Open t4chik0ma opened 2 weeks ago
Hi @t4chik0ma ,
As in the Azure Portal when activating a resource, this tool issues a request to the /validation
endpoint to validate the request prior to requesting activation. As such, there should be a subsequent request to the activation endpoint, which includes the reason, ticket number, and ticket system you provided. The Azure Portal (at least at the time of implementing this) included these messages (reason: "validation only call", ticketSystem: "Evaluate Only", ticketNumber: "Evaluate Only") by default, which is why I hard-coded them to override the user-provided message(s) when validating.
Could you check if that is the case for you?
I can consider implementing the validation as an optional flag (e.g. az-pim-cli activate resource [...] --validate
) instead, but no other users have reported issues with the current solution (and they are seeing the correct reason/ticketNumber/ticketSystem messages for their requests)
Hi @netr0m
The TicketSystem & TicketNumber entries used during pim is run through a function down the line in my corp whenever someone PIMs to make sure they're accessing resources with a current and valid ticket, so currently anytime I try to use az-pim-cli to initiate a PIM I'm triggering an alert as the ticketnumber 'Evaluate Only' is obviously not matching what would be found in our ticket system.
Is it possible to allow those to be filled dynamically instead of static with what's entered for -T (TicketNumber) and --ticket-system (TicketSystem)?
Thanks
Welcome
Description of the problem
Using the same ~~TicketNumber for both the reason and ticket number, though it only reports back in the Azure pim notification as being used in the justification. Ticket Number is returning 'Evaluate Only', same with Ticket System
Version of az-pim-cli
Configuration
Go environment
Output of command
Validation