On-premises Key Vault will not resolve without period in suffix-keyvault-dns value

[bwilkinscloud]

Describe the bug

I am using az cli 2.53.1 in the official Microsoft container. If I try to do:

az keyvault secret set --name <name> --vault-name <kv_name> --value=<myvalue>

Then, az cli is unable to resolve my hostname. I previously passed in via

az cloud register -n AzureStackUser --endpoint-resource-manager $METADATA_HOST --suffix-keyvault-dns $KEYVAULT_SUFFIX_DNS

My keyvault suffix dns. It was set to:

vault.<rest_of_my_url>

I could not figure out why AzCLI kept reporting that the name could not be resolved. I had to add a period in front of .vault since apparently AzCLI does not append a period.

I think AzCLI should append a period. This would make it consistent with how storage endpoint works. As far as I can tell, that does not require a period.

Related command

see above

Errors

Errno -2. Name could not be resolved.

Issue script & Debug output

Not able to provide. Airgapped.

Expected behavior

AzCLI does not require a period.

Environment Summary

azure-cli 2.53.1 core 2.53.1 telemetry 1.10 Dependencies:

msal 1.24.0b2 azure-mgmt-resource 23.1.0b2

Additional context

Using Azure Stack Hub

[azure-client-tools-bot-prd[bot]]

Hi @bwilkinscloud,

2.53.1 is not the latest Azure CLI(2.60.0).

If you haven't already attempted to do so, please upgrade to the latest Azure CLI version by following https://learn.microsoft.com/en-us/cli/azure/update-azure-cli.

[yonzhan]

Thank you for opening this issue, we will look into it.