DEBUG: cli.knack.cli: init debug log:
Cannot enable color.
DEBUG: cli.knack.cli: Event: Cli.PreExecute []
DEBUG: cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x0000021E317DFD80>, <function OutputProducer.on_global_arguments at 0x0000021E319840E0>, <function
CLIQuery.on_global_arguments at 0x0000021E319ADC60>]
DEBUG: cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate []
DEBUG: cli.azure.cli.core: Modules found from index for 'sql': ['azure.cli.command_modules.sql', 'azure.cli.command_modules.sqlvm']
DEBUG: cli.azure.cli.core: Loading command modules:
DEBUG: cli.azure.cli.core: Name Load Time Groups Commands
DEBUG: cli.azure.cli.core: sql 0.423 56 215
DEBUG: cli.azure.cli.core: sqlvm 0.040 4 20
DEBUG: cli.azure.cli.core: Total (2) 0.463 60 235
DEBUG: cli.azure.cli.core: Loaded 59 groups, 235 commands.
DEBUG: cli.azure.cli.core: Found a match in the command table.
DEBUG: cli.azure.cli.core: Raw command : sql server audit-policy update
DEBUG: cli.azure.cli.core: Command table: sql server audit-policy update
DEBUG: cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x0000021E33C280E0>]
DEBUG: cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to 'C:\Users\saocsanc.azure\commands\2024-10-14.14-47-00.sql_server_audit-policy_Update.10676.log'.
INFO: az_command_data_logger: command args: sql server audit-policy update --name {} --resource-group {} --subscription {} --state {} --storage-key --blob-storage-target-state {} --storage-endpoint {} --retention-days {} --debug
DEBUG: cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument..add_subscription_parameter at 0x0000021E33CB0AE0>]
DEBUG: cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad []
DEBUG: cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument..add_ids_arguments at 0x0000021E33CB0B80>, <function register_cache_arguments..add_cache_arguments at
0x0000021E33CB0CC0>, <function register_upcoming_breaking_change_info..update_breaking_change_info at 0x0000021E33CB0D60>]
DEBUG: cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded []
DEBUG: cli.knack.cli: Event: CommandInvoker.OnPreParseArgs []
DEBUG: urllib3.connectionpool: Starting new HTTPS connection (1): app.aladdin.microsoft.com:443
DEBUG: urllib3.connectionpool: https://app.aladdin.microsoft.com:443 "GET /api/v1.0/suggestions?query=%7B%22command%22%3A+%22sql+server+audit-policy+update%22%2C+%22parameters%22%3A+%22--blob-storage-target-state%2C--retention-days%2
C--name%2C--state%2C--storage-endpoint%2C--resource-group%2C--subscription%2C--storage-key%22%7D&clientType=AzureCli&context=%7B%22versionNumber%22%3A+%222.65.0%22%2C+%22errorType%22%3A+%22ExpectedArgument%22%2C+%22correlationId%22%3
A+%2226f7b22c-6193-4d17-9bb8-dbe2216fd700%22%2C+%22subscriptionId%22%3A+%228fa3aaf6-678e-4e42-9576-291ec0d20c25%22%2C+%22eventId%22%3A+%22dfbe2f26-e58f-4709-8cc6-e3fff8819d0c%22%7D HTTP/1.1" 200 None
DEBUG: cli.azure.cli.core.azclierror: Traceback (most recent call last):
File "argparse.py", line 1902, in parse_known_args
File "argparse.py", line 2114, in _parse_known_args
File "argparse.py", line 2044, in consume_optional
File "argparse.py", line 2208, in _match_argument
argparse.ArgumentError: argument --storage-key: expected one argument
ERROR: cli.azure.cli.core.azclierror: argument --storage-key: expected one argument
ERROR: az_command_data_logger: argument --storage-key: expected one argument
Examples from AI knowledge base:
az sql server audit-policy update --resource-group mygroup --name myserver --state Disabled
Disable an auditing policy.
https://docs.microsoft.com/en-US/cli/azure/sql/server/audit-policy#az_sql_server_audit_policy_update
Read more about the command in reference docs
DEBUG: cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x0000021E33C28360>]
INFO: az_command_data_logger: exit code: 2
INFO: cli.main: Command ran in 2.502 seconds (init: 0.746, invoke: 1.756)
INFO: telemetry.main: Begin splitting cli events and extra events, total events: 1
INFO: telemetry.client: Accumulated 0 events. Flush the clients.
INFO: telemetry.main: Finish splitting cli events and extra events, cli events: 1
INFO: telemetry.save: Save telemetry record of length 3899 in cache file under C:\Users\saocsanc.azure\telemetry\20241014144702564
INFO: telemetry.main: Begin creating telemetry upload process.
INFO: telemetry.process: Creating upload process: "C:\Program Files\Microsoft SDKs\Azure\CLI2\python.exe C:\Program Files\Microsoft SDKs\Azure\CLI2\Lib\site-packages\azure\cli\telemetry__init__.pyc C:\Users\saocsanc.azure
C:\Users\saocsanc.azure\telemetry\20241014144702564"
INFO: telemetry.process: Return from creating process 7364
INFO: telemetry.main: Finish creating telemetry upload process.
Expected behavior
az sql server audit-policy Update command to be completed successfully having Azure SQL Audting on storage account with Managed Identity authentication.
Describe the bug
MS wiki points to provide empty value for "--storage-key" parameter to use Managed Identity Authentication type: https://learn.microsoft.com/en-us/azure/azure-sql/database/auditing-managed-identity?view=azuresql&tabs=azure-cli
But, when we do the same using Azure CLI, it fails with the below error message:
In text: az : ERROR: argument --storage-key: expected one argument At line:2 char:1
Examples from AI knowledge base: az sql server audit-policy update --resource-group mygroup --name myserver --state Disabled Disable an auditing policy. https://docs.microsoft.com/en-US/cli/azure/sql/server/audit-policy#az_sql_server_audit_policy_update Read more about the command in reference docs
Related command
az sql server audit-policy Update
--name $AzServerName
--resource-group $PortalResourceGroup--subscription $PortalSubscriptionName
--state Enabled--storage-key ""
--blob-storage-target-state Enabled--storage-endpoint $StorageEndpoint
--retention-days $RetentionDays ` --debugErrors
az : ERROR: argument --storage-key: expected one argument At line:2 char:1
Examples from AI knowledge base: az sql server audit-policy update --resource-group mygroup --name myserver --state Disabled Disable an auditing policy. https://docs.microsoft.com/en-US/cli/azure/sql/server/audit-policy#az_sql_server_audit_policy_update Read more about the command in reference docs
Issue script & Debug output
az : DEBUG: cli.knack.cli: Command arguments: ['sql', 'server', 'audit-policy', 'Update', '--name', 'azdbdp-00123-xxxxxxxx', '--resource-group', 'RG-6393-777X-XXXX-XXXX', '--subscription', 'AZ-PRO-IT-XXXXXXX', '--state', 'Enabled', '--storage-key', '--blob-storage-target-state', 'Enabled', '--storage-endpoint', 'auditazdbdxxxxxxxxxx', '--retention-days', '90', '--debug'] At line:2 char:1
DEBUG: cli.knack.cli: init debug log: Cannot enable color. DEBUG: cli.knack.cli: Event: Cli.PreExecute [] DEBUG: cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x0000021E317DFD80>, <function OutputProducer.on_global_arguments at 0x0000021E319840E0>, <function CLIQuery.on_global_arguments at 0x0000021E319ADC60>] DEBUG: cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate [] DEBUG: cli.azure.cli.core: Modules found from index for 'sql': ['azure.cli.command_modules.sql', 'azure.cli.command_modules.sqlvm'] DEBUG: cli.azure.cli.core: Loading command modules: DEBUG: cli.azure.cli.core: Name Load Time Groups Commands DEBUG: cli.azure.cli.core: sql 0.423 56 215 DEBUG: cli.azure.cli.core: sqlvm 0.040 4 20 DEBUG: cli.azure.cli.core: Total (2) 0.463 60 235 DEBUG: cli.azure.cli.core: Loaded 59 groups, 235 commands. DEBUG: cli.azure.cli.core: Found a match in the command table. DEBUG: cli.azure.cli.core: Raw command : sql server audit-policy update DEBUG: cli.azure.cli.core: Command table: sql server audit-policy update DEBUG: cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x0000021E33C280E0>] DEBUG: cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to 'C:\Users\saocsanc.azure\commands\2024-10-14.14-47-00.sql_server_audit-policy_Update.10676.log'. INFO: az_command_data_logger: command args: sql server audit-policy update --name {} --resource-group {} --subscription {} --state {} --storage-key --blob-storage-target-state {} --storage-endpoint {} --retention-days {} --debug DEBUG: cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument..add_subscription_parameter at 0x0000021E33CB0AE0>]
DEBUG: cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad []
DEBUG: cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument..add_ids_arguments at 0x0000021E33CB0B80>, <function register_cache_arguments..add_cache_arguments at
0x0000021E33CB0CC0>, <function register_upcoming_breaking_change_info..update_breaking_change_info at 0x0000021E33CB0D60>]
DEBUG: cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded []
DEBUG: cli.knack.cli: Event: CommandInvoker.OnPreParseArgs []
DEBUG: urllib3.connectionpool: Starting new HTTPS connection (1): app.aladdin.microsoft.com:443
DEBUG: urllib3.connectionpool: https://app.aladdin.microsoft.com:443 "GET /api/v1.0/suggestions?query=%7B%22command%22%3A+%22sql+server+audit-policy+update%22%2C+%22parameters%22%3A+%22--blob-storage-target-state%2C--retention-days%2
C--name%2C--state%2C--storage-endpoint%2C--resource-group%2C--subscription%2C--storage-key%22%7D&clientType=AzureCli&context=%7B%22versionNumber%22%3A+%222.65.0%22%2C+%22errorType%22%3A+%22ExpectedArgument%22%2C+%22correlationId%22%3
A+%2226f7b22c-6193-4d17-9bb8-dbe2216fd700%22%2C+%22subscriptionId%22%3A+%228fa3aaf6-678e-4e42-9576-291ec0d20c25%22%2C+%22eventId%22%3A+%22dfbe2f26-e58f-4709-8cc6-e3fff8819d0c%22%7D HTTP/1.1" 200 None
DEBUG: cli.azure.cli.core.azclierror: Traceback (most recent call last):
File "argparse.py", line 1902, in parse_known_args
File "argparse.py", line 2114, in _parse_known_args
File "argparse.py", line 2044, in consume_optional
File "argparse.py", line 2208, in _match_argument
argparse.ArgumentError: argument --storage-key: expected one argument
ERROR: cli.azure.cli.core.azclierror: argument --storage-key: expected one argument
ERROR: az_command_data_logger: argument --storage-key: expected one argument
Examples from AI knowledge base:
az sql server audit-policy update --resource-group mygroup --name myserver --state Disabled
Disable an auditing policy.
https://docs.microsoft.com/en-US/cli/azure/sql/server/audit-policy#az_sql_server_audit_policy_update
Read more about the command in reference docs
DEBUG: cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x0000021E33C28360>]
INFO: az_command_data_logger: exit code: 2
INFO: cli.main: Command ran in 2.502 seconds (init: 0.746, invoke: 1.756)
INFO: telemetry.main: Begin splitting cli events and extra events, total events: 1
INFO: telemetry.client: Accumulated 0 events. Flush the clients.
INFO: telemetry.main: Finish splitting cli events and extra events, cli events: 1
INFO: telemetry.save: Save telemetry record of length 3899 in cache file under C:\Users\saocsanc.azure\telemetry\20241014144702564
INFO: telemetry.main: Begin creating telemetry upload process.
INFO: telemetry.process: Creating upload process: "C:\Program Files\Microsoft SDKs\Azure\CLI2\python.exe C:\Program Files\Microsoft SDKs\Azure\CLI2\Lib\site-packages\azure\cli\telemetry__init__.pyc C:\Users\saocsanc.azure
C:\Users\saocsanc.azure\telemetry\20241014144702564"
INFO: telemetry.process: Return from creating process 7364
INFO: telemetry.main: Finish creating telemetry upload process.
Expected behavior
az sql server audit-policy Update command to be completed successfully having Azure SQL Audting on storage account with Managed Identity authentication.
Environment Summary
azure-cli 2.65.0
core 2.65.0 telemetry 1.1.0
Dependencies: msal 1.31.0 azure-mgmt-resource 23.1.1
Python location 'C:\Program Files\Microsoft SDKs\Azure\CLI2\python.exe' Extensions directory 'C:\Users\saocsanc.azure\cliextensions'
Python (Windows) 3.11.8 (tags/v3.11.8:db85d51, Feb 6 2024, 22:03:32) [MSC v.1937 64 bit (AMD64)]
Legal docs and information: aka.ms/AzureCliLegal
Your CLI is up-to-date.
Additional context
No response