Security admin rule update for 'virtual-network-manager' is dropping values. #6787
Labels
Auto-Assign
Auto assign by bot
Azure CLI Team
The command of the issue is owned by Azure CLI team
Network
question
The issue doesn't require a change to the product in order to be resolved. Most issues start as that
Milestone
Describe the bug
When trying to update a security admin rule for AvNM, many of the properties are not making it to the request body. Source, Direction, and Protocol are the ones I have observed.
Related command
az network manager security-admin-config rule-collection rule update
Errors
The properties I define on the command line are not translated to the request body.
Issue script & Debug output
C:\Users\jaredgorthy>az network manager security-admin-config rule-collection rule update --configuration-name "secAdmin" --network-manager-name "jaredgorthy" --resource-group "jaredgorthy-testResources" --rule-collection-name "sampleRuleCollection" --rule-name "sampleRule" --access "Allow" --debug
cli.knack.cli: Command arguments: ['network', 'manager', 'security-admin-config', 'rule-collection', 'rule', 'update', '--configuration-name', 'secAdmin', '--network-manager-name', 'jaredgorthy', '--resource-group', 'jaredgorthy-testResources', '--rule-collection-name', 'sampleRuleCollection', '--rule-name', 'sampleRule', '--access', 'Allow', '--debug']
cli.knack.cli: init debug log:
Enable color in terminal.
Enable VT mode.
cli.knack.cli: Event: Cli.PreExecute []
cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x01E5A580>, <function OutputProducer.on_global_arguments at 0x0205B7C0>, <function CLIQuery.on_global_arguments at 0x02078418>]
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate []
cli.azure.cli.core: Modules found from index for 'network': ['azure.cli.command_modules.network', 'azure.cli.command_modules.privatedns', 'azext_network_manager']
cli.azure.cli.core: Loading command modules:
cli.azure.cli.core: Name Load Time Groups Commands
cli.azure.cli.core: network 0.733 115 453
cli.azure.cli.core: privatedns 0.035 14 60
cli.azure.cli.core: Total (2) 0.768 129 513
cli.azure.cli.core: These extensions are not installed and will be skipped: ['azext_ai_examples', 'azext_next']
cli.azure.cli.core: Loading extensions:
cli.azure.cli.core: Name Load Time Groups Commands Directory
cli.azure.cli.core: virtual-network-manager 0.104 11 35 C:\Users\jaredgorthy.azure\cliextensions\virtual-network-manager
cli.azure.cli.core: Total (1) 0.104 11 35
cli.azure.cli.core: Loaded 138 groups, 548 commands.
cli.azure.cli.core: Found a match in the command table.
cli.azure.cli.core: Raw command : network manager security-admin-config rule-collection rule update
cli.azure.cli.core: Command table: network manager security-admin-config rule-collection rule update
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x0423C730>]
cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to 'C:\Users\jaredgorthy.azure\commands\2023-09-20.11-39-03.network_manager_security-admin-config_rule-collection_rule_update.4040.log'.
az_command_data_logger: command args: network manager security-admin-config rule-collection rule update --configuration-name {} --network-manager-name {} --resource-group {} --rule-collection-name {} --rule-name {} --access {} --debug
cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument..add_subscription_parameter at 0x04265D60>]
cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad []
cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument..add_ids_arguments at 0x042A1CD0>, <function register_cache_arguments..add_cache_arguments at 0x042A1EC8>]
cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded []
cli.knack.cli: Event: CommandInvoker.OnPreParseArgs []
cli.knack.cli: Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x0205B808>, <function CLIQuery.handle_query_parameter at 0x02078460>, <function register_ids_argument..parse_ids_arguments at 0x042A1E80>]
az_command_data_logger: extension name: virtual-network-manager
az_command_data_logger: extension version: 1.0.0b2
cli.azure.cli.core.auth.persistence: build_persistence: location='C:\Users\jaredgorthy\.azure\msal_token_cache.bin', encrypt=True
cli.azure.cli.core.auth.binary_cache: load: C:\Users\jaredgorthy.azure\msal_http_cache.bin
urllib3.util.retry: Converted retries value: 1 -> Retry(total=1, connect=None, read=None, redirect=None, status=None)
msal.authority: openid_config = {'token_endpoint': 'https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/token', 'token_endpoint_auth_methods_supported': ['client_secret_post', 'private_key_jwt', 'client_secret_basic'], 'jwks_uri': 'https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/discovery/v2.0/keys', 'response_modes_supported': ['query', 'fragment', 'form_post'], 'subject_types_supported': ['pairwise'], 'id_token_signing_alg_values_supported': ['RS256'], 'response_types_supported': ['code', 'id_token', 'code id_token', 'id_token token'], 'scopes_supported': ['openid', 'profile', 'email', 'offline_access'], 'issuer': 'https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/v2.0', 'request_uri_parameter_supported': False, 'userinfo_endpoint': 'https://graph.microsoft.com/oidc/userinfo', 'authorization_endpoint': 'https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/authorize', 'device_authorization_endpoint': 'https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/devicecode', 'http_logout_supported': True, 'frontchannel_logout_supported': True, 'end_session_endpoint': 'https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/logout', 'claims_supported': ['sub', 'iss', 'cloud_instance_name', 'cloud_instance_host_name', 'cloud_graph_host_name', 'msgraph_host', 'aud', 'exp', 'iat', 'auth_time', 'acr', 'nonce', 'preferred_username', 'name', 'tid', 'ver', 'at_hash', 'c_hash', 'email'], 'kerberos_endpoint': 'https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/kerberos', 'tenant_region_scope': 'WW', 'cloud_instance_name': 'microsoftonline.com', 'cloud_graph_host_name': 'graph.windows.net', 'msgraph_host': 'graph.microsoft.com', 'rbac_url': 'https://pas.windows.net'}
msal.application: Broker enabled? False
cli.azure.cli.core.auth.credential_adaptor: CredentialAdaptor.get_token: scopes=('https://management.core.windows.net//.default',), kwargs={}
cli.azure.cli.core.auth.msal_authentication: UserCredential.get_token: scopes=('https://management.core.windows.net//.default',), claims=None, kwargs={}
msal.application: Cache hit an AT
msal.telemetry: Generate or reuse correlation_id: c3b033b8-aa29-4a08-b621-015910832a4f
cli.azure.cli.core.sdk.policies: Request URL: 'https://management.azure.com/subscriptions/f0dc2b34-dfad-40e4-83e0-2309fed8d00b/resourceGroups/jaredgorthy-testResources/providers/Microsoft.Network/networkManagers/jaredgorthy/securityAdminConfigurations/secAdmin/ruleCollections/sampleRuleCollection/rules/sampleRule?api-version=2022-01-01'
cli.azure.cli.core.sdk.policies: Request method: 'GET'
cli.azure.cli.core.sdk.policies: Request headers:
cli.azure.cli.core.sdk.policies: 'Accept': 'application/json'
cli.azure.cli.core.sdk.policies: 'x-ms-client-request-id': 'f86b8ee5-57e4-11ee-8e45-a4ae1284d41e'
cli.azure.cli.core.sdk.policies: 'CommandName': 'network manager security-admin-config rule-collection rule update'
cli.azure.cli.core.sdk.policies: 'ParameterSetName': '--configuration-name --network-manager-name --resource-group --rule-collection-name --rule-name --access --debug'
cli.azure.cli.core.sdk.policies: 'User-Agent': 'AZURECLI/2.52.0 (MSI) (AAZ) azsdk-python-core/1.26.0 Python/3.10.10 (Windows-10-10.0.22621-SP0)'
cli.azure.cli.core.sdk.policies: 'Authorization': ''
cli.azure.cli.core.sdk.policies: Request body:
cli.azure.cli.core.sdk.policies: This request has no body
urllib3.connectionpool: Starting new HTTPS connection (1): management.azure.com:443
urllib3.connectionpool: https://management.azure.com:443 "GET /subscriptions/f0dc2b34-dfad-40e4-83e0-2309fed8d00b/resourceGroups/jaredgorthy-testResources/providers/Microsoft.Network/networkManagers/jaredgorthy/securityAdminConfigurations/secAdmin/ruleCollections/sampleRuleCollection/rules/sampleRule?api-version=2022-01-01 HTTP/1.1" 200 1068
cli.azure.cli.core.sdk.policies: Response status: 200
cli.azure.cli.core.sdk.policies: Response headers:
cli.azure.cli.core.sdk.policies: 'Cache-Control': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Pragma': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Content-Length': '1068'
cli.azure.cli.core.sdk.policies: 'Content-Type': 'application/json; charset=utf-8'
cli.azure.cli.core.sdk.policies: 'Expires': '-1'
cli.azure.cli.core.sdk.policies: 'x-ms-ratelimit-remaining-subscription-reads': '11999'
cli.azure.cli.core.sdk.policies: 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
cli.azure.cli.core.sdk.policies: 'x-ms-request-id': '7cd717bf-8e09-4292-b5df-146815b4e5be'
cli.azure.cli.core.sdk.policies: 'x-ms-correlation-request-id': '7cd717bf-8e09-4292-b5df-146815b4e5be'
cli.azure.cli.core.sdk.policies: 'x-ms-routing-request-id': 'WESTUS2:20230920T183904Z:7cd717bf-8e09-4292-b5df-146815b4e5be'
cli.azure.cli.core.sdk.policies: 'X-Content-Type-Options': 'nosniff'
cli.azure.cli.core.sdk.policies: 'X-Cache': 'CONFIG_NOCACHE'
cli.azure.cli.core.sdk.policies: 'X-MSEdge-Ref': 'Ref A: CA5473A133374176A34A4C773DBB38C1 Ref B: CO6AA3150219029 Ref C: 2023-09-20T18:39:02Z'
cli.azure.cli.core.sdk.policies: 'Date': 'Wed, 20 Sep 2023 18:39:03 GMT'
cli.azure.cli.core.sdk.policies: Response content:
cli.azure.cli.core.sdk.policies: {"name":"sampleRule","id":"/subscriptions/f0dc2b34-dfad-40e4-83e0-2309fed8d00b/resourceGroups/jaredgorthy-testResources/providers/Microsoft.Network/networkManagers/jaredgorthy/securityAdminConfigurations/secAdmin/ruleCollections/sampleRuleCollection/rules/sampleRule","type":"Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules","etag":""26009b12-0000-0100-0000-650b39fb0000"","properties":{"description":"","flag":"","priority":1,"protocol":"Tcp","direction":"Outbound","access":"Deny","sources":[{"addressPrefixType":"IPPrefix","addressPrefix":""}],"destinations":[{"addressPrefixType":"IPPrefix","addressPrefix":""}],"sourcePortRanges":["0-65532"],"destinationPortRanges":["0-65535"],"provisioningState":"Succeeded","resourceGuid":"fe5bc401-e4f7-41de-a320-7fcb6df8265a"},"kind":"Custom","systemData":{"createdBy":"[email protected]","createdByType":"User","createdAt":"2022-11-01T17:41:04.6137946Z","lastModifiedBy":"[email protected]","lastModifiedByType":"User","lastModifiedAt":"2023-09-20T18:29:11.4777095Z"}}
cli.azure.cli.core.sdk.policies: Request URL: 'https://management.azure.com/subscriptions/f0dc2b34-dfad-40e4-83e0-2309fed8d00b/resourceGroups/jaredgorthy-testResources/providers/Microsoft.Network/networkManagers/jaredgorthy/securityAdminConfigurations/secAdmin/ruleCollections/sampleRuleCollection/rules/sampleRule?api-version=2022-01-01'
cli.azure.cli.core.sdk.policies: Request method: 'PUT'
cli.azure.cli.core.sdk.policies: Request headers:
cli.azure.cli.core.sdk.policies: 'Content-Type': 'application/json'
cli.azure.cli.core.sdk.policies: 'Accept': 'application/json'
cli.azure.cli.core.sdk.policies: 'Content-Length': '346'
cli.azure.cli.core.sdk.policies: 'x-ms-client-request-id': 'f86b8ee5-57e4-11ee-8e45-a4ae1284d41e'
cli.azure.cli.core.sdk.policies: 'CommandName': 'network manager security-admin-config rule-collection rule update'
cli.azure.cli.core.sdk.policies: 'ParameterSetName': '--configuration-name --network-manager-name --resource-group --rule-collection-name --rule-name --access --debug'
cli.azure.cli.core.sdk.policies: 'User-Agent': 'AZURECLI/2.52.0 (MSI) (AAZ) azsdk-python-core/1.26.0 Python/3.10.10 (Windows-10-10.0.22621-SP0)'
cli.azure.cli.core.sdk.policies: 'Authorization': ''
cli.azure.cli.core.sdk.policies: Request body:
cli.azure.cli.core.sdk.policies: {"kind": "Custom", "properties": {"access": "Deny", "description": "", "destinationPortRanges": ["0-65535"], "destinations": [{"addressPrefix": "", "addressPrefixType": "IPPrefix"}], "direction": "Outbound", "priority": 1, "protocol": "Tcp", "sourcePortRanges": ["0-65532"], "sources": [{"addressPrefix": "", "addressPrefixType": "IPPrefix"}]}}
urllib3.connectionpool: https://management.azure.com:443 "PUT /subscriptions/f0dc2b34-dfad-40e4-83e0-2309fed8d00b/resourceGroups/jaredgorthy-testResources/providers/Microsoft.Network/networkManagers/jaredgorthy/securityAdminConfigurations/secAdmin/ruleCollections/sampleRuleCollection/rules/sampleRule?api-version=2022-01-01 HTTP/1.1" 200 1028
cli.azure.cli.core.sdk.policies: Response status: 200
cli.azure.cli.core.sdk.policies: Response headers:
cli.azure.cli.core.sdk.policies: 'Cache-Control': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Pragma': 'no-cache'
cli.azure.cli.core.sdk.policies: 'Content-Length': '1028'
cli.azure.cli.core.sdk.policies: 'Content-Type': 'application/json; charset=utf-8'
cli.azure.cli.core.sdk.policies: 'Expires': '-1'
cli.azure.cli.core.sdk.policies: 'x-ms-ratelimit-remaining-subscription-writes': '1199'
cli.azure.cli.core.sdk.policies: 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
cli.azure.cli.core.sdk.policies: 'x-ms-request-id': '212e1552-734b-48c3-8c74-493e227d73cc'
cli.azure.cli.core.sdk.policies: 'x-ms-correlation-request-id': '212e1552-734b-48c3-8c74-493e227d73cc'
cli.azure.cli.core.sdk.policies: 'x-ms-routing-request-id': 'WESTUS2:20230920T183906Z:212e1552-734b-48c3-8c74-493e227d73cc'
cli.azure.cli.core.sdk.policies: 'X-Content-Type-Options': 'nosniff'
cli.azure.cli.core.sdk.policies: 'X-Cache': 'CONFIG_NOCACHE'
cli.azure.cli.core.sdk.policies: 'X-MSEdge-Ref': 'Ref A: D980150A2DC440D1B0C6713BE2409C05 Ref B: CO6AA3150219029 Ref C: 2023-09-20T18:39:04Z'
cli.azure.cli.core.sdk.policies: 'Date': 'Wed, 20 Sep 2023 18:39:05 GMT'
cli.azure.cli.core.sdk.policies: Response content:
cli.azure.cli.core.sdk.policies: {"name":"sampleRule","id":"/subscriptions/f0dc2b34-dfad-40e4-83e0-2309fed8d00b/resourceGroups/jaredgorthy-testResources/providers/Microsoft.Network/networkManagers/jaredgorthy/securityAdminConfigurations/secAdmin/ruleCollections/sampleRuleCollection/rules/sampleRule","type":"Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules","etag":"","properties":{"description":"","flag":"","priority":1,"protocol":"Tcp","direction":"Outbound","access":"Deny","sources":[{"addressPrefixType":"IPPrefix","addressPrefix":""}],"destinations":[{"addressPrefixType":"IPPrefix","addressPrefix":""}],"sourcePortRanges":["0-65532"],"destinationPortRanges":["0-65535"],"provisioningState":"Succeeded","resourceGuid":"fe5bc401-e4f7-41de-a320-7fcb6df8265a"},"kind":"Custom","systemData":{"createdBy":"[email protected]","createdByType":"User","createdAt":"2022-11-01T17:41:04.6137946Z","lastModifiedBy":"[email protected]","lastModifiedByType":"User","lastModifiedAt":"2023-09-20T18:39:05.1981342Z"}}
cli.knack.cli: Event: CommandInvoker.OnTransformResult [<function _resource_group_transform at 0x04263F58>, <function x509_from_base64_to_hex_transform at 0x04263FA0>]
cli.knack.cli: Event: CommandInvoker.OnFilterResult []
{
"access": "Deny",
"description": "",
"destinationPortRanges": [
"0-65535"
],
"destinations": [
{
"addressPrefix": "",
"addressPrefixType": "IPPrefix"
}
],
"direction": "Outbound",
"etag": "",
"id": "/subscriptions/f0dc2b34-dfad-40e4-83e0-2309fed8d00b/resourceGroups/jaredgorthy-testResources/providers/Microsoft.Network/networkManagers/jaredgorthy/securityAdminConfigurations/secAdmin/ruleCollections/sampleRuleCollection/rules/sampleRule",
"kind": "Custom",
"name": "sampleRule",
"priority": 1,
"protocol": "Tcp",
"provisioningState": "Succeeded",
"resourceGroup": "jaredgorthy-testResources",
"sourcePortRanges": [
"0-65532"
],
"sources": [
{
"addressPrefix": "",
"addressPrefixType": "IPPrefix"
}
],
"systemData": {
"createdAt": "2022-11-01T17:41:04.6137946Z",
"createdBy": "[email protected]",
"createdByType": "User",
"lastModifiedAt": "2023-09-20T18:39:05.1981342Z",
"lastModifiedBy": "[email protected]",
"lastModifiedByType": "User"
},
"type": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules"
}
cli.knack.cli: Event: Cli.SuccessfulExecute []
cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x0423C850>]
az_command_data_logger: exit code: 0
cli.main: Command ran in 5.351 seconds (init: 0.648, invoke: 4.703)
telemetry.main: Begin splitting cli events and extra events, total events: 1
telemetry.client: Accumulated 0 events. Flush the clients.
telemetry.main: Finish splitting cli events and extra events, cli events: 1
telemetry.save: Save telemetry record of length 3591 in cache
telemetry.main: Begin creating telemetry upload process.
telemetry.process: Creating upload process: "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\python.exe C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\Lib\site-packages\azure\cli\telemetry_init.pyc C:\Users\jaredgorthy.azure"
telemetry.process: Return from creating process
telemetry.main: Finish creating telemetry upload process.
Expected behavior
I expect the properties defined in my command to be updated in the resource.
Environment Summary
azure-cli 2.52.0
core 2.52.0
telemetry 1.1.0
Extensions:
account 0.2.5
azure-devops 0.26.0
virtual-network-manager 1.0.0b2
Dependencies:
msal 1.24.0b1
azure-mgmt-resource 23.1.0b2
Python location 'C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\python.exe'
Extensions directory 'C:\Users\jaredgorthy.azure\cliextensions'
Development extension sources:
C:\CLI_test\azure-cli-extensions
Python (Windows) 3.10.10 (tags/v3.10.10:aad5f6a, Feb 7 2023, 17:05:00) [MSC v.1929 32 bit (Intel)]
Legal docs and information: aka.ms/AzureCliLegal
Your CLI is up-to-date.
Additional context
No response
The text was updated successfully, but these errors were encountered: