Open maye-msft opened 5 months ago
Hi @maye-msft,
2.58.0 is not the latest Azure CLI(2.59.0).
If you haven't already attempted to do so, please upgrade to the latest Azure CLI version by following https://learn.microsoft.com/en-us/cli/azure/update-azure-cli.
Thank you for opening this issue, we will look into it.
Hi @maye-msft Find similar issue https://github.com/Azure/azure-cli/issues/9868. | ||
---|---|---|
Issue title | az role assignment creating fails on role definitions which are valid on 1+ subscription | |
Create time | 2019-07-05 | |
Comment number | 6 |
Possible solution:
As per the existing issue, the error message "list index out of range" occurs when the role definition is applicable in both subscriptions. The suggested solution is to use the --role
parameter with the full scope of the subscription where the role definition is applicable. For example, --role '/subscriptions/712330b2-aada-46a5-870a-070ed09927f3/providers/Microsoft.Authorization/roleDefinitions/a614ca30-22f5-5606-b5bf-9ea5669640e2'
. This should enable deployment of role assignments across subscriptions.
Please confirm if this resolves your issue.
Hi , I m using the latest version of the az cli (2.59.0) and having the exact same issue while doing a role assignment on a subscription level. The first time works like a charm and the second time throws the python error mentioned above. I also tried the workaround which did not help
nevermind. I had a typo in mijn command. I was using --scope subscriptions/$subscritpionId
instead of --scope /subscriptions/$subscriptionId
Describe the bug
To assign a role of MSI to access blob storage with the CLI as below.
this script can run successfully at the 1st time, and then it failed if run it again, as the role assignment already exists with a python exception. I hope it can be some managed error message rather than a python error trace as below.
Related command
az role assignment create
Errors
The command failed with an unexpected error. Here is the traceback: list index out of range Traceback (most recent call last): File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/role/custom.py", line 180, in create_role_assignment File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/role/custom.py", line 204, in _create_role_assignment File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/role/_multi_api_adaptor.py", line 57, in create_role_assignment File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/core/tracing/decorator.py", line 76, in wrapper_use_tracer File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/mgmt/authorization/v2022_04_01/operations/_role_assignments_operations.py", line 902, in create File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/core/exceptions.py", line 112, in map_error azure.core.exceptions.ResourceExistsError: (RoleAssignmentExists) The role assignment already exists. Code: RoleAssignmentExists Message: The role assignment already exists.
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/cli.py", line 233, in invoke File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 664, in execute File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 731, in _run_jobs_serially File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 701, in _run_job File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 334, in call File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/command_operation.py", line 121, in handler File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/role/custom.py", line 186, in create_role_assignment IndexError: list index out of range
Issue script & Debug output
Traceback (most recent call last): File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/cli.py", line 233, in invoke File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 664, in execute File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 731, in _run_jobs_serially File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 701, in _run_job File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 334, in call File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/command_operation.py", line 121, in handler File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/role/custom.py", line 186, in create_role_assignment IndexError: list index out of range
cli.azure.cli.core.azclierror: The command failed with an unexpected error. Here is the traceback: az_command_data_logger: The command failed with an unexpected error. Here is the traceback: cli.azure.cli.core.azclierror: list index out of range Traceback (most recent call last): File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/role/custom.py", line 180, in create_role_assignment File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/role/custom.py", line 204, in _create_role_assignment File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/role/_multi_api_adaptor.py", line 57, in create_role_assignment File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/core/tracing/decorator.py", line 76, in wrapper_use_tracer File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/mgmt/authorization/v2022_04_01/operations/_role_assignments_operations.py", line 902, in create File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/core/exceptions.py", line 112, in map_error azure.core.exceptions.ResourceExistsError: (RoleAssignmentExists) The role assignment already exists. Code: RoleAssignmentExists Message: The role assignment already exists.
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/cli.py", line 233, in invoke File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 664, in execute File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 731, in _run_jobs_serially File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 701, in _run_job File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 334, in call File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/command_operation.py", line 121, in handler File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/role/custom.py", line 186, in create_role_assignment IndexError: list index out of range az_command_data_logger: list index out of range Traceback (most recent call last): File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/role/custom.py", line 180, in create_role_assignment File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/role/custom.py", line 204, in _create_role_assignment File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/role/_multi_api_adaptor.py", line 57, in create_role_assignment File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/core/tracing/decorator.py", line 76, in wrapper_use_tracer File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/mgmt/authorization/v2022_04_01/operations/_role_assignments_operations.py", line 902, in create File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/core/exceptions.py", line 112, in map_error azure.core.exceptions.ResourceExistsError: (RoleAssignmentExists) The role assignment already exists. Code: RoleAssignmentExists Message: The role assignment already exists.
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/cli.py", line 233, in invoke File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 664, in execute File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 731, in _run_jobs_serially File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 701, in _run_job File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 334, in call File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/command_operation.py", line 121, in handler File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/role/custom.py", line 186, in create_role_assignment IndexError: list index out of range To check existing issues, please visit: https://github.com/Azure/azure-cli/issues
Expected behavior
it can be some managed error message rather than a python error trace.
Environment Summary
azure-cli 2.58.0 *
core 2.58.0 * telemetry 1.1.0
Extensions: account 0.2.5 bastion 0.3.0
Dependencies: msal 1.26.0 azure-mgmt-resource 23.1.0b2
Additional context
No response