-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
{Role} az ad sp create-for-rbac
: Stop setting identifierUris
on app
#18312
Conversation
Role |
NAME_DEPRECATION_WARNING = \ | ||
"'name' property in the output is deprecated and will be removed in the future. Use 'appId' instead." |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shall we tell users that 'name' property in the output has changed from identifierUris to servicePrincipalName due to security issue. Since we will not auto-generate identifierUris, they can use az ad app update
to set valid identifierUris by themselves?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This information is already conveyed in the history. Also, identifierUris
is a subset of servicePrincipalName
. I prefer not to mentioned it here as
- it is used as an opaque box
- it will make the already-overly-crowded warning messages even more crowded
LGTM if all tests pass |
* {Doc} Add managed identity command guideline (#17473) * [WebApp] Add to `az webapp deploy` param help text (#17743) * Add to `az webapp deploy` param help text String changes for the `az webapp deploy` command's parameter help text. * Update _params.py * Update _params.py * Style guide fixes * Update src/azure-cli/azure/cli/command_modules/appservice/_params.py Co-authored-by: Feiyue Yu <[email protected]> * Update _params.py Co-authored-by: Feiyue Yu <[email protected]> * {Doc} Update track_2_migration_roadmap.md (#18206) * [RDBMS] Add commands for Github actions (#17949) * basic functionality for github action deploy * Modify deploy setup and run command * add logger warnings * mysql command added for deploy and run * testing mysql and postgres * Add github action file * testing pg * add erroring out vnet enabled server * add help text * fix help text * fix help text * style issue fixed * trigger CI * Update _flexible_server_util.py * changed action file to template * fix style * style issue fixed * {Pylint} Fix `self-assigning-variable` (#18119) * [KeyVault] Fix #11871: AKV10032: Invalid issuer error for operations in nondefault tenant/subscription (#18162) * keyvault data plane cross tenant * all data plane * cli_ctx for client factory * other modules * remove unused import * omit extra `None` * keyvault code owners (#18234) * Fix what-if formatter (#18244) * Fix for user-assigned identity ARM issue on remove (#18205) Co-authored-by: Ryan Kelly <[email protected]> * [Keyvault] `az keyvault set-policy/delete-policy`: Support --application-id (#18209) * `az keyvault set-policy/delete-policy`: Support --application-id * param * application_id.lower comparison * fix delete * address comment * [Compute] Upgrade api-version for VM and VMSS from '2020-12-01' to '2021-03-01' (#18233) * Upgrade api-version for compute * Fix CI * rerecord aks * [rdbms] az postgres flexible-server migration: Add customer facing feature to migrate postgres db servers from Sterling to Meru platform (#18161) * Support for "az postgres flexible-server migration" commands * Fix a linter error caused by copy-paste. * Fix more linter errors * Use custom_show_command instead of custom_command for 'show' to fix a linter finding. * 1. Remove the --subscription-id parameter. Use the CLI command param --subscription instead * Rename body to properties, which makes more sense in this context. * Fix isses reported by "azdev style rdbms" * Fix linter issues * Fix issues reported by azdev style check * Mark the migration command group as experimental * Cannot have is_preview and is_experimental at the same time. So removed is_preview. * 1. Added a confirmation for migration delete, 2. Deleted unused code, 3. Return instead of just the migration_id from update * Replace parameters db1, db2, ...db8 with an db-names parameter which takes a space-separated list of values * [Storage] `az storage blob copy start`: Support --tier and --rehydrate-priority (#18170) * upgrade api version * draft command design * test pass * test pass * refine help * checkout * checkout * add linter exclusion * fix style * fix error type * fix error type * fix style * {monitor} live test fixing (#18189) * fix test_monitor_action_group_basic_scenario tests * fix test_metrics_alert_metric_name_with_special_characters * fix test_monitor_create_log_profile * skip test_monitor_clone_storage_metric_alerts_across_subs_scenario * fix issue * [KeyVault] `az keyvault recover`: Support MHSM (#18150) * recover for MHSM * fix * tests * linter * Fix for user-assigned identity ARM issue on remove (#18283) Co-authored-by: Ryan Kelly <[email protected]> * [AppService] Hotfix: Fix # 18266 - webapp config appsettings set command causing all values to default to "false" in version 2.24.0 (#18277) * #18266 - webapp config appsettings set command causing all values to default to "false" in version 2.24.0 * Added tests for validating settings through json with slot * [Storage] GA release storage file share NFS and SMB multichannel (#18232) * {Packaging} Bump `urllib3` and `requests` (#18213) * {Pylint} Fix `unnecessary-comprehension` (#18013) * {Compute} Adopt track2 SDK, azure-mgmt-batch==15.0.0 (#18113) * Update test link * Update requirements * Fix batch_data_plane * Fix 2 tests * Fix their style and linter * Fix _help * Fix batch style and linter * Upload test yaml * Fix batch test in network * [Network] private link add `Microsoft.Sql/servers` provider (#18268) * reorder private link providers * comment miss private link providers * support private link provider for Microsoft.Sql/servers * update recordings * {CI} Unpin azdev (#18300) * [VM] Hotfix: Fix the bad request issue when creating VMSS in Azure Stack (#18301) * Fix unsupported parameters in old api-version for vmss * Run releated test in old profile * Fix CI style * [HDInsight] Migrate to track2 python sdk 7.0.0 (#18237) * [Backup] Migrate backup to track2 SDK (#17831) * [Backup] Migrate backup to track2 SDK * [Backup] Migrate backup to track2 SDK * [Backup] Migrate backup to track2 SDK afs_test passed * workload_test * workload_sql * update * workload_hana * update afs_test * update * Revert "Merge branch 'dev' into backup" This reverts commit a197e3ceb9f9f85e078c6a0c5707d2543b834c17, reversing changes made to 10b1d7d53cb3e11868b196d57cd729fd83df4b74. * Modified style * update * fix conflicts * update * update * update * update There was a problem with the virtual environment, changed it back * Apply suggestions from code review Co-authored-by: Feiyue Yu <[email protected]> * Update preparers.py * Resolve conflicts * Revert "Resolve conflicts" This reverts commit 034b32671abd3c8c45fe6e5abc895d864e288e06. * Resolve conflicts * Update test_backup_wl_sql_policy.yaml * Delete test_acs_create_kubernetes.yaml Co-authored-by: Feiyue Yu <[email protected]> * Hotfix for 2.24.1 (#18307) * {Keyvault} Support managed HSM private link operations (#18273) * private link resource * private endpoint connection * tests * network module tests * linter * merge network changes * [Compute] `az vm create`: Support delete option for NICs and Disks for VMs in Azure CLI (#18238) * support delete option for new nic * test pass for nix * test pass for vm nic count * test pass * rebase dev * suppress linter * fix linter * fix comment * [EventGrid] Migrate track2 SDK (#18210) * {AKS} Fix failed live test cases (#18310) * fix virtual network preparer * remove outdated checks * [Synapse]update to AZ Synapse mgmt 2.0.0 (#18195) * [Container] Hotfix: Fix #18276: `az container create` fails with `AttributeError: 'ResourcesOperations' object has no attribute 'create_or_update'` (#18326) * Fix the method signature for resource track2 client * upgrade version * Update src/azure-cli/HISTORY.rst * {Packaging} Bump urllib3 from 1.26.4 to 1.26.5 (#18324) * fix network tests due to synapse bum (#18340) * [RDBMS] Private DNS zone parameter added for restore command, high availability validator (#18218) * add private dns zone for restore and ha validator, template for github actions * change auto registration and fix autogenerated name * test fixed * add param explanation * Fix typo * Add functionalities * update functionalities * fix setup py * delete automatic action run * Update running condition * {Role} `az ad sp create-for-rbac`: Stop setting `identifierUris` on app (#18312) * {container} Fix style in CI (#18397) * [signalr] az signalr identity: Add managed identity related command, az signalr cors update: Add update for CORS (#18309) * update * Update * Add help * Add tests * Fix conflict * Override signalr_name * [NetAppFiles] Update azure-mgmt-netapp version to 3.0.0 (#18303) * added missing files * Backup tests updated and new recordings for them * Add missing recordings * Fix for check cli check * More fixes * More fixes * update netapp sdk to version 3.0.0 and add new features from it. Updated tests and gathered new recordings * update requirements * Updated according to new sdk 2021-02-01. Tests updated and new recordings gathered * update help text (#18365) * [Storage] BREAKING CAHNGE: az storage account create: Remove StorageFileDataSmbShareOwner option for --default-share-permission (#18396) * {EventGrid}: Update warning message (#18388) * Fix warning message * Fix style warnings * [Synapse]spark configuration conversion, which cause the failure (#18328) * Forward storage blob list delimiter parameter to client.walk_blobs (#18394) * {container} Bugfix #15856,#18251,#18275: az container exec - decode received bytes as utf-8 string (#18384) * decode binary string as utf-8 * updates suggested code style changes * {Keyvault} `az keyvault update-hsm`: --secondary-location not supported (#18427) * update hsm not support secondary locations * update hsm * fix typo * bump up azure-mgmt-applicationinsights to version 1.0.0 (#18400) * {AppService} Add custom location sdk (#18362) * [App Service]: Fixing az webapp deployment source config-local-git to set SiteConfig (#18364) * Updating enable_local_git SiteConfig Settings * Recording failing test * Filter apps with kind null when returning list of apps * Rerecording tests * [Core] Fix #18360 and #18262: write to stderr issue (#18414) * fix * refine wait * fix style * [ACR] az acr connected-registry: Minor bug fixes (#18288) * bug fix * pylint fix * fix style Co-authored-by: Zunli Hu <[email protected]> * [Compute] Direct Sharing support for Azure Shared Image Gallery (#18398) * init * 'test' * update test * update test * test recording * style * remove generated test * add command to get shared galleries * fix test * wait command * Update src/azure-cli/azure/cli/command_modules/vm/generated/_help.py Co-authored-by: Feiyue Yu <[email protected]> * delete sig share update * change the command format * lint * remove is_experimental * update command design * update command name and enum value * add wait command * linter * Update src/azure-cli/azure/cli/command_modules/vm/manual/_help.py Co-authored-by: Feiyue Yu <[email protected]> * Update src/azure-cli/azure/cli/command_modules/vm/manual/_help.py Co-authored-by: Feiyue Yu <[email protected]> * Update src/azure-cli/azure/cli/command_modules/vm/generated/_params.py Co-authored-by: Feiyue Yu <[email protected]> * help info * regenerate command interface but manual not work * test pass * fix test * resolve comments * fix style * Update src/azure-cli/azure/cli/command_modules/vm/manual/_help.py Co-authored-by: xfz11 <[email protected]> Co-authored-by: xiaofanzhou <[email protected]> Co-authored-by: xfz11 <[email protected]> Co-authored-by: Feiyue Yu <[email protected]> * replace fixed location in test case (#18429) * [RDBMS] Change server default location (issue reported) (#18157) * Change rdbms server default location * style fixed * fixed tests yaml file * Fix the problem of tagging resources of public ip (#18254) * [Compute] Support user_data for VM and VM Scale Sets (#18432) * Add UserData for VM and VMSS * Fix CI * [ARM] Add 'az policy assignment non-compliance-message' (#18158) * Non compliance message support * Persist nulls when removing non compliance messages * Fix variable naming * Fix parameters for policy assignment update * Fix style and linter errors * Fix not scope validation * Allow MG level notscopes * Revert subscription * Revert "[Compute] Direct Sharing support for Azure Shared Image Gallery (#18398)" (#18449) This reverts commit 7f7276d712bda4618a489856aed7b70a99433c5d. * {Release} Upgrade to Azure CLI 2.25.0 (#18452) * {Misc} Update service mapping for az term (#18329) * aro: add cidr values for pod/service to cli params (#18457) * {CODEOWNERS} Update CODEOWNERS (#18455) * Update CODEOWNERS * Update .github/CODEOWNERS Co-authored-by: Yishi Wang <[email protected]> * Update .github/CODEOWNERS Co-authored-by: Yishi Wang <[email protected]> Co-authored-by: Yishi Wang <[email protected]> * {Reference TOC} fixed Azure service names (#18459) * {Cognitive Services} Adopt track2 SDK, azure-mgmt-cognitiveservices==12.0.0 (#18354) * Update test link * update requirements * Fix tests * Update cognitiviceservices==12.0.0 * Fix identity * Fix tests * Fix tests(delete unnecessary import) * Fix tests(sku) * Upload test_recordings * [AKS] Migrate ACS module to track 2 SDK (#18117) * small fix (#18505) * {Packaging} Remove full Release History from project description (#18485) * {Packaging} Bump PyJWT to 2.1.0 (#18506) * {Packaging} Be more strict on `requests` (#18518) * {Misc.} Fix typos in HISTORY.rst (#18504) * {Pylint} Fix `use-a-generator` (#18523) * {Core} `az extension`: Retry `shutil.rmtree` (#18061) * Remove preview out of security module (#18529) Co-authored-by: Ahmad Abas <[email protected]> * {AppService} Make `appservice` tests serial (#18534) * {Cognitive Services} Update CLI to latest SDK, add soft-delete support. (#18464) * Update CLI to latest SDK, add soft-delete support. * fix comments * Fix style * re-record tests * fix style issue. * fix comments * remove unused import * Update codeowners (#18537) * [Azurestack][ACR][AKS] add azurestack hybrid profile for AKS (#18118) * Adding ACR and AKS for azurestack hybrid profile * Change managed cluster SDK profile for acs * Container service resource type to managed cluster sdk * Removing hardcoded api-version to import models * Removing versioned models import * Removing versioned models import * Fixing style and models * Changing Azure stack API version for container service * Adding operation-group to container service * Changing container service test_validator * Changing container service test_validator * Modifying operation_group to managed_clusters * Adding managed_clusters operation group to aks run command * Container service test code changes * Revert "Container service test code changes" This reverts commit c551f3b8fd0bfbe3570bb767070353d2011a9f6b. * Adding mock cmd to acs test * Fix resource tyope in acs test * Fix resource tyope in acs test * Removing resource type in mock cmd * Changing acs get_models * Adding operation group to get_models * Adding magicmock to acs test * Ading magicmock to acs test * Modifying mock cmd * Modifying acs mock cmd * Adding operation_group to acs mock * Adding mod=models for acs mock cmd * removing redundant operation_group properties * Adding operation_group to acs loadbalancer Co-authored-by: Bhuvaneswari Santharam <[email protected]> * Fix #17850 - prevent dublicate rules for service endpoints (#18024) * [Compute] Direct sharing support (#18503) * init * 'test' * update test * update test * test recording * style * remove generated test * add command to get shared galleries * fix test * wait command * Update src/azure-cli/azure/cli/command_modules/vm/generated/_help.py Co-authored-by: Feiyue Yu <[email protected]> * delete sig share update * change the command format * lint * remove is_experimental * update command design * update command name and enum value * add wait command * linter * Update src/azure-cli/azure/cli/command_modules/vm/manual/_help.py Co-authored-by: Feiyue Yu <[email protected]> * Update src/azure-cli/azure/cli/command_modules/vm/manual/_help.py Co-authored-by: Feiyue Yu <[email protected]> * Update src/azure-cli/azure/cli/command_modules/vm/generated/_params.py Co-authored-by: Feiyue Yu <[email protected]> * help info * regenerate command interface but manual not work * test pass * fix test * resolve comments * fix style * Update src/azure-cli/azure/cli/command_modules/vm/manual/_help.py Co-authored-by: xfz11 <[email protected]> * test pass * revert * revert * delete * fix typo * refine help * Apply suggestions from code review Co-authored-by: Xing Zhou <[email protected]> * add permission to create Co-authored-by: xiaofanzhou <[email protected]> Co-authored-by: xfz11 <[email protected]> Co-authored-by: Feiyue Yu <[email protected]> Co-authored-by: Xing Zhou <[email protected]> * [HDInsight]Support new azure monitor (#18519) * {Docs} Remove stale reference in README to closed issue about extensions (#12771) * Remove breaking change incoming notice and support new azure monitor * fix cred scan ci error * Replace CLIError with RequiredArgumentMissingError Co-authored-by: Daniel Miller <[email protected]> Co-authored-by: Azure CLI Team <[email protected]> Co-authored-by: Zhenyu Zhou <[email protected]> * [Resource] Third party S2S Consent/Permission Enumeration (#18433) * feature permission list * fix * fix * fix * fix * fix * Apply suggestions from code review * fix test and help info * fix Co-authored-by: Yu Chen <[email protected]> * [AKS] Upgrade api-version to 2021-05-01 for ACS module (#18593) * update api to 0501 * update api version * update recording location * {Advisor} Migrate Advisor module to track 2 SDK (#18525) * ARO: Fail if resource doesn't exist on delete (#18546) * [SQL] Bump sdk version (#18373) * Bump sdk version * Switch to LongTermRetentionPolicies * Fix sql db threat-policy * some test fixes * Fix threat detection * re-record test_sql_server_security_mgmt * Fix tde tests * add more passing tests * fix ltr test * Fix elastic pool * fix sql mi aad tests * Failover group * fix firewall rule * Fix for tde byok * push test file * Skip MI tests * skip server trust groups * Add dns alias management * fix backupstorageredundancy * backupstorage related fixes * Push test files * Fix test_sql_db_sensitivity_classifications, skip instance pools * Push sens classification re-record * retry sensitivity test * Fix instance group failover management * restore db test passing * record restore deleted * skip restore deleted and classification * management endpoint * remove skip tag * rerecord import export * modify validators to separate db and MI * change back MI to expect LRS/ZRS/GRS * Add CMK changes * Fix linter and style issues * remove current_bsr from create params * Fix failure due to --ids * more fixes, tests and linter * More linter issues * External admin changes * Style and Linter fixes * Fix show command * Fix more style issues * Add help for external admin * linter fix * Add examples for CMK with UMI * more linter fixes Co-authored-by: xaliciayang <[email protected]> Co-authored-by: Vinit Dinesh Parekh <[email protected]> * [APIM] Added version parameter for apim api import (#18604) * added version parameter for api import * added test api version * updated test * addressed ci issue * remove preview tag (#18607) * Fix for server create (#18640) * [AppConfig] Stop overwriting KeyVault reference content type during import (#18602) * Stop overwriting KVR content type during import * Style fix * [BACKUP] Workload container registration fix, SDK upgraded to 0.12.0, Fixed and Re-ran tests (#18592) * workload container registeration fix, sdk upgrade to 0.12.0, test fixed and re-ran * deleted local files * Linter and pyproj fix * commented record_only tag for test_afs_commands Co-authored-by: Akshay Neema <[email protected]> * fix CI tests (#18643) * [APIM] Fixed apim upgrade bug when specifying protocols (#18605) * fixed issue with protocol related command * added test for protocol * addressed ci issues * [Billing] Migrate billing to track2 SDK (#18608) * billing 1.0.0->6.0.0 * Update custom.py * parameter * [ARM] `az provider register`: Make parameter `--accept-term` become not required (#18509) * [RDBMS] Add autogrow parameter for MySQL and add database name to output json when created (#18441) * Add autogrow feature and postgres db name show when created * autogrow parameter for update added * add validators file * Add different subnet to restore server * private dns zone validator * server name validator and database delete warninng message deleted * restore network added * pg restore dns zone add when only microsoft dns zone * mysql ha validation added * style fix * [Storage] GA support secured SMB (#18638) * [CosmosDB] Adding point-in-time restore commands to the stable branch. (#18568) * Porting Retrieve BackupInfo and Tests from preview branch. * Porting PITR Changes for Restore Commands. * Adding validation changes, test fixes and use updated python sdk. * Updating test run files. * Fixing style/linting/test errors * Fixing linter and style errors * Fix failing restore test. * Updating linter_exclusions * Fixing some formatting * Fixing linter warning. * Adress code feedback. * Fix #18500. Add service tag list check. (#18527) * [Storage] `az storage account create`: Support `--enable-nfs-v3` to set NFS 3.0 protocol (#16766) * design * add test * redesign * test pass * refine * fix * refine help * {CI} Fix test (#18680) * {CDN} add missing help (#18641) * add miss help * Update src/azure-cli/azure/cli/command_modules/cdn/_help.py Co-authored-by: Jiashuo Li <[email protected]> Co-authored-by: Jiashuo Li <[email protected]> * [APIM] Fixed apim create when --enable-managed-identity is set to true (#18554) * fixed --enable-managed-identity for apim create * fixed ci error and updated test * {APIM} Fixed import error (#18553) * fixed import error * addressed linter format * addressed style check * address PR ci issue * addressed PR comments Co-authored-by: kai ru <[email protected]> Co-authored-by: kai ru <[email protected]> * aks: add 'enable-ultra-ssd' parameter (#18649) add empty line * [BACKUP] Added Archive Support for Azure CLI (#18535) * Code done! * Modified code1 * Archive tests added. * help_for_move, linter and az file changed * New line added in az and test_backup_commands * ran backup archive * Commented test_backup_archive for debugging * Changed recordings * Adding archive recording back * Added archive recording, and couple others * ran all four failed tests locally * akshay_review_changes * Corrected a error in help-text of move command * Corrected a small error in test_workload_commands. * More changes after review. * Additional changes * Changed help text of move in help.py * Made changes for use-secondary-region parameter * Changed recordings * Re-ran the 3 failing tests * Further modifications to those 3 recordings * Tweaked archive code for use_secondary_region * Changes suggested by Xing Zhou * Additional change after review * Update src/azure-cli/azure/cli/command_modules/backup/_help.py Co-authored-by: Xing Zhou <[email protected]> * Update src/azure-cli/azure/cli/command_modules/backup/custom_afs.py Co-authored-by: Xing Zhou <[email protected]> * Update src/azure-cli/azure/cli/command_modules/backup/custom_afs.py Co-authored-by: Xing Zhou <[email protected]> * Final changes suggested by Xing Zhou * Minor change Co-authored-by: Shreyansh Joshi <[email protected]> Co-authored-by: Akshay Neema <[email protected]> Co-authored-by: Xing Zhou <[email protected]> * [SQL] `az sql db ledger-digest-uploads`: Support SQL Ledger (#18672) * ledger create db + ledger digest uploads * adding tests, updating help message * adding db tests * adding help message for parameter * fixing comments on pr * [Container Registry] Migrate to track2 SDK (#18611) * [AKS] Support use custom kubelet identity (#18615) * Add custom kubelet identity implementation * Add recording file * Fix lint * Fix lint 2 * Apply code review * Fix errors * Apply code review * Fix lint * Fix lint 2 * [CosmosDB] Adding support for selecting Cosmos DB analytical storage schema type (#18636) * adding support for selecting cosmos db analytical storage schema type * bumping cosomsdb mgmt package version * fixing some unit tests * fixing build errors * adding shorter parameter name for --analytical-storage-schema-type Co-authored-by: Tom Swedlund <[email protected]> * [NetAppFiles] Update azure-mgmt-netapp version to 4.0.0 (#18666) * Update netapp python sdk and add new features * fix help * fix restore status command name * Fix for UMI (#18693) * [Compute] `az vmss create`: Support NetworkApiVersion for Vmss with OrchestraionMode == Flexible (#18132) * draft command design * test pass * refine code * new change * simple case pass * existing test pass * test pass * test pass * fix test * refine error type * support generate ssh key * test pass * fix style * add namespace.disable_overprovisionTrue * fix * [Storage] Support container soft delete (#18508) * support restore and list * add example * [network] `az network routeserver create`: Add `--public-ip-address` argument (#18663) * add public_ip_address parameter for 'az network routeserver create' * change the default ip configuration name to align with powershell * update recordings * adding fuming as the owner of acs module. (#18665) * [SQL] 'az sql db str-policy set/show': Add Set and Show ShortTermRetentionPolicy (#14919) * {Docs} Remove stale reference in README to closed issue about extensions (#12771) * draft sql db short term retention policy set and show cmdlets * add defination of get_sql_database_short_term_retention_policies_operations * renamed functions; removed deleted_time since STRPolicy doesn't support on dropped SQL DB; add parameter help code; shorter parameter length. * fix name * fix code style * remove unused parameter; use variable name from sdk: diff_backup_interval_in_hours on client; use show_command for 'show' cmdlets. * switch to use show_custom_command rather than show_command since hit error 'azure.mgmt.sql.operations#BackupShortTermRetentionPoliciesOperations.get_short_term_retention' is invalid. * should be custom_show_command * add SqlServerDbShortTermRetentionScenarioTest * add 'create db' to SqlServerDbShortTermRetentionScenarioTest * fix create db of SqlServerDbShortTermRetentionScenarioTest * change another way to create db for SqlServerDbShortTermRetentionScenarioTest * update SqlServerDbShortTermRetentionScenarioTest test location to southeastasia * upgrade azure-mgmt-sql to 0.21.0 * Revert "upgrade azure-mgmt-sql to 0.21.0" This reverts commit 9a0e5e688e17e192ae36fcc748edf6579ca2f20c. * remove unrelated comments * edit test file, scenario test passed * add test record * fix cli style, reupload record * style fix * edit test file + remove old scenario test file * upload succeed scenario test record * change custom.py changes back * update python sdk version to 0.29 * update azure-mgmt-sql version in setup.py file * fix ServerPublicNetworkAccess to ServerNetworkAccessFlag according to new python sdk changes * re-record failed scenario tests * upload more scenario test record * push more records * upload more scenario tests * add more scenario test record * upload more scenario test record * remove incident added pyproj and sln files * upload scenario test records * solve comment * fix code style Co-authored-by: Daniel Miller <[email protected]> Co-authored-by: Azure CLI Team <[email protected]> Co-authored-by: Lillian Liu <[email protected]> * [App Service] Add support for Linux Consumption and improve how content share name is generated. (#18675) * Added support for Powershell on Linux Consumption. Improved how content share name is generated. * Removed unused test variable. * [App Service] BREAKING CHANGE: `az functionapp create`: Remove support for EOL Node 8 and 10 (#18676) * Removed support for EOL Node 8 and 10 * Fixed tests that relied on Node 8 or 10. * Fixed more tests that relied on Node 8 * [App Service]: Fix an issue where adding VNET integration & Hybrid connections on a slot is not working (#18582) * Updating the tests & fix for vnet_integration add with slots * Updating add Hybrid connection for Slots & adding test cases for the scenario * Updating test verification * [AppService] BREAKING CHANGE: az webapp deployment source config: Remove vsts-cd-manager (#18203) * Remove vsts-cd-manager * Rerun tests * Remove vsts-cd-manager * Rerun tests * [AppService] az appservice domain create: Fix get correct domain agreements (#18622) * Fix get correct domain agreements * Add test for domain agreement keys * Fixes * [AppService] az webapp deployment github-actions add/remove: new commands (#18261) * Github actions * Add --login-with-github flag to specify if you want to use interactive method to get github personal access token * Linter * Fixes * don't pin pynacl package * Fix linter * Unpin PyGithub * Fixes * [AKS] az aks get-credentials: Add a check for KUBECONFIG environmental variable (#18704) * Add a check for KUBECONFIG environmental variable * Refactor to account for -f/--file being used. * {SQL} Fix SQL related record file to pass CI (#18713) * [AppConfiguration] Add support for ```disable_local_auth``` (#18619) * [Compute] Make dependent resources of VM/VMSS support edge zone (#18708) * [Compute] Update from CoreOS to Flatcar (#18644) * [Compute] Add the hint to suggest users use the standard public IP when creating VM (#18662) * {Release} Upgrade to Azure CLI 2.26.0 (#18716) * [CDN] az cdn endpoint rule: Add OriginGroupOverride action support (#18711) * [CDN] az cdn endpoint rule: Add OriginGroupOverride action support * Fix typo Co-authored-by: Bo Zhang <[email protected]> * Migrate to track 2 SDK (#18740) * [DMS] Track1 to track2 and MySQL removal (#18709) * [ARM]: Fix ARM What-If formatter (#18721) * Fix What-if formatter added missing parameter in method call * Update test_property_modify Co-authored-by: Shenglong Li <[email protected]> * [Compute] Fix issue #18633: az sig image-version create does not support mixing disks, snapshots, and vhd (#18741) * fix issue * test pass * [ARM] `az bicep uninstall`: Add new command to uninstall bicep (#18744) * Add az bicep uninstall and fix --stdout * Add help for bicep uninstall * [Packaging] Add licenses to all Python packages (#18749) * [ACR] az acr import: Support no-wait (#18572) * add no-wait feature to acr import * add no-wait feature to acr import * revise no-wait feature for acr import * add recording files * style changes * add no-wait warning and made style changes * style fix * method name changes to follow track 2 sdk changes * style changes * style changes Co-authored-by: Caroline Barker <[email protected]> * [Compute] Upgrade package version to fix securityProfile issue in `az vmss update` (#18788) * upgrade version * test pass: * add test * {IOT} Iot central track 2 migration (#18717) * track 2 changes * Rerecord yaml files that service team doesn't have permission * record of test_certificate and test_iotcental * Add yaml file for test_dps_lifecycle Co-authored-by: zhoxing-ms <[email protected]> * fix custom kubelet identity (#18795) * add tags for create command (#18783) * [ARM] `az provider register`: Add deprecate info for `--accept-term` (#18739) * [ACR] Fix some bugs on uncovered cmds (#18786) * {BatchAI} Migrate BatchAI module to track 2 SDK, azure-mgmt-batchai==7.0.0b1 (#18681) * [Keyvault] BREAKING CHANGE: Fix #13752: az keyvault create not idempotent. Creating existing keyvault will fail. (#18520) * check before create vault * part of keyvault tests * fix keyvault&storage&network tests * other module tests * pylint * hybrid profile tests * fix CI * sql conflict * fix test * linter * {Maps} Support managed maps creator operations (#18450) * track 2 * uodate * update * update * update * update * Compatible with old commands * update * creator * Update _params.py * Update _params.py * Linter * Update _help.py * linter * Update _params.py * update If property is None, they should not be in maps_account_update_parameters. Modify the error of help. * Update custom.py * Update custom.py * {Monitor} log analysis bump up SDK (#18374) * bump up azure-mgmt-loganalysis sdk to version 11.0.0 * [Storage] `az storage blob copy start`: Fix issue in copy from different account (#18730) * fix sas issue * test pass * fix style * [Storage] Fix issues (#18811) * fix * fix jwt * Fix #18352 (#18816) * [ACR] hotfix based on #18786 and #18850 (#18853) * {Release} HotFix: Release 2.26.1 (#18856) * Hotfix for 2.26.1 * Add PR number * add missing help to fix linter (#18859) * Update help description for pool-change (#18835) Co-authored-by: Audunn Baldvinsson <[email protected]> * Fix style issue in conflict resolution * [Storage] `az storage fs generate-sas`: Support generate sas token for file system in ADLS Gen2 account (#18768) * test pass * fix linter and add test * update and add dtest * [Storage] az storage account blob-service-properties: Support last access tracking policy (#18731) * [BACKUP] Added support for Customer Managed Keys(CMK) for Recovery Services Vault (#18733) * Merged with commit added support for CMK feature * Merged with commit Changes made * Merged with commit More changes * Changes with new version * Linter file changed * Changed test file * encryption test changed * Help Text Changed * Changes in command * help_text changed again * modified param names based on review comments * Encryption examples added Co-authored-by: Vidhi Katyal <[email protected]> Co-authored-by: Himanshu Agarwal <[email protected]> * {Redis} Migrate to Track 2 Mgmt SDK (#18793) * Fix style issue * [Synapse]Workspace key update failure (#18719) * 'workspacekeyupdatefailure' * 'reformat' * 'edithelp' * 'format' * Fix vm get boot log (#18830) * [AKS] az aks create: Add edge zone support (#18852) - Add the extended location parameter to create AKS in the edge zones - Add a test case for the cluster creation in edge zone Co-authored-by: Rhea Parekh <[email protected]> * Fix help for lock (#18890) * [SQL] `az sql server outbound-firewall-rule create`: Azure CLI Commands for Outbound Firewall Rules (#18671) * AnotherCommit * New Updates * Working Test * Updated version * Updated Tests * Linting updates * Cleanup * review comments * Apply suggestions from code review Co-authored-by: Yishi Wang <[email protected]> * {APIM} Onboard to rest.az code autogen (#18724) * prepare folder and file for autogen onboarding * fixed style issues * fixed style * disabled unimportant pylint alerts * updated test files * [Synapse]Reimport notebook Failure (#18718) * 'reimportnotebookerror' * 'refine' * 'paranamechange' * 'addchanges' * 'addexplanation' * 'addimportprocess' * 'addremovingredundantpara' * 'addhelpandmissingpara' * 'format1' * 'format2' * 'format3' * 'format4' * 'format5' * {Keyvault} Fix keyvault packaging tests (#18922) * Fix keyvault packaging tests * Apply suggestions from code review * address comment * linter * delete cert_secret file * [App Config] BREAKING CHANGE: `appconfig kv set`: Set value to be empty string if not specified (#18907) * set value to be empty string * revert change for default json type value * [Container] `az container exec`: Fix and improve terminal experience (#18909) * improve the azure container exec experience * more convergence in the linux/windows paths, handle arrows and ctrlc in windows * fix pylint errors Co-authored-by: Novin Changizi <[email protected]> * support ssl-certificate-name argument (#18861) * {Docs} Update track2 migration roadmap (#18431) * [Storage] Support Version level Worm (VLW) (#18540) * test pass * test pass * [App Service] Add support for vnet route all setting (#18460) * vnet route all arg + help fix * quotes in help text * vnet-route-all default behavior * Add new and rerun tests. Clarify help text * rerun tests * Remove disable-route-all * updated tests * Fix linter issue * [SQL] BREAKING CHANGE: Update Microsoft.Sql to track2 SDK (#18637) * Update sql track2 * Update commands.py update begin_delete * update setter_name to pass sdk validation * replace_all_delete * pass az self-check * update recording tests * fix all begin_xyz issue * run test to unblock some issues * pass SqlServerMSSupportScenarioTest * change region to pass tests * pass LTR test * add recorded tests for MI * update db_rename parameters * pass db management tests * address aad tests * pass sql server aad * revert azure-mgmt-netapp version change * record test after rebase * add three passed tests * modify short term policy * complete another three tests * pass tde test * pass two more tests * Update custom.py * pass two more tests * pass classification test * pass long and short backup * update test file to match new config * pass server and db security tests * record test_sql_db_sensitivity_classifications again * update MI tests * pass MI tests * pass tests * modify instance_pool_test * update aad_admin and aad_only_auth * update sdk 3.0.1 * record the mssuport and db security tests * pass instance pool and virtual cluster tests * update hide uuid * hack Microsoft.Management UUID * pass instance failover * fix lint/style and pass MI tests * rebase * pass outbound command test * change show command and make log replay as live_only * Delete test_sql_midb_logreplay_mgmt.yaml * address the comments * modify get_long_term_retention * remove the --security-alert-policy-name * pass two MI AAD tests with specific setup * add comment and remove record only * [ARM] `az deployment group/sub/mg/tenant create`: Add `--what-if` and `--proceed-if-no-change` parameters (#18924) * Add --what-if and --proceed-if-no-change params * Fix linter failures * [ACR] `az acr build`: Make .dockerignore include directories with `!` (#18821) * solve path issue of included directories in dockerignore * remove debugging command * style changes Co-authored-by: Caroline Barker <[email protected]> * [ARM] Bump api-version from 2020-10-01 to 2021-04-01 (#18923) * {EventGrid} - Fix delivery-identity, delivery-endpoint-type and delivery-identity-endpoint (#18989) * [App Service] `az appservice ase create`: Command changes for ASE v3 GA (#18748) * ga changes - draft * exclude missing v3 apis * remove debug line * Add zone support * Add test for zone redundancy * Update help * Hybrid connections improve error/help msg (#18843) * {Eventgrid} Fix eventgrid test api version (#19003) * [BACKUP] `az backup restore restore-disks`: Add MSI usage in IaaS VM Restore (#18961) * merged latest dev * vanguardm9 restore disks changes * restore azure wl log point in time bug fix * changed sdk version to 0.13.0 * ran tests on 2021-04 sdk * ran tests on 2021-04 sdk * sdk upgrade, ran tests, pylint fixes * help text and linter fixes * null check in vault identity * changed mi related parameter name and help text * removed linter exclusion * changed the version * removed unnecessary files Co-authored-by: Akshay Neema <[email protected]> * [ARM] `az ts create`: Make parameter `--template-file` support bicep file (#18888) * Add support for bicep files in TS * Add tests * re-record test * Changed new test to a live test * Changed new test to a live test #2 * [Redis] Add `--redis-version` param to `az redis create` and `az redis update` (#18996) * initial changes to support redis 6 create/update * Updating test records * Revert history.rst changes * Add private link test for service bus (#18999) * [Network] `az network application-gateway waf-policy custom-rule match-condition add`: Add examples (#18957) * add example for 'az network application-gateway waf-policy custom-rule match-condition add' * fix example in 'network application-gateway ssl-cert show' * [network] `az network express-route port link update`: Add `--macsec-sci-state` argument. (#18814) * support sci state for express route link * add tests for network express route port * fix style issue * fix issue in 'az monitor alert create' (#18995) * Remove trailing period from URL (#19019) * {Telemetry} Import unittest.mock in telemetry test (#18977) * {AKS} Refactor acs module (#18975) * * add test for `aks browse` * add preserve_location option for AKSCustomResourceGroupPreparer * modify aks browse * fix tag bug * extract internal func for aks_browse * add test for install-cli * update test for browse * fix @live_only tag * fix test case & update recording file * update recording * fix style issue * Add example for creating site extension to web app (#18935) * [Network] private link add Microsoft.Web/hostingEnvironments provider (#19025) * Add private link test for web ase * fix * network gateway loadbalance support cross tenant (#18792) * [Network] private link add Microsoft.StorageSync/storageSyncServices provider (#19000) * Add private link test for storagesync * Skip storagesync test in record test * {ACR} Migrate to Track 2 (#19006) * trackV2 fix * trackv2 fix * pylint fix * [Keyvault] Fix #6372: table output for secrets isn't correct (#18308) * table transformer * import * move build_table_output to core * [Databoxedge] Migrate databoxedge to track2 SDK (#18678) * track2 * update * update * update * style * Linter * manual * test * old test * Update _help.py * order * bandwidth * [Network] private link add Microsoft.Media/mediaservices provider (#18997) * Add private link test for media service * fix * [Packaging] Add SOCKS Proxy Support (#18931) * {Core} Add `-NoProfile` when calling `powershell.exe` (#18770) * [RDBMS] PostgreSQL, MySQL migration to GA API (#18921) * migrated to PG GA API * mysql migration initial commit * mysql migration and vnet subnet * fix params and mysql ga migration * add tests for GA changes * linter issue resolve * linter issue fix2 * linter fix 3 * style linter issue fix * test recordings * test fix to network and resource * test fiex 2 * add validator update test * trigger CI * Disable geo restore * [App Config] BREAKING CHANGE: `az appconfig feature`: Support namespacing for feature flags and change output fields (#18990) * Support prefix on feature flags * Edit help messages * List by key filter * Raise more specific errors * [Network] private link add Microsoft.Batch/batchAccounts provider (#18970) * Add private link test for batch account * fi * delete old test * Remove non-numerical chars from kube minor version (#18727) * [Compute] `az vm list-skus`: Fix the issue that it can't query the SKU which with partially zones available (#18939) * Fix vm list available skus * Fix vm list skus * Fix CI issue * Fix CI style issue * Fix Style issue * [App Service] `az webapp config access-restriction remove`: Fix the broken caused by AttributeError (#18986) * Fix #18947 * style fix * [IoT] `az iot hub create\update`: File upload and certificate updates (#18966) * Fileupload code and parameter updates * Changed certificate uploads to always be base64-encoded. * renamed fileupload-lock-duration arg to fileupload-notification-lock-duration * More specific argument errors * File upload test additions and minor logic updates * PR Feedback and some parameter/logic updates * Argument error class update * Test timing and recording updates Co-authored-by: Ryan Kelly <[email protected]> * [ARM] `az ts`: Fix the issue that export template specs with no linked templates failed (#18928) * Removed preview tag from template specs, fixed iteration bug * Specified error in packing engine * Fixed styling error Co-authored-by: Dania Etienne <[email protected]> * [ACR] `az acr connected-registry install info/renew-credentials`: Add new parameter `--parent-protocol` to specify parent protocol (#18954) * Add specifying parent protocol to 'acr connected-registry install' to fetch complete connection string * add one more blank line * improve style * change to enum type * style fix * Update src/azure-cli/azure/cli/command_modules/acr/_help.py * Update src/azure-cli/azure/cli/command_modules/acr/_help.py Co-authored-by: Xing Zhou <[email protected]> * [Compute] `az vm auto-shutdown`: Fix the issue that `--webhook` is required when `--email` is passed in (#18958) * Fix the issue that --webhook is required when parameter --email is passed in * resolve conflicts * [Compute] `az vm create`: Support creating VM from shared gallery image (#19037) * Support shared gallery image for vm creation * Fix help * Fix help * Fix CI issue * Fix style issue * Fix CI issue * [Storage] `az storage copy` add new option `--cap-mbps` (#18344) * [storage] Add new option `--cap-mbps` * Update azcopy.py * Update test_storage_azcopy_scenarios.py * Update src/azure-cli/azure/cli/command_modules/storage/_params_azure_stack.py Co-authored-by: Zunli Hu <[email protected]> Co-authored-by: Zunli Hu <[email protected]> * [Compute] az vm extension set: Add note to use Azure Key Vault VM extension instead (#19045) * Add note to az add secret * Update _help.py * Update _help.py * Update src/azure-cli/azure/cli/command_modules/vm/_help.py Co-authored-by: Xing Zhou <[email protected]> * {Core} Log `_get_attr` exceptions (#19030) * [App Service]: Fix #17424: `az appservice plan show`: Provide correct exit status (#18994) * fix #17424 - az appservice plan show does not provide correct exit status * Tests are re-recorded with latest changes * StyleError * Disable pylint check temporarily * Update src/azure-cli/azure/cli/command_modules/appservice/custom.py * Fix pylint check * Updated review comments Co-authored-by: Xing Zhou <[email protected]> * {Release} Upgrade to Azure CLI 2.27.0 (#19052) * Increase TestYumPackage's timeoutInMinutes (#19058) * Improve nodepool help text for OS Disk options (#19073) * {AKS} Refactor acs module: add test cases for sub-command `create` (#19026) * add test for autoscaler * add test for loadbalancer * add test for node public ip * add test for network cidr * update create default test * add test for create attach acr * add AKSCustomRoleBasedServicePrincipalPreparer * update test ingress appgw * add test case for outbound type udr * add test for node_osdisk_diskencryptionset * add test for enable-encryption-at-host, enable-azure-rbac, disable-rbac and dns-service-ip * add test for workspace-resource-id * add recordings * update recordings * [SQL] az sql mi update: Add --subnet and --vnet-name parameters to support the cross subnet update SLO (#18886) * Update sql track2 * Update commands.py update begin_delete * update setter_name to pass sdk validation * replace_all_delete * pass az self-check * update recording tests * fix all begin_xyz issue * run test to unblock some issues * pass SqlServerMSSupportScenarioTest * change region to pass tests * pass LTR test * add recorded tests for MI * update db_rename parameters * pass db management tests * address aad tests * pass sql server aad * revert azure-mgmt-netapp version change * record test after rebase * add three passed tests * modify short term policy * complete another three tests * pass tde test * pass two more tests * Update custom.py * pass two more tests * pass classification test * pass long and short backup * update test file to match new config * pass server and db security tests * record test_sql_db_sensitivity_classifications again * update MI tests * pass MI tests * pass tests * modify instance_pool_test * Iteration 1: - Adding support for cross subnet update SLO * Iteration 2: - Removing the change from History.rst file * Iteration 3: - Fixing merge errors * Iteration 4: - Removing merge errors * Iteration 5: - Removing merge errors * Iteration 6: - Fixed merge errors * Iteration 7: - Fix merge errors * Iteration 7: - Fixed CLI style issue - removed two trailing spaces - Fixed CLI linter issue - fixed the cross-subnet update slo command in _help.py Co-authored-by: Ji Wang <[email protected]> Co-authored-by: Nemanja <[email protected]> * [ACR] `acr create/update`: Add new parameter `--allow-exports` to support export (#19065) * Update azure-mgmt-containerregistry from 8.0.0 to 8.1.0. Add support for export disable. * Add acr export policy tests style fix * re-record acr dependent tests * style: disable too many locals * fix style issue Co-authored-by: Tosin Adewale <[email protected]> * Fix linter failures (#19116) * {Packaging} Drop `mock` library (#19024) * {AppService} Fix #17947: az functionapp update fails with Attribute error: checking non-existent app name (#19126) * added condition to check for non-existent app name * updated functionapp tests recordings Co-authored-by: parthagg <[email protected]> * removing preview stats for --enable-analytical-storage (#19113) Co-authored-by: Feng Zhou <[email protected]> Co-authored-by: Jason Freeberg <[email protected]> Co-authored-by: Feiyue Yu <[email protected]> Co-authored-by: Daeun Yim <[email protected]> Co-authored-by: Jiashuo Li <[email protected]> Co-authored-by: Yishi Wang <[email protected]> Co-authored-by: Shenglong Li <[email protected]> Co-authored-by: Ryan K <[email protected]> Co-authored-by: Ryan Kelly <[email protected]> Co-authored-by: Xing Zhou <[email protected]> Co-authored-by: Rajesh1Ganesan <[email protected]> Co-authored-by: Zunli Hu <[email protected]> Co-authored-by: Kota Sudhakar Reddy <[email protected]> Co-authored-by: Jiefeng Chen <[email protected]> Co-authored-by: aim-for-better <[email protected]> Co-authored-by: songlu <[email protected]> Co-authored-by: Feiyue Yu <[email protected]> Co-authored-by: Kerwin(Kaihui) Sun <[email protected]> Co-authored-by: FumingZhang <[email protected]> Co-authored-by: zesluo <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Chenyang Liu <[email protected]> Co-authored-by: hildurhodd <[email protected]> Co-authored-by: Calvin <[email protected]> Co-authored-by: Vidya Kukke <[email protected]> Co-authored-by: Alexandre Arpin <[email protected]> Co-authored-by: Jan Schmidle <[email protected]> Co-authored-by: Sisira Panchagnula <[email protected]> Co-authored-by: Rodrigo Mendoza <[email protected]> Co-authored-by: xiaofanzhou <[email protected]> Co-authored-by: xfz11 <[email protected]> Co-authored-by: Chris Eggert <[email protected]> Co-authored-by: Azure CLI Bot <[email protected]> Co-authored-by: Yu Chen <[email protected]> Co-authored-by: Troy Connor <[email protected]> Co-authored-by: Delora Bradish <[email protected]> Co-authored-by: Ahmad Abbas <[email protected]> Co-authored-by: Ahmad Abas <[email protected]> Co-authored-by: Yang Yuan <[email protected]> Co-authored-by: Bhuvaneswari Santharam <[email protected]> Co-authored-by: Bhuvaneswari Santharam <[email protected]> Co-authored-by: Mads Damgård <[email protected]> Co-authored-by: Daniel Miller <[email protected]> Co-authored-by: Azure CLI Team <[email protected]> Co-authored-by: Zhenyu Zhou <[email protected]> Co-authored-by: Ben Vesel <[email protected]> Co-authored-by: strehan1993 <[email protected]> Co-authored-by: xaliciayang <[email protected]> Co-authored-by: Vinit Dinesh Parekh <[email protected]> Co-authored-by: Alan Feng <[email protected]> Co-authored-by: Avani Gupta <[email protected]> Co-authored-by: Akshay Neema <[email protected]> Co-authored-by: Akshay Neema <[email protected]> Co-authored-by: Amit Singh <[email protected]> Co-authored-by: Andy Zhang <[email protected]> Co-authored-by: Shreyansh Joshi <[email protected]> Co-authored-by: Shreyansh Joshi <[email protected]> Co-authored-by: rewongmicrosoft <[email protected]> Co-authored-by: Tongyao Si <[email protected]> Co-authored-by: tomswedlund <[email protected]> Co-authored-by: Tom Swedlund <[email protected]> Co-authored-by: viparek <[email protected]> Co-authored-by: Liming Liu <[email protected]> Co-authored-by: lululilliancoding <[email protected]> Co-authored-by: Lillian Liu <[email protected]> Co-authored-by: Graham Zuber <[email protected]> Co-authored-by: Ismayil <[email protected]> Co-authored-by: Shuai Wang <[email protected]> Co-authored-by: t-bzhan <[email protected]> Co-authored-by: Bo Zhang <[email protected]> Co-authored-by: Robert Gao <[email protected]> Co-authored-by: Artyom Pavlichenko <[email protected]> Co-authored-by: Mikolaj Mackowiak <[email protected]> Co-authored-by: Major Hayden <[email protected]> Co-authored-by: Caroline Barker <[email protected]> Co-authored-by: Caroline Barker <[email protected]> Co-authored-by: abalogun-dev <[email protected]> Co-authored-by: Auðunn <[email protected]> Co-authored-by: Audunn Baldvinsson <[email protected]> Co-authored-by: Vidhi-2510 <[email protected]> Co-authored-by: Vidhi Katyal <[email protected]> Co-authored-by: Himanshu Agarwal <[email protected]> Co-authored-by: Praveen kumar <[email protected]> Co-authored-by: Rhea Parekh <[email protected]> Co-authored-by: Rhea Parekh <[email protected]> Co-authored-by: Vineet Mahadik <[email protected]> Co-authored-by: Novin <[email protected]> Co-authored-by: Novin Changizi <[email protected]> Co-authored-by: Ji Wang <[email protected]> Co-authored-by: Gokul Premraj <[email protected]> Co-authored-by: MECHANDR <[email protected]> Co-authored-by: John Downs <[email protected]> Co-authored-by: Graham Hayes <[email protected]> Co-authored-by: Dania Etienne <[email protected]> Co-authored-by: Dania Etienne <[email protected]> Co-authored-by: Yuan Xi <[email protected]> Co-authored-by: Micah McKittrick <[email protected]> Co-authored-by: v-nestan <[email protected]> Co-authored-by: Nemanja <[email protected]> Co-authored-by: Tosin Adewale <[email protected]> Co-authored-by: Tosin Adewale <[email protected]> Co-authored-by: Parth Aggarwal <[email protected]> Co-authored-by: parthagg <[email protected]> Co-authored-by: toswedlu <[email protected]>
Context
az ad sp create-for-rbac
creates an app for the service principal. The command specifiesidentifierUris
on the app:--name <name>
is provided,identifierUris
will be set tohttp://<name>
--name <name>
is not provided,identifierUris
will be set tohttp://azure-cli-%Y-%m-%d-%H-%M-%S
Per https://identitydocs.azurewebsites.net/static/v2/first_party_alert_appiduri_verifieddomain.html, AAD will block app creation with invalid
identifierUris
in the near future (planned to be end of June). Valid forms are:Valid api schemes:
Other Uri schemes:
Changes
az ad sp create-for-rbac
shouldn't make any assumption and deriveidentifierUris
from--name
asidentifierUris
can be unspecified, so CLI will not use--name
to deriveidentifierUris
to create the app anymore. The app will be created withoutidentifierUris
to avoid being blocking by AAD.Before:
The
name
property in the output is a property invented by Azure CLI itself (the service principal object doesn't have aname
property). It maps toservicePrincipalNames
which is a combination ofidentifierUris
andappId
:So we switch the value of
name
fromidentifierUri
toappId
. We are deprecating it and will remove it in the future.After:
Con: This introduces inconsistency:
--name
in the input command is used asdisplayName
, whilename
property in output representsservicePrincipalNames
Idempotence
az ad sp create-for-rbac
is idempotent when the same--name
(used asdisplayName
) is provided.az ad sp create-for-rbac --name
can be run multiple times:displayName
This behavior differs from
New-AzADServicePrincipal
which creates a new service principal on each execution.Limitation
Many customers are still using older versions of Azure CLI/PowerShell and we do not have control over their migration plan. This BREAKING CHANGE on AAD service side will affect users who are still using older version of Azure CLI/PowerShell.
Equivalent changes on Azure PowerShell
New-AzADServicePrincipal
: Update IdentifierUris of ADApp and DisplayName of ADServicePrincipal azure-powershell#14952History Notes
[Role] BREAKING CHANGE:
az ad sp create-for-rbac
:--name
is now only used as thedisplayName
of the app. It is not used to generateidentifierUris
anymore.name
in the output is now the same asappId
(servicePrincipalNames
) and deprecated.