Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] #39

Closed
klawrawkz opened this issue Sep 4, 2020 · 1 comment
Closed

[BUG] #39

klawrawkz opened this issue Sep 4, 2020 · 1 comment
Assignees
@edyoung @BellaLi
Labels
bug Something isn't working

Comments

@klawrawkz
Copy link

To Reproduce

  1. Open cloud shell.
  2. Set default subscription via az account set --subscription <'AzureAccountName2'>command.
  3. Run az group list -o table... to get a list of resource groups
  4. Run any command that requires a resource group (rg) name
  5. Observe cloud shell error stating that rg does not exist.
  6. Chuckle as you verify that the named rg is the same as one you chose from the list obtained via az group list command. You find it humorous that the rg is not found ... because you copied and pasted it in the command parameter list from the list obtained via az group list command.
  7. Notice then that cloud shell is not using the DEFAULT subscription set earlier via the az account set --subscription <'mySubscriptionName'> command.
  8. For a sanity check run the az account show command to verify the default subscription is set as intended.
  9. Note that the default subscription is set as expected.
  10. For next sanity check rerun command requiring a rg name parameter and add -Debug parameter to get more details
  11. Note that Azure cloud shell is running the command requiring a rg name in a NON-DEFAULT subscription.
  12. (Optional Step) Scratch head and wonder 1) is azure picking a random subscription and ... well ... 2) (become philosophic now) why is the shell ignoring the default subscription setting; 3) is Azure shell behavior expected or a bug; 4) if this is expected (get philosophic again) why allow a default to be set in Azure cloud shell with no warning or level setting message if it is expected behavior that cloud shell ignores the DEFAULT subscription setting....
    ...
    ...
    ...
    Commands you ran
1. az account list -o yaml

2. az account set --subscription 'POC Dev/Test Lab'

3. az account show -o yaml

4. az group list --query '[*].{Name:name, Location:location,Properties:properties,Type:type,ID:id }' -o yaml

5. $vnetgatewayHM = Get-AzVirtualNetworkGateway -Name vpn-palmtrio-prod-eastus-001 -resourcegroupname 'jenkins-prod-labs-rg' -debug

Observed Behavior

PS /home/david> az account list -o yaml
- cloudName: AzureCloud
  homeTenantId: xx-xx-xx-xx-801daa173b77
  id: xx-xx-xx-xx-22df3abec8af
  isDefault: false
  managedByTenants: []
  name: <AzureAccountName1>
  state: Enabled
  tenantId: xx-xx-xx-xx-801daa173b77
  user:
    name: <myEmailID>@hotmail.com
    type: user
- cloudName: AzureCloud
  homeTenantId: xx-xx-xx-xx-801daa173b77
  id: xx-xx-xx-xx-0f7c8441bba8
  isDefault: false
  managedByTenants: []
  name: <AzureAccountName2>
  state: Enabled
  tenantId: xx-xx-xx-xx-801daa173b77
  user:
    name: <myEmailID>@hotmail.com
    type: user
- cloudName: AzureCloud
  homeTenantId: xx-xx-xx-xx-801daa173b77
  id: xx-xx-xx-xx-f9b8f78f8100
  isDefault: false
  managedByTenants: []
  name: <AzureAccountName3>
  state: Enabled
  tenantId: xx-xx-xx-xx-801daa173b77
  user:
    name: <myEmailID>@hotmail.com
    type: user
- cloudName: AzureCloud
  homeTenantId: xx-xx-xx-xx-801daa173b77
  id: xx-xx-xx-xx-635c3a2a74eb
  isDefault: false
  managedByTenants: []
  name: <AzureAccountName4>
  state: Enabled
  tenantId: xx-xx-xx-xx-801daa173b77
  user:
    name: <myEmailID>@hotmail.com
    type: user
- cloudName: AzureCloud
  homeTenantId: xx-xx-xx-xx-801daa173b77
  id: xx-xx-xx-xx-8ec6832d826b
  isDefault: false
  managedByTenants: []
  name: <AzureAccountName5>
  state: Enabled
  tenantId: xx-xx-xx-xx-801daa173b77
  user:
    name: <myEmailID>@hotmail.com
    type: user
- cloudName: AzureCloud
  homeTenantId: xx-xx-xx-xx-801daa173b77
  id: xx-xx-xx-xx-79216babb462
  isDefault: false
  managedByTenants: []
  name: <AzureAccountName6>
  state: Enabled
  tenantId: xx-xx-xx-xx-801daa173b77
  user:
    name: <myEmailID>@hotmail.com
    type: user
- cloudName: AzureCloud
  homeTenantId: xx-xx-xx-xx-801daa173b77
  id: xx-xx-xx-xx-11df18627a97
  isDefault: false
  managedByTenants: []
  name: <AzureAccountName7>
  state: Enabled
  tenantId: xx-xx-xx-xx-801daa173b77
  user:
    name: <myEmailID>@hotmail.com
    type: user
- cloudName: AzureCloud
  homeTenantId: xx-xx-xx-xx-d54a84247f3b
  id: xx-xx-xx-xx-660c8cfa7c54
  isDefault: true
  managedByTenants: []
  name: <AzureAccountName8>
  state: Enabled
  tenantId: xx-xx-xx-xx-d54a84247f3b
  user:
    name: <myEmailID>@hotmail.com
    type: user
- cloudName: AzureCloud
  homeTenantId: xx-xx-xx-xx-16c0e4ee0163
  id: xx-xx-xx-xx-a51d92bee73e
  isDefault: false
  managedByTenants: []
  name: <AzureAccountName9>
  state: Enabled
  tenantId: xx-xx-xx-xx-16c0e4ee0163
  user:
    name: <myEmailID>@hotmail.com
    type: user

az account set --subscription 'POC Dev/Test Lab'

az account show -o yaml
(NOTE: the default subscription is now ID  xx-xx-xx-0f7c8441bba8)
environmentName: AzureCloud
homeTenantId: xx-xx-xx-xx-801daa173b77
id: xx-xx-xx-0f7c8441bba8
isDefault: true
managedByTenants: []
name: <AzureAccountName7>
state: Enabled
tenantId: xx-xx-xx-xx-801daa173b77
user:
  name: <myEmailID>@hotmail.com
  type: user

az group list --query '[*].{Name:name, Location:location,Properties:properties,Type:type,ID:id }' -o yaml
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/r-d-test-lab-useast-001-galleryRg
  Location: eastus
  Name: r-d-test-lab-useast-001-galleryRg
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/modernization-devtest-lab-eastus
  Location: eastus
  Name: modernization-devtest-lab-eastus
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/file-share-test-rg
  Location: eastus2
  Name: file-share-test-rg
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/VstsRG-CoE-Azure-DevOps-Practice-2322
  Location: centralus
  Name: VstsRG-CoE-Azure-DevOps-Practice-2322
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/jenkins-prod-info-labs-rg
  Location: eastus
  Name: jenkins-prod-info-labs-rg
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/auto-budget-alerts-rg
  Location: eastus
  Name: auto-budget-alerts-rg
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/dev-visual-studio-online-eastus-rg
  Location: eastus
  Name: dev-visual-studio-online-eastus-rg
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/vso-rg-80ed7da
  Location: eastus
  Name: vso-rg-80ed7da
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/NetworkWatcherRG
  Location: eastus
  Name: NetworkWatcherRG
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/dt-azure-ad-domain-services-rg
  Location: eastus
  Name: dt-azure-ad-domain-services-rg
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/AzureBackupRG_eastus_1
  Location: eastus
  Name: AzureBackupRG_eastus_1
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/Default-ActivityLogAlerts
  Location: eastasia
  Name: Default-ActivityLogAlerts
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/dev-support-svcs-recovery-eastus2-rg
  Location: eastus2
  Name: dev-support-svcs-recovery-eastus2-rg
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/dev-support-svcs-eastus2-rg
  Location: eastus2
  Name: dev-support-svcs-eastus2-rg
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/DefaultResourceGroup-EUS2
  Location: eastus2
  Name: DefaultResourceGroup-EUS2
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/AzureBackupRG_eastus2_1
  Location: eastus2
  Name: AzureBackupRG_eastus2_1
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/file-share-test-pvt-endpoint-eastus2-prod-rg
  Location: eastus2
  Name: file-share-test-pvt-endpoint-eastus2-prod-rg
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/DefaultResourceGroup-EUS
  Location: eastus
  Name: DefaultResourceGroup-EUS
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/prod-test-lab-useast-rg
  Location: eastus
  Name: prod-test-lab-useast-rg
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/dev-support-svcs-eastus2-rg-asr
  Location: westus
  Name: dev-support-svcs-eastus2-rg-asr
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups
- ID: /subscriptions/xx-xx-xx-0f7c8441bba8/resourceGroups/cloud-shell-storage-westus
  Location: westus
  Name: cloud-shell-storage-westus
  Properties:
    provisioningState: Succeeded
  Type: Microsoft.Resources/resourceGroups

~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~
~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~
~*~*~*~*~*~*~*~*~*~*~*~*~*
ERROR CONDITION BELOW.
~*~*~*~*~*~*~*~*~*~*~*~*~*
~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*

PS /home/david> $vnetgatewayHM = Get-AzVirtualNetworkGateway -Name vpn-palmtrio-prod-eastus-001 -resourcegroupname 'jenkins-prod-labs-rg' -debug

DEBUG: 3:07:00 PM - GetAzureVirtualNetworkGatewayCommand begin processing with ParameterSet '__AllParameterSets'.
DEBUG: 3:07:00 PM - using account id 'MSI@50342'...
DEBUG: [Common.Authentication]: Authenticating using Account: 'MSI@50342', environment: 'AzureCloud', tenant: 'xx-xx-xx-xx-801daa173b77'
DEBUG: [HttpClientOperations]: Adding Header 'Metadata'
DEBUG: Checking Cache request http://localhost:50342/oauth2/token?resource=https%3A%2F%2Fmanagement.core.windows.net%2F&api-version=2018-02-01
DEBUG: Cache Hit
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://management.azure.com/subscriptions/xx-xx-xx-xx-79216babb462/resourceGroups/jenkins-prod-labs-rg/providers/Microsoft.Network/virtualNetworkGateways/vpn-palmtrio-prod-eastus-001?api-version=2020-05-01

Headers:
x-ms-client-request-id        : c1260ac6-3772-436b-a43f-0aed880b6581
Accept-Language               : en-US

Body:



DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
NotFound

Headers:
Cache-Control                 : no-cache
Pragma                        : no-cache
x-ms-failure-cause            : gateway
x-ms-request-id               : 12929bb6-eaa5-4101-880a-641e0c463e29
x-ms-correlation-request-id   : 12929bb6-eaa5-4101-880a-641e0c463e29
x-ms-routing-request-id       : WESTUS:20200904T150700Z:12929bb6-eaa5-4101-880a-641e0c463e29
Strict-Transport-Security     : max-age=31536000; includeSubDomains
X-Content-Type-Options        : nosniff
Date                          : Fri, 04 Sep 2020 15:07:00 GMT

Body:
{
  "error": {
    "code": "ResourceGroupNotFound",
    "message": "Resource group 'jenkins-prod-labs-rg' could not be found."
  }
}


Get-AzVirtualNetworkGateway: Resource group 'jenkins-prod-labs-rg' could not be found.
StatusCode: 404
ReasonPhrase: Not Found
ErrorCode: ResourceGroupNotFound
ErrorMessage: Resource group 'jenkins-prod-labs-rg' could not be found.
OperationID : 12929bb6-eaa5-4101-880a-641e0c463e29
DEBUG: AzureQoSEvent: CommandName - Get-AzVirtualNetworkGateway; IsSuccess - False; Duration - 00:00:00.1722125;; Exception - Microsoft.Azure.Commands.Network.Common.NetworkCloudException: Resource group 'jenkins-prod-labs-rg' could not be found.
StatusCode: 404
ReasonPhrase: Not Found
ErrorCode: ResourceGroupNotFound
ErrorMessage: Resource group 'jenkins-prod-labs-rg' could not be found.
OperationID : 12929bb6-eaa5-4101-880a-641e0c463e29
 ---> Microsoft.Rest.Azure.CloudException: Resource group 'jenkins-prod-labs-rg' could not be found.
   at Microsoft.Azure.Management.Network.VirtualNetworkGatewaysOperations.GetWithHttpMessagesAsync(String resourceGroupName, String virtualNetworkGatewayName, Dictionary`2 customHeaders, CancellationToken cancellationToken)
   at Microsoft.Azure.Management.Network.VirtualNetworkGatewaysOperationsExtensions.GetAsync(IVirtualNetworkGatewaysOperations operations, String resourceGroupName, String virtualNetworkGatewayName, CancellationToken cancellationToken)
   at Microsoft.Azure.Management.Network.VirtualNetworkGatewaysOperationsExtensions.Get(IVirtualNetworkGatewaysOperations operations, String resourceGroupName, String virtualNetworkGatewayName)
   at Microsoft.Azure.Commands.Network.VirtualNetworkGatewayBaseCmdlet.GetVirtualNetworkGateway(String resourceGroupName, String name)
   at Microsoft.Azure.Commands.Network.GetAzureVirtualNetworkGatewayCommand.Execute()
   at Microsoft.Azure.Commands.Network.NetworkBaseCmdlet.ExecuteCmdlet()
   --- End of inner exception stack trace ---
   at Microsoft.Azure.Commands.Network.NetworkBaseCmdlet.ExecuteCmdlet()
   at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.<>c__3`1.<ExecuteSynchronouslyOrAsJob>b__3_0(T c)
   at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet, Action`1 executor)
   at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet)
   at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord();
DEBUG: Finish sending metric.
DEBUG: 3:07:01 PM - GetAzureVirtualNetworkGatewayCommand end processing.

Expected behavior

Here is a clear description of what is expected to happen instead:

Hi my name is klawrawkz. I am fine, how are you?
When I set a default subscription using the azure cloud-shell (or any other azure tooling), I expect that the commands I issue will be run in the context of the DEFAULT subscription. 1) Create session in cloud-shell; 2) Run command to set AZURE DEFAULT subscription; 3) issue any command under the sun; 4) from this point onward all commands in the session will be executed in the context of the DEFAULT subscription established in step 2.

Is this specific to Cloud Shell?

Yes, specific to cloud shell.

Interface information

How are you accessing Cloud Shell -
https://portal.azure.com
Edge | Chrome | Opera | FireFox on Windows 10

Additional context

Here is additional context about the problem ==> *

We have set the 'default' subscription via cloud shell. When we execute: Get-AzVirtualNetworkGateway -Name vpn-palmtrio-prod-eastus-001 -resourcegroupname 'jenkins-prod-labs-rg' -debug this should or I expect to execute commands in the context of the DEFAULT subscription I.E. ID xx-xx-xx-0f7c8441bba8, .

- cloudName: AzureCloud
  homeTenantId: xx-xx-xx-xx-801daa173b77
  id: xx-xx-xx-xx-0f7c8441bba8
  isDefault: true
  managedByTenants: []
  name: <AzureAccountName2>
  state: Enabled
  tenantId: xx-xx-xx-xx-801daa173b77
  user:
    name: <myEmailID>@hotmail.com
    type: user

NOTE: The trace of the request shows the command is executed using a NON-DEFAULT subscription ID, E.G. xx-xx-xx-xx-79216babb462, .

DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://management.azure.com/subscriptions**/xx-xx-xx-xx-79216babb462/**resourceGroups/jenkins-prod-labs-rg/providers/Microsoft.Network/virtualNetworkGateways/vpn-palmtrio-prod-eastus-001?api-version=2020-05-01

The command can never succeed because the subscription being queried for the RG is incorrect:

  • cloudName: AzureCloud
    homeTenantId: xx-xx-xx-xx-801daa173b77
    id: xx-xx-xx-xx-79216babb462
    isDefault: false
    managedByTenants: []
    name:
    state: Enabled
    tenantId: xx-xx-xx-xx-801daa173b77

Thanks for your help with this.
klawrawkz
@klawrawkz klawrawkz added the bug Something isn't working label Sep 4, 2020
@klawrawkz klawrawkz mentioned this issue Sep 4, 2020
Closed
@klawrawkz
Copy link
Author

Updated Title of report and created #40 .

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@edyoung edyoung

@BellaLi BellaLi

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@edyoung @BellaLi @klawrawkz