Skip to content

Commit da5beba

Browse files
william051200william051200
authored
{sqlvm} az sql vm enable-azure-ad-auth/validate-azure-ad-auth: Migrate validator function from calling Compute module to aaz-based implementation (#32964)
1 parent 8f38577 commit da5beba

2 files changed

Lines changed: 19 additions & 18 deletions

File tree

src/azure-cli/azure/cli/command_modules/sqlvm/_validators.py

Lines changed: 11 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -243,38 +243,39 @@ def _validate_msi_valid_on_vm(cli_ctx, namespace):
243243
"""
244244
logger.debug("Validate Azure AD authentication regarding the validity of the managed identity.")
245245

246-
from azure.cli.core.commands.client_factory import get_mgmt_service_client
247-
from azure.cli.core.profiles import ResourceType
248-
compute_client = get_mgmt_service_client(cli_ctx, ResourceType.MGMT_COMPUTE)
246+
from ..vm.operations.vm import VMShow
249247

250248
# Retrieve the vm instance. This is a rest call to the server and deserialization afterwards
251249
# therefore there is a greater chance to encouter an exception. Instead of poping the exception
252250
# to the caller directly, we will throw our own InvalidArgumentValueError with more context
253251
# information.
254252
try:
255253
# Azure virtual machine has the same name as the SQL VM
256-
vm = compute_client.virtual_machines.get(namespace.resource_group_name, namespace.sql_virtual_machine_name)
254+
vm = VMShow(cli_ctx=cli_ctx)(command_args={
255+
'resource_group': namespace.resource_group_name,
256+
'vm_name': namespace.sql_virtual_machine_name
257+
})
257258
except Exception as ex:
258259
raise InvalidArgumentValueError("Unable to validate Azure AD authentication due to retrieving the Azure virtual machine instance encountering an error: {}.".format(ex)) from ex
259260

260261
# The system-assigned MSI case.
261262
if namespace.msi_client_id is None:
262-
if vm.identity is None or not hasattr(vm.identity, 'principal_id') or getattr(vm.identity, 'principal_id') is None:
263+
if vm.get('identity') is None or not vm.get('identity', {}).get('principalId'):
263264
az_error = InvalidArgumentValueError("Enable Azure AD authentication with system-assigned managed identity but the system-assigned managed identity is not enabled on this Azure virtual machine.")
264265
az_error.set_recommendation("Enable the system-assigned managed identity on the Azure virtual machine: {}.".format(namespace.sql_virtual_machine_name))
265266
raise az_error
266267

267-
return vm.identity.principal_id
268+
return vm['identity']['principalId']
268269

269270
# The user-assigned MSI case.
270-
if vm.identity is None or not hasattr(vm.identity, 'user_assigned_identities') or getattr(vm.identity, 'user_assigned_identities') is None:
271+
if vm.get('identity') is None or not vm.get('identity', {}).get('userAssignedIdentities'):
271272
az_error = InvalidArgumentValueError("Enable Azure AD authentication with user-assigned managed identity {}, but the managed identity is not attached to this Azure virtual machine.".format(namespace.msi_client_id))
272273
az_error.set_recommendation("Attach the user-assigned managed identity {} to the Azure virtual machine {}.".format(namespace.msi_client_id, namespace.sql_virtual_machine_name))
273274
raise az_error
274275

275-
for umi in vm.identity.user_assigned_identities.values():
276-
if umi.client_id == namespace.msi_client_id:
277-
return umi.principal_id
276+
for umi in vm['identity']['userAssignedIdentities'].keys():
277+
if vm['identity']['userAssignedIdentities'][umi]['clientId'] == namespace.msi_client_id:
278+
return vm['identity']['userAssignedIdentities'][umi]['principalId']
278279

279280
az_error = InvalidArgumentValueError("Enable Azure AD authentication with user-assigned managed identity {}, but the managed identity is not attached to this Azure virtual machine.".format(namespace.msi_client_id))
280281
az_error.set_recommendation("Attach the user-assigned managed identity {} to the Azure virtual machine {}.".format(namespace.msi_client_id, namespace.sql_virtual_machine_name))

src/azure-cli/azure/cli/command_modules/sqlvm/tests/latest/recordings/test_sqlvm_aad_auth_negative.yaml

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -3521,7 +3521,7 @@ interactions:
35213521
User-Agent:
35223522
- AZURECLI/2.81.0 azsdk-python-core/1.35.0 Python/3.12.10 (Windows-11-10.0.26200-SP0)
35233523
method: GET
3524-
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2024-11-01
3524+
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2025-04-01
35253525
response:
35263526
body:
35273527
string: "{\r\n \"name\": \"clisqlvm000003\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003\",\r\n
@@ -3611,7 +3611,7 @@ interactions:
36113611
User-Agent:
36123612
- AZURECLI/2.81.0 azsdk-python-core/1.35.0 Python/3.12.10 (Windows-11-10.0.26200-SP0)
36133613
method: GET
3614-
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2024-11-01
3614+
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2025-04-01
36153615
response:
36163616
body:
36173617
string: "{\r\n \"name\": \"clisqlvm000003\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003\",\r\n
@@ -4187,7 +4187,7 @@ interactions:
41874187
User-Agent:
41884188
- AZURECLI/2.81.0 azsdk-python-core/1.35.0 Python/3.12.10 (Windows-11-10.0.26200-SP0)
41894189
method: GET
4190-
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2024-11-01
4190+
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2025-04-01
41914191
response:
41924192
body:
41934193
string: "{\r\n \"name\": \"clisqlvm000003\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003\",\r\n
@@ -11070,7 +11070,7 @@ interactions:
1107011070
User-Agent:
1107111071
- AZURECLI/2.81.0 azsdk-python-core/1.35.0 Python/3.12.10 (Windows-11-10.0.26200-SP0)
1107211072
method: GET
11073-
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2024-11-01
11073+
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2025-04-01
1107411074
response:
1107511075
body:
1107611076
string: "{\r\n \"name\": \"clisqlvm000003\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003\",\r\n
@@ -17560,7 +17560,7 @@ interactions:
1756017560
User-Agent:
1756117561
- AZURECLI/2.81.0 azsdk-python-core/1.35.0 Python/3.12.10 (Windows-11-10.0.26200-SP0)
1756217562
method: GET
17563-
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2024-11-01
17563+
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2025-04-01
1756417564
response:
1756517565
body:
1756617566
string: "{\r\n \"name\": \"clisqlvm000003\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003\",\r\n
@@ -17650,7 +17650,7 @@ interactions:
1765017650
User-Agent:
1765117651
- AZURECLI/2.81.0 azsdk-python-core/1.35.0 Python/3.12.10 (Windows-11-10.0.26200-SP0)
1765217652
method: GET
17653-
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2024-11-01
17653+
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2025-04-01
1765417654
response:
1765517655
body:
1765617656
string: "{\r\n \"name\": \"clisqlvm000003\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003\",\r\n
@@ -18226,7 +18226,7 @@ interactions:
1822618226
User-Agent:
1822718227
- AZURECLI/2.81.0 azsdk-python-core/1.35.0 Python/3.12.10 (Windows-11-10.0.26200-SP0)
1822818228
method: GET
18229-
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2024-11-01
18229+
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2025-04-01
1823018230
response:
1823118231
body:
1823218232
string: "{\r\n \"name\": \"clisqlvm000003\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003\",\r\n
@@ -25109,7 +25109,7 @@ interactions:
2510925109
User-Agent:
2511025110
- AZURECLI/2.81.0 azsdk-python-core/1.35.0 Python/3.12.10 (Windows-11-10.0.26200-SP0)
2511125111
method: GET
25112-
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2024-11-01
25112+
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2025-04-01
2511325113
response:
2511425114
body:
2511525115
string: "{\r\n \"name\": \"clisqlvm000003\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003\",\r\n

0 commit comments

Comments
 (0)