":"Approved","actionsReq
uired":"None"}}},{"id":"/subscriptions/af8cff68-2e9e-4464-a71b-e4245d263d2b/resourceGroups/bclp-d-eaus-data_hub-rg-01/providers/Microsoft.KeyVault/vaults/bclpdeausdatahubkv01/privateEndpointConnections/bclp-d-eaus-customer01-adf-01.adf-managed-for-bclpdeausdatahubkv01-pep-conn","etag":"40a98bc66f1e47bc8b3ef62f8a124107
","properties":{"provisioningState":"Succeeded","privateEndpoint":{"id":"/subscriptions/49999843-960d-4eb0-b48c-e29f0ddc0cf7/resourceGroups/vnet-49999843-eastus-148-rg/providers/Microsoft.Network/privateEndpoints/bclp-d-eaus-customer01-adf-01.adf-managed-for-bclpdeausdatahubkv01-pep"},"privateLinkServiceConnectionStat
e":{"status":"Approved","description":"Approved manually.","actionsRequired":"None"}}}],"accessPolicies":[{"tenantId":"f4dcdb22-a4c7-4f4c-a390-1954365b828c","objectId":"e3790978-8b8c-4bc0-ac1c-65f24718f0a3","permissions":{"certificates":["Backup","Create","Delete","DeleteIssuers","Get","GetIssuers","Import","List","Li
stIssuers","ManageContacts","ManageIssuers","Purge","Recover","Restore","SetIssuers","Update"],"keys":["Backup","Create","Decrypt","Delete","Encrypt","Get","Import","List","Purge","Recover","Restore","Sign","UnwrapKey","Update","Verify","WrapKey","Release","Rotate","GetRotationPolicy","SetRotationPolicy"],"secrets":["
Backup","Delete","Get","List","Purge","Recover","Restore","Set"],"storage":["Backup","Delete","DeleteSAS","Get","GetSAS","List","ListSAS","Purge","Recover","RegenerateKey","Restore","Set","SetSAS","Update"]}},{"tenantId":"f4dcdb22-a4c7-4f4c-a390-1954365b828c","objectId":"7e55b79e-8bbf-4911-8e60-9f548e649d4e","permissi
ons":{"certificates":[],"keys":[],"secrets":["Get","List"],"storage":[]}},{"tenantId":"f4dcdb22-a4c7-4f4c-a390-1954365b828c","objectId":"54f4c2f2-a91b-4602-bbdf-c9577cac7a5a","permissions":{"certificates":[],"keys":[],"secrets":["Get","List"],"storage":[]}}],"enabledForDeployment":false,"enabledForDiskEncryption":fals
e,"enabledForTemplateDeployment":false,"enableSoftDelete":true,"enableRbacAuthorization":false,"vaultUri":"https://bclpdeausdatahubkv01.vault.azure.net/","provisioningState":"Succeeded"}}
cli.knack.cli: Event: CommandInvoker.OnTransformResult [<function _resource_group_transform at 0x7f969e876340>, <function _x509_from_base64_to_hex_transform at 0x7f969e8763e0>]
cli.knack.cli: Event: CommandInvoker.OnFilterResult []
[
  {
    "id": "/subscriptions/af8cff68-2e9e-4464-a71b-e4245d263d2b/resourceGroups/bclp-d-eaus-data_hub-rg-01/providers/Microsoft.KeyVault/vaults/bclpdeausdatahubkv01/privateEndpointConnections/bclp-d-eaus-psc-bclpdeausdatahubkv01-01",
    "properties": {
      "privateEndpoint": {
        "id": "/subscriptions/af8cff68-2e9e-4464-a71b-e4245d263d2b/resourceGroups/bclp-d-eaus-data_hub-rg-01/providers/Microsoft.Network/privateEndpoints/bclp-d-eaus-pep-bclpdeausdatahubkv01-01",
        "resourceGroup": "bclp-d-eaus-data_hub-rg-01"
      },
      "privateLinkServiceConnectionState": {
        "actionsRequired": "None",
        "status": "Approved"
      },
      "provisioningState": "Succeeded"
    },
    "resourceGroup": "bclp-d-eaus-data_hub-rg-01"
  },
  {
    "etag": "40a98bc66f1e47bc8b3ef62f8a124107",
    "id": "/subscriptions/af8cff68-2e9e-4464-a71b-e4245d263d2b/resourceGroups/bclp-d-eaus-data_hub-rg-01/providers/Microsoft.KeyVault/vaults/bclpdeausdatahubkv01/privateEndpointConnections/bclp-d-eaus-customer01-adf-01.adf-managed-for-bclpdeausdatahubkv01-pep-conn",
    "properties": {
      "privateEndpoint": {
        "id": "/subscriptions/49999843-960d-4eb0-b48c-e29f0ddc0cf7/resourceGroups/vnet-49999843-eastus-148-rg/providers/Microsoft.Network/privateEndpoints/bclp-d-eaus-customer01-adf-01.adf-managed-for-bclpdeausdatahubkv01-pep",
        "resourceGroup": "vnet-49999843-eastus-148-rg"
      },
      "privateLinkServiceConnectionState": {
        "actionsRequired": "None",
        "description": "Approved manually.",
        "status": "Approved"
      },
      "provisioningState": "Succeeded"
    },
    "resourceGroup": "bclp-d-eaus-data_hub-rg-01"
  }
]
cli.knack.cli: Event: Cli.SuccessfulExecute []
cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x7f969ea7d1c0>]
az_command_data_logger: exit code: 0
cli.__main__: Command ran in 1.212 seconds (init: 0.238, invoke: 0.974)
telemetry.main: Begin splitting cli events and extra events, total events: 1
telemetry.client: Accumulated 0 events. Flush the clients.
telemetry.main: Finish splitting cli events and extra events, cli events: 1
telemetry.save: Save telemetry record of length 3464 in cache
telemetry.main: Begin creating telemetry upload process.
telemetry.process: Creating upload process: "/opt/az/bin/python3 /opt/az/lib/python3.11/site-packages/azure/cli/telemetry/__init__.py /home/JZ1qjWP4seF5xUhoW1zCoxYFj1pUI1G0/.azure"
telemetry.process: Return from creating process
telemetry.main: Finish creating telemetry upload process.
necusjz commented 9 months ago

we can see that Response content from server side doesn't have "name" attribute, and our client side only desterilize it

i will involve service team for it then

microsoft-github-policy-service[bot] commented 9 months ago

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @aznetsuppgithub.

blackc0at-3cloud commented 7 months ago

Has there been any update from the appropriate teams on this open issue?