[Role] `az role assignment list`: Make `--at-scope false` the default behavior by jiasli · Pull Request #31181 · Azure/azure-cli

jiasli · 2025-04-02T15:21:09Z

Related command
az role assignment list

Description
Fix #14302

--at-scope false is now the default mode. To hide sub-scope assignments, use --at-scope.

This change makes the command align with the underlying REST API: https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-list-rest

Testing Guide

az role assignment list
az role assignment list --at-scope

History Notes

[Component Name 1] BREAKING CHANGE: az command a: Make some customer-facing breaking change
[Component Name 2] az command b: Add some customer-facing feature

This checklist is used to make sure that common guidelines for a pull request are followed.

The PR title and description has followed the guideline in Submitting Pull Requests.
I adhere to the Command Guidelines.
I adhere to the Error Handling Guidelines.

azure-client-tools-bot-prd · 2025-04-02T15:21:12Z

❌AzureCLI-FullTest

️✔️acr

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

❌acs

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

❌latest

❌3.12

Type Test Case Error Message Line

Failed test_aks_create_default_service_with_skip_role_assignment_msi self = <azure.cli.testsdk.base.ExecutionResult object at 0x7f18d27d3fe0>
cli_ctx = <azure.cli.core.mock.DummyCli object at 0x7f18d7c4d4c0>
command = 'role assignment list --scope=/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.Network/virtualNetworks/clivnet000003/subnets/clisubnet000004'
expect_failure = False

 def in_process_execute(self, cli_ctx, command, expect_failure=False):
 from io import StringIO
 from vcr.errors import CannotOverwriteExistingCassetteException

 if command.startswith('az '):
 command = command[3:]

 stdout_buf = StringIO()
 logging_buf = StringIO()
 try:
 # issue: stderr cannot be redirect in this form, as a result some failure information
 # is lost when command fails.
> self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0

src/azure-cli-testsdk/azure/cli/testsdk/base.py:302:

env/lib/python3.12/site-packages/knack/cli.py:245: in invoke
 exit_code = self.exception_handler(ex)
src/azure-cli-core/azure/cli/core/init.py:129: in exception_handler
 return handle_exception(ex)
src/azure-cli-testsdk/azure/cli/testsdk/patches.py:33: in handle_main_exception
 raise ex
env/lib/python3.12/site-packages/knack/cli.py:233: in invoke
 cmd_result = self.invocation.execute(args)
src/azure-cli-core/azure/cli/core/commands/init.py:666: in execute
 raise ex
src/azure-cli-core/azure/cli/core/commands/init.py:734: in run_jobs_serially
 results.append(self.run_job(expanded_arg, cmd_copy))
src/azure-cli-core/azure/cli/core/commands/init.py:703: in run_job
 result = cmd_copy(params)
src/azure-cli-core/azure/cli/core/commands/init.py:336: in call
 return self.handler(*args, **kwargs)
src/azure-cli-core/azure/cli/core/commands/command_operation.py:120: in handler
 return op(**command_args)
src/azure-cli/azure/cli/command_modules/role/custom.py:255: in list_role_assignments
 assignments = search_role_assignments(cmd.cli_ctx, assignments_client, definitions_client,
src/azure-cli/azure/cli/command_modules/role/custom.py:589: in search_role_assignments
 assignments = list(assignments_client.list_for_scope(scope, filter=f))
env/lib/python3.12/site-packages/azure/core/paging.py:123: in next
 return next(self.page_iterator)
env/lib/python3.12/site-packages/azure/core/paging.py:75: in next
 self.response = self.get_next(self.continuation_token)
env/lib/python3.12/site-packages/azure/mgmt/authorization/v2022_04_01/operations/role_assignments_operations.py:1082: in get_next
 pipeline_response: PipelineResponse = self.client.pipeline.run( # pylint: disable=protected-access
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:229: in run
 return first_node.send(pipeline_request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/mgmt/core/policies/base.py:47: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/policies/redirect.py:197: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/policies/retry.py:532: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/policies/authentication.py:147: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:118: in send
 self.sender.send(request.http_request, **request.context.options),
env/lib/python3.12/site-packages/azure/core/pipeline/transport/requests_basic.py:355: in send
 response = self.session.request( # type: ignore
env/lib/python3.12/site-packages/requests/sessions.py:589: in request
 resp = self.send(prep, **send_kwargs)
env/lib/python3.12/site-packages/requests/sessions.py:703: in send
 r = adapter.send(request, **kwargs)
env/lib/python3.12/site-packages/requests/adapters.py:667: in send
 resp = conn.urlopen(
env/lib/python3.12/site-packages/urllib3/connectionpool.py:715: in urlopen
 httplib_response = self.make_request(
env/lib/python3.12/site-packages/urllib3/connectionpool.py:458: in make_request
 httplib_response = conn.getresponse(buffering=True)


self = <vcr.patch.VCRRequestsHTTPSConnection/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/acs/tests/latest/recordings/test_aks_create_default_service_with_skip_role_assignment_msi.yaml object at 0x7f18d26c3cb0>
= False, kwargs = {'buffering': True}

 def getresponse(self, =False, **kwargs):
 """Retrieve the response"""
 # Check to see if the cassette has a response for this request. If so,
 # then return it
 if self.cassette.can_play_response_for(self.vcr_request):
 log.info(f"Playing response for {self.vcr_request} from cassette")
 response = self.cassette.play_response(self.vcr_request)
 return VCRHTTPResponse(response)
 else:
 if self.cassette.write_protected and self.cassette.filter_request(self.vcr_request):
> raise CannotOverwriteExistingCassetteException(
 cassette=self.cassette,
 failed_request=self.vcr_request,
 )
E vcr.errors.CannotOverwriteExistingCassetteException: Can't overwrite existing cassette ('/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/acs/tests/latest/recordings/test_aks_create_default_service_with_skip_role_assignment_msi.yaml') in your current record mode ('once').
E No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.Network/virtualNetworks/clivnet000003/subnets/clisubnet000004/providers/Microsoft.Authorization/roleAssignments?api-version=2022-04-01>) was found.
E Found 1 similar requests with 1 different matcher(s) :
E
E 1 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.Network/virtualNetworks/clivnet000003/subnets/clisubnet000004/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01>).
E Matchers succeeded : ['method', 'scheme', 'host', 'port', 'path']
E Matchers failed :
E custom_request_query_matcher - assertion failure :
E None

env/lib/python3.12/site-packages/vcr/stubs/init.py:264: CannotOverwriteExistingCassetteException

During handling of the above exception, another exception occurred:

self = <azure.cli.command_modules.acs.tests.latest.test_aks_commands.AzureKubernetesServiceScenarioTest testMethod=test_aks_create_default_service_with_skip_role_assignment_msi>
resource_group = 'clitest000001', resource_group_location = 'westus2'

 @AllowLargeResponse(8192)
 @AKSCustomResourceGroupPreparer(random_name_length=17, name_prefix='clitest', location='westus2')
 def test_aks_create_default_service_with_skip_role_assignment_msi(self, resource_group, resource_group_location):
 aks_name = self.create_random_name('cliakstest', 16)
 self.kwargs.update({
 'resource_group': resource_group,
 'name': aks_name,
 'location': resource_group_location,
 'vnet_subnet_id': self.generate_vnet_subnet_id(resource_group)
 })
 # create cluster without skip_role_assignment
 create_cmd = 'aks create --resource-group={resource_group} --name={name} --location={location} ' '--node-count=1 ' '--vnet-subnet-id={vnet_subnet_id} ' '--skip-subnet-role-assignment --no-ssh-key'
 self.cmd(create_cmd, checks=[
 self.check('provisioningState', 'Succeeded')
 ])

 check_role_assignment_cmd = 'role assignment list --scope={vnet_subnet_id}'
> self.cmd(check_role_assignment_cmd, checks=[
 self.is_empty()
 ])

src/azure-cli/azure/cli/command_modules/acs/tests/latest/test_aks_commands.py:3993:

src/azure-cli-testsdk/azure/cli/testsdk/base.py:176: in cmd
 return execute(self.cli_ctx, command, expect_failure=expect_failure).assert_with_checks(checks)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:251: in init
 self.in_process_execute(cli_ctx, command, expect_failure=expect_failure)


self = <azure.cli.testsdk.base.ExecutionResult object at 0x7f18d27d3fe0>
cli_ctx = <azure.cli.core.mock.DummyCli object at 0x7f18d7c4d4c0>
command = 'role assignment list --scope=/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.Network/virtualNetworks/clivnet000003/subnets/clisubnet000004'
expect_failure = False

 def _in_process_execute(self, cli_ctx, command, expect_failure=False):
 from io import StringIO
 from vcr.errors import CannotOverwriteExistingCassetteException

 if command.startswith('az '):
 command = command[3:]

 stdout_buf = StringIO()
 logging_buf = StringIO()
 try:
 # issue: stderr cannot be redirect in this form, as a result some failure information
 # is lost when command fails.
 self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0
 self.output = stdout_buf.getvalue()
 self.applog = logging_buf.getvalue()

 except CannotOverwriteExistingCassetteException as ex:
> raise AssertionError(ex)
E AssertionError: Can't overwrite existing cassette ('/mnt/vss/_work/1/s/src/azure-cli/azure/cli/command_modules/acs/tests/latest/recordings/test_aks_create_default_service_with_skip_role_assignment_msi.yaml') in your current record mode ('once').
E No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.Network/virtualNetworks/clivnet000003/subnets/clisubnet000004/providers/Microsoft.Authorization/roleAssignments?api-version=2022-04-01>) was found.
E Found 1 similar requests with 1 different matcher(s) :
E
E 1 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.Network/virtualNetworks/clivnet000003/subnets/clisubnet000004/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01>).
E Matchers succeeded : ['method', 'scheme', 'host', 'port', 'path']
E Matchers failed :
E _custom_request_query_matcher - assertion failure :
E None

src/azure-cli-testsdk/azure/cli/testsdk/base.py:307: AssertionError azure/cli/command_modules/acs/tests/latest/test_aks_commands.py:3972

❌3.9

Type Test Case Error Message Line

Failed test_aks_create_default_service_with_skip_role_assignment_msi self = <azure.cli.testsdk.base.ExecutionResult object at 0x7fdcb85e55e0>
cli_ctx = <azure.cli.core.mock.DummyCli object at 0x7fdcbdddeb50>
command = 'role assignment list --scope=/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.Network/virtualNetworks/clivnet000003/subnets/clisubnet000004'
expect_failure = False

 def in_process_execute(self, cli_ctx, command, expect_failure=False):
 from io import StringIO
 from vcr.errors import CannotOverwriteExistingCassetteException

 if command.startswith('az '):
 command = command[3:]

 stdout_buf = StringIO()
 logging_buf = StringIO()
 try:
 # issue: stderr cannot be redirect in this form, as a result some failure information
 # is lost when command fails.
> self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0

src/azure-cli-testsdk/azure/cli/testsdk/base.py:302:

env/lib/python3.9/site-packages/knack/cli.py:245: in invoke
 exit_code = self.exception_handler(ex)
src/azure-cli-core/azure/cli/core/init.py:129: in exception_handler
 return handle_exception(ex)
src/azure-cli-testsdk/azure/cli/testsdk/patches.py:33: in handle_main_exception
 raise ex
env/lib/python3.9/site-packages/knack/cli.py:233: in invoke
 cmd_result = self.invocation.execute(args)
src/azure-cli-core/azure/cli/core/commands/init.py:666: in execute
 raise ex
src/azure-cli-core/azure/cli/core/commands/init.py:734: in run_jobs_serially
 results.append(self.run_job(expanded_arg, cmd_copy))
src/azure-cli-core/azure/cli/core/commands/init.py:703: in run_job
 result = cmd_copy(params)
src/azure-cli-core/azure/cli/core/commands/init.py:336: in call
 return self.handler(*args, **kwargs)
src/azure-cli-core/azure/cli/core/commands/command_operation.py:120: in handler
 return op(**command_args)
src/azure-cli/azure/cli/command_modules/role/custom.py:255: in list_role_assignments
 assignments = search_role_assignments(cmd.cli_ctx, assignments_client, definitions_client,
src/azure-cli/azure/cli/command_modules/role/custom.py:589: in search_role_assignments
 assignments = list(assignments_client.list_for_scope(scope, filter=f))
env/lib/python3.9/site-packages/azure/core/paging.py:123: in next
 return next(self.page_iterator)
env/lib/python3.9/site-packages/azure/core/paging.py:75: in next
 self.response = self.get_next(self.continuation_token)
env/lib/python3.9/site-packages/azure/mgmt/authorization/v2022_04_01/operations/role_assignments_operations.py:1082: in get_next
 pipeline_response: PipelineResponse = self.client.pipeline.run( # pylint: disable=protected-access
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:229: in run
 return first_node.send(pipeline_request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/mgmt/core/policies/base.py:47: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/redirect.py:197: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/retry.py:532: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/authentication.py:147: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:118: in send
 self.sender.send(request.http_request, **request.context.options),
env/lib/python3.9/site-packages/azure/core/pipeline/transport/requests_basic.py:355: in send
 response = self.session.request( # type: ignore
env/lib/python3.9/site-packages/requests/sessions.py:589: in request
 resp = self.send(prep, **send_kwargs)
env/lib/python3.9/site-packages/requests/sessions.py:703: in send
 r = adapter.send(request, **kwargs)
env/lib/python3.9/site-packages/requests/adapters.py:667: in send
 resp = conn.urlopen(
env/lib/python3.9/site-packages/urllib3/connectionpool.py:715: in urlopen
 httplib_response = self.make_request(
env/lib/python3.9/site-packages/urllib3/connectionpool.py:458: in make_request
 httplib_response = conn.getresponse(buffering=True)


self = <vcr.patch.VCRRequestsHTTPSConnection/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/acs/tests/latest/recordings/test_aks_create_default_service_with_skip_role_assignment_msi.yaml object at 0x7fdcb84ae910>
= False, kwargs = {'buffering': True}

 def getresponse(self, =False, **kwargs):
 """Retrieve the response"""
 # Check to see if the cassette has a response for this request. If so,
 # then return it
 if self.cassette.can_play_response_for(self.vcr_request):
 log.info(f"Playing response for {self.vcr_request} from cassette")
 response = self.cassette.play_response(self.vcr_request)
 return VCRHTTPResponse(response)
 else:
 if self.cassette.write_protected and self.cassette.filter_request(self.vcr_request):
> raise CannotOverwriteExistingCassetteException(
 cassette=self.cassette,
 failed_request=self.vcr_request,
 )
E vcr.errors.CannotOverwriteExistingCassetteException: Can't overwrite existing cassette ('/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/acs/tests/latest/recordings/test_aks_create_default_service_with_skip_role_assignment_msi.yaml') in your current record mode ('once').
E No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.Network/virtualNetworks/clivnet000003/subnets/clisubnet000004/providers/Microsoft.Authorization/roleAssignments?api-version=2022-04-01>) was found.
E Found 1 similar requests with 1 different matcher(s) :
E
E 1 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.Network/virtualNetworks/clivnet000003/subnets/clisubnet000004/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01>).
E Matchers succeeded : ['method', 'scheme', 'host', 'port', 'path']
E Matchers failed :
E custom_request_query_matcher - assertion failure :
E None

env/lib/python3.9/site-packages/vcr/stubs/init.py:264: CannotOverwriteExistingCassetteException

During handling of the above exception, another exception occurred:

self = <azure.cli.command_modules.acs.tests.latest.test_aks_commands.AzureKubernetesServiceScenarioTest testMethod=test_aks_create_default_service_with_skip_role_assignment_msi>
resource_group = 'clitest000001', resource_group_location = 'westus2'

 @AllowLargeResponse(8192)
 @AKSCustomResourceGroupPreparer(random_name_length=17, name_prefix='clitest', location='westus2')
 def test_aks_create_default_service_with_skip_role_assignment_msi(self, resource_group, resource_group_location):
 aks_name = self.create_random_name('cliakstest', 16)
 self.kwargs.update({
 'resource_group': resource_group,
 'name': aks_name,
 'location': resource_group_location,
 'vnet_subnet_id': self.generate_vnet_subnet_id(resource_group)
 })
 # create cluster without skip_role_assignment
 create_cmd = 'aks create --resource-group={resource_group} --name={name} --location={location} ' '--node-count=1 ' '--vnet-subnet-id={vnet_subnet_id} ' '--skip-subnet-role-assignment --no-ssh-key'
 self.cmd(create_cmd, checks=[
 self.check('provisioningState', 'Succeeded')
 ])

 check_role_assignment_cmd = 'role assignment list --scope={vnet_subnet_id}'
> self.cmd(check_role_assignment_cmd, checks=[
 self.is_empty()
 ])

src/azure-cli/azure/cli/command_modules/acs/tests/latest/test_aks_commands.py:3993:

src/azure-cli-testsdk/azure/cli/testsdk/base.py:176: in cmd
 return execute(self.cli_ctx, command, expect_failure=expect_failure).assert_with_checks(checks)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:251: in init
 self.in_process_execute(cli_ctx, command, expect_failure=expect_failure)


self = <azure.cli.testsdk.base.ExecutionResult object at 0x7fdcb85e55e0>
cli_ctx = <azure.cli.core.mock.DummyCli object at 0x7fdcbdddeb50>
command = 'role assignment list --scope=/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.Network/virtualNetworks/clivnet000003/subnets/clisubnet000004'
expect_failure = False

 def _in_process_execute(self, cli_ctx, command, expect_failure=False):
 from io import StringIO
 from vcr.errors import CannotOverwriteExistingCassetteException

 if command.startswith('az '):
 command = command[3:]

 stdout_buf = StringIO()
 logging_buf = StringIO()
 try:
 # issue: stderr cannot be redirect in this form, as a result some failure information
 # is lost when command fails.
 self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0
 self.output = stdout_buf.getvalue()
 self.applog = logging_buf.getvalue()

 except CannotOverwriteExistingCassetteException as ex:
> raise AssertionError(ex)
E AssertionError: Can't overwrite existing cassette ('/mnt/vss/_work/1/s/src/azure-cli/azure/cli/command_modules/acs/tests/latest/recordings/test_aks_create_default_service_with_skip_role_assignment_msi.yaml') in your current record mode ('once').
E No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.Network/virtualNetworks/clivnet000003/subnets/clisubnet000004/providers/Microsoft.Authorization/roleAssignments?api-version=2022-04-01>) was found.
E Found 1 similar requests with 1 different matcher(s) :
E
E 1 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.Network/virtualNetworks/clivnet000003/subnets/clisubnet000004/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01>).
E Matchers succeeded : ['method', 'scheme', 'host', 'port', 'path']
E Matchers failed :
E _custom_request_query_matcher - assertion failure :
E None

src/azure-cli-testsdk/azure/cli/testsdk/base.py:307: AssertionError azure/cli/command_modules/acs/tests/latest/test_aks_commands.py:3972

️✔️advisor

️✔️latest

️✔️3.12

️✔️3.9

️✔️ams

️✔️latest

️✔️3.12

️✔️3.9

️✔️apim

️✔️latest

️✔️3.12

️✔️3.9

️✔️appconfig

️✔️latest

️✔️3.12

️✔️3.9

️✔️appservice

️✔️latest

️✔️3.12

️✔️3.9

️✔️aro

️✔️latest

️✔️3.12

️✔️3.9

️✔️backup

️✔️latest

️✔️3.12

️✔️3.9

️✔️batch

️✔️latest

️✔️3.12

️✔️3.9

️✔️batchai

️✔️latest

️✔️3.12

️✔️3.9

️✔️billing

️✔️latest

️✔️3.12

️✔️3.9

️✔️botservice

️✔️latest

️✔️3.12

️✔️3.9

️✔️cdn

️✔️latest

️✔️3.12

️✔️3.9

️✔️cloud

️✔️latest

️✔️3.12

️✔️3.9

️✔️cognitiveservices

️✔️latest

️✔️3.12

️✔️3.9

️✔️compute_recommender

️✔️latest

️✔️3.12

️✔️3.9

️✔️computefleet

️✔️latest

️✔️3.12

️✔️3.9

️✔️config

️✔️latest

️✔️3.12

️✔️3.9

️✔️configure

️✔️latest

️✔️3.12

️✔️3.9

️✔️consumption

️✔️latest

️✔️3.12

️✔️3.9

️✔️container

️✔️latest

️✔️3.12

️✔️3.9

️✔️containerapp

️✔️latest

️✔️3.12

️✔️3.9

️✔️core

️✔️2018-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2019-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️cosmosdb

️✔️latest

️✔️3.12

️✔️3.9

️✔️databoxedge

️✔️2019-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️dls

️✔️latest

️✔️3.12

️✔️3.9

️✔️dms

️✔️latest

️✔️3.12

️✔️3.9

️✔️eventgrid

️✔️latest

️✔️3.12

️✔️3.9

️✔️eventhubs

️✔️latest

️✔️3.12

️✔️3.9

️✔️feedback

️✔️latest

️✔️3.12

️✔️3.9

️✔️find

️✔️latest

️✔️3.12

️✔️3.9

️✔️hdinsight

️✔️latest

️✔️3.12

️✔️3.9

️✔️identity

️✔️latest

️✔️3.12

️✔️3.9

️✔️iot

️✔️2019-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️keyvault

️✔️2018-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️lab

️✔️latest

️✔️3.12

️✔️3.9

️✔️managedservices

️✔️latest

️✔️3.12

️✔️3.9

️✔️maps

️✔️latest

️✔️3.12

️✔️3.9

️✔️marketplaceordering

️✔️latest

️✔️3.12

️✔️3.9

️✔️monitor

️✔️latest

️✔️3.12

️✔️3.9

️✔️mysql

️✔️latest

️✔️3.12

️✔️3.9

️✔️netappfiles

️✔️latest

️✔️3.12

️✔️3.9

️✔️network

️✔️2018-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️policyinsights

️✔️latest

️✔️3.12

️✔️3.9

️✔️privatedns

️✔️latest

️✔️3.12

️✔️3.9

️✔️profile

️✔️latest

️✔️3.12

️✔️3.9

️✔️rdbms

️✔️latest

️✔️3.12

️✔️3.9

️✔️redis

️✔️latest

️✔️3.12

️✔️3.9

️✔️relay

️✔️latest

️✔️3.12

️✔️3.9

❌resource

️✔️2018-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2019-03-01-hybrid

️✔️3.12

️✔️3.9

❌latest

❌3.12

Type Test Case Error Message Line

Failed test_resource_policy_identity self = <azure.cli.testsdk.base.ExecutionResult object at 0x7ff740c0b950>
cli_ctx = <azure.cli.core.mock.DummyCli object at 0x7ff748415010>
command = 'role assignment list --resource-group cli_test_policy_identity000001 --role Reader'
expect_failure = False

 def in_process_execute(self, cli_ctx, command, expect_failure=False):
 from io import StringIO
 from vcr.errors import CannotOverwriteExistingCassetteException

 if command.startswith('az '):
 command = command[3:]

 stdout_buf = StringIO()
 logging_buf = StringIO()
 try:
 # issue: stderr cannot be redirect in this form, as a result some failure information
 # is lost when command fails.
> self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0

src/azure-cli-testsdk/azure/cli/testsdk/base.py:302:

env/lib/python3.12/site-packages/knack/cli.py:245: in invoke
 exit_code = self.exception_handler(ex)
src/azure-cli-core/azure/cli/core/init.py:129: in exception_handler
 return handle_exception(ex)
src/azure-cli-testsdk/azure/cli/testsdk/patches.py:33: in handle_main_exception
 raise ex
env/lib/python3.12/site-packages/knack/cli.py:233: in invoke
 cmd_result = self.invocation.execute(args)
src/azure-cli-core/azure/cli/core/commands/init.py:666: in execute
 raise ex
src/azure-cli-core/azure/cli/core/commands/init.py:734: in run_jobs_serially
 results.append(self.run_job(expanded_arg, cmd_copy))
src/azure-cli-core/azure/cli/core/commands/init.py:703: in run_job
 result = cmd_copy(params)
src/azure-cli-core/azure/cli/core/commands/init.py:336: in call
 return self.handler(*args, **kwargs)
src/azure-cli-core/azure/cli/core/commands/command_operation.py:120: in handler
 return op(**command_args)
src/azure-cli/azure/cli/command_modules/role/custom.py:255: in list_role_assignments
 assignments = search_role_assignments(cmd.cli_ctx, assignments_client, definitions_client,
src/azure-cli/azure/cli/command_modules/role/custom.py:589: in search_role_assignments
 assignments = list(assignments_client.list_for_scope(scope, filter=f))
env/lib/python3.12/site-packages/azure/core/paging.py:123: in next
 return next(self.page_iterator)
env/lib/python3.12/site-packages/azure/core/paging.py:75: in next
 self.response = self.get_next(self.continuation_token)
env/lib/python3.12/site-packages/azure/mgmt/authorization/v2022_04_01/operations/role_assignments_operations.py:1082: in get_next
 pipeline_response: PipelineResponse = self.client.pipeline.run( # pylint: disable=protected-access
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:229: in run
 return first_node.send(pipeline_request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/mgmt/core/policies/base.py:47: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/policies/redirect.py:197: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/policies/retry.py:532: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/policies/authentication.py:147: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:118: in send
 self.sender.send(request.http_request, **request.context.options),
env/lib/python3.12/site-packages/azure/core/pipeline/transport/requests_basic.py:355: in send
 response = self.session.request( # type: ignore
env/lib/python3.12/site-packages/requests/sessions.py:589: in request
 resp = self.send(prep, **send_kwargs)
env/lib/python3.12/site-packages/requests/sessions.py:703: in send
 r = adapter.send(request, **kwargs)
env/lib/python3.12/site-packages/requests/adapters.py:667: in send
 resp = conn.urlopen(
env/lib/python3.12/site-packages/urllib3/connectionpool.py:715: in urlopen
 httplib_response = self.make_request(
env/lib/python3.12/site-packages/urllib3/connectionpool.py:458: in make_request
 httplib_response = conn.getresponse(buffering=True)


self = <vcr.patch.VCRRequestsHTTPSConnection/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/resource/tests/latest/recordings/test_resource_policy_identity.yaml object at 0x7ff740730740>
= False, kwargs = {'buffering': True}

 def getresponse(self, =False, **kwargs):
 """Retrieve the response"""
 # Check to see if the cassette has a response for this request. If so,
 # then return it
 if self.cassette.can_play_response_for(self._vcr_request):
 log.info(f"Playing response for {self._vcr_request} from cassette")
 response = self.cassette.play_response(self._vcr_request)
 return VCRHTTPResponse(response)
 else:
 if self.cassette.write_protected and self.cassette.filter_request(self._vcr_request):
> raise CannotOverwriteExistingCassetteException(
 cassette=self.cassette,
 failed_request=self._vcr_request,
 )
E vcr.errors.CannotOverwriteExistingCassetteException: Can't overwrite existing cassette ('/mnt/vss/_work/1/s/src/azure-cli/azure/cli/command_modules/resource/tests/latest/recordings/test_resource_policy_identity.yaml') in your current record mode ('once').
E No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_policy_identity000001/providers/Microsoft.Authorization/roleAssignments?api-version=2022-04-01>) was found.
E Found 2 similar requests with 1 different matcher(s) :
E
E 1 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_policy_identity000001/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01>).
E Matchers succeeded : ['method', 'scheme', 'host', 'port', 'path']
E Matchers failed :
E _custom_request_query_matcher - assertion failure :
E None
E
E 2 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_policy_identity000001/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01>).
E Matchers succeeded : ['method', 'scheme', 'host', 'port', 'path']
E Matchers failed :
E _custom_request_query_matcher - assertion failure :
E None

env/lib/python3.12/site-packages/vcr/stubs/init.py:264: CannotOverwriteExistingCassetteException

During handling of the above exception, another exception occurred:

self = <azure.cli.command_modules.resource.tests.latest.test_resource.PolicyScenarioTest testMethod=test_resource_policy_identity>
resource_group = 'cli_test_policy_identity000001'
resource_group_location = 'westus'

 @ResourceGroupPreparer(name_prefix='cli_test_policy_identity')
 @AllowLargeResponse(8192)
 def test_resource_policy_identity(self, resource_group, resource_group_location):
 self.kwargs.update({
 'pan': self.create_random_name('azurecli-test-policy-assignment', 40),
 'bip': '06a78e20-9358-41c9-923c-fb736d382a4d',
 'sub': self.get_subscription_id(),
 'location': resource_group_location,
 'em': 'DoNotEnforce'
 })

 with self.assertRaises(IncorrectUsageError):
 self.cmd('policy assignment create --policy 'test/error_policy' -n {pan} -g {rg} --location {location} --assign-identity --enforcement-mode {em}')

 # create a policy assignment with managed identity using a built in policy definition
 assignmentIdentity = self.cmd('policy assignment create --policy {bip} -n {pan} -g {rg} --location {location} --assign-identity --enforcement-mode {em}', checks=[
 self.check('name', '{pan}'),
 self.check('location', '{location}'),
 self.check('identity.type', 'SystemAssigned'),
 self.exists('identity.principalId'),
 self.exists('identity.tenantId')
 ]).get_output_in_json()['identity']

 # ensure managed identity details are retrievable directly through 'policy assignment identity' commands
 self.cmd('policy assignment identity show -n {pan} -g {rg}', checks=[
 self.check('type', assignmentIdentity['type']),
 self.check('principalId', assignmentIdentity['principalId']),
 self.check('tenantId', assignmentIdentity['tenantId'])
 ])

 # ensure the managed identity is not touched during update
 self.cmd('policy assignment update -n {pan} -g {rg} --description "New description"', checks=[
 self.check('description', 'New description'),
 self.check('identity.type', 'SystemAssigned'),
 self.exists('identity.principalId'),
 self.exists('identity.tenantId')
 ])

 # remove the managed identity and ensure it is removed when retrieving the policy assignment
 self.cmd('policy assignment identity remove -n {pan} -g {rg}', checks=[
 self.check('type', 'None')
 ])
 self.cmd('policy assignment show -n {pan} -g {rg}', checks=[
 self.check('name', '{pan}'),
 self.check('identity.type', 'None')
 ])

 # add an identity using 'identity assign'
 self.cmd('policy assignment identity assign -n {pan} -g {rg}', checks=[
 self.check('type', 'SystemAssigned'),
 self.exists('principalId'),
 self.exists('tenantId')
 ])
 self.cmd('policy assignment show -n {pan} -g {rg}', checks=[
 self.check('name', '{pan}'),
 self.check('identity.type', 'SystemAssigned'),
 self.exists('identity.principalId'),
 self.exists('identity.tenantId')
 ])

 self.cmd('policy assignment identity remove -n {pan} -g {rg}', checks=[
 self.check('type', 'None')
 ])

 # create a role assignment for the identity using --assign-identity
 self.kwargs.update({
 'idScope': '/subscriptions/{sub}/resourceGroups/{rg}'.format(**self.kwargs),
 'idRole': 'Reader'
 })
 with mock.patch('azure.cli.core.commands.arm._gen_guid', side_effect=self.create_guid):
 assignmentIdentity = self.cmd('policy assignment create --policy {bip} -n {pan} -g {rg} --location {location} --assign-identity --identity-scope {idScope} --role {idRole}', checks=[
 self.check('name', '{pan}'),
 self.check('location', '{location}'),
 self.check('identity.type', 'SystemAssigned'),
 self.exists('identity.principalId'),
 self.exists('identity.tenantId')
 ]).get_output_in_json()['identity']

 self.kwargs['principalId'] = assignmentIdentity['principalId']
> self.cmd('role assignment list --resource-group {rg} --role {idRole}', checks=[
 self.check("length([?principalId == '{principalId}'])", 1),
 self.check("[?principalId == '{principalId}'].roleDefinitionName [0]", '{idRole}')
 ])

src/azure-cli/azure/cli/command_modules/resource/tests/latest/test_resource.py:3850:

src/azure-cli-testsdk/azure/cli/testsdk/base.py:176: in cmd
 return execute(self.cli_ctx, command, expect_failure=expect_failure).assert_with_checks(checks)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:251: in init
 self.in_process_execute(cli_ctx, command, expect_failure=expect_failure)
 _

self = <azure.cli.testsdk.base.ExecutionResult object at 0x7ff740c0b950>
cli_ctx = <azure.cli.core.mock.DummyCli object at 0x7ff748415010>
command = 'role assignment list --resource-group cli_test_policy_identity000001 --role Reader'
expect_failure = False

 def _in_process_execute(self, cli_ctx, command, expect_failure=False):
 from io import StringIO
 from vcr.errors import CannotOverwriteExistingCassetteException

 if command.startswith('az '):
 command = command[3:]

 stdout_buf = StringIO()
 logging_buf = StringIO()
 try:
 # issue: stderr cannot be redirect in this form, as a result some failure information
 # is lost when command fails.
 self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0
 self.output = stdout_buf.getvalue()
 self.applog = logging_buf.getvalue()

 except CannotOverwriteExistingCassetteException as ex:
> raise AssertionError(ex)
E AssertionError: Can't overwrite existing cassette ('/mnt/vss/_work/1/s/src/azure-cli/azure/cli/command_modules/resource/tests/latest/recordings/test_resource_policy_identity.yaml') in your current record mode ('once').
E No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_policy_identity000001/providers/Microsoft.Authorization/roleAssignments?api-version=2022-04-01>) was found.
E Found 2 similar requests with 1 different matcher(s) :
E
E 1 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_policy_identity000001/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01>).
E Matchers succeeded : ['method', 'scheme', 'host', 'port', 'path']
E Matchers failed :
E _custom_request_query_matcher - assertion failure :
E None
E
E 2 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_policy_identity000001/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01>).
E Matchers succeeded : ['method', 'scheme', 'host', 'port', 'path']
E Matchers failed :
E _custom_request_query_matcher - assertion failure :
E None

src/azure-cli-testsdk/azure/cli/testsdk/base.py:307: AssertionError

Failed test_resource_policy_identity_systemassigned The error message is too long, please check the pipeline log for details. azure/cli/command_modules/resource/tests/latest/test_resource.py:3873

❌3.9

Type Test Case Error Message Line

Failed test_resource_policy_identity self = <azure.cli.testsdk.base.ExecutionResult object at 0x7fb21c1cea30>
cli_ctx = <azure.cli.core.mock.DummyCli object at 0x7fb2241d31c0>
command = 'role assignment list --resource-group cli_test_policy_identity000001 --role Reader'
expect_failure = False

 def in_process_execute(self, cli_ctx, command, expect_failure=False):
 from io import StringIO
 from vcr.errors import CannotOverwriteExistingCassetteException

 if command.startswith('az '):
 command = command[3:]

 stdout_buf = StringIO()
 logging_buf = StringIO()
 try:
 # issue: stderr cannot be redirect in this form, as a result some failure information
 # is lost when command fails.
> self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0

src/azure-cli-testsdk/azure/cli/testsdk/base.py:302:

env/lib/python3.9/site-packages/knack/cli.py:245: in invoke
 exit_code = self.exception_handler(ex)
src/azure-cli-core/azure/cli/core/init.py:129: in exception_handler
 return handle_exception(ex)
src/azure-cli-testsdk/azure/cli/testsdk/patches.py:33: in handle_main_exception
 raise ex
env/lib/python3.9/site-packages/knack/cli.py:233: in invoke
 cmd_result = self.invocation.execute(args)
src/azure-cli-core/azure/cli/core/commands/init.py:666: in execute
 raise ex
src/azure-cli-core/azure/cli/core/commands/init.py:734: in run_jobs_serially
 results.append(self.run_job(expanded_arg, cmd_copy))
src/azure-cli-core/azure/cli/core/commands/init.py:703: in run_job
 result = cmd_copy(params)
src/azure-cli-core/azure/cli/core/commands/init.py:336: in call
 return self.handler(*args, **kwargs)
src/azure-cli-core/azure/cli/core/commands/command_operation.py:120: in handler
 return op(**command_args)
src/azure-cli/azure/cli/command_modules/role/custom.py:255: in list_role_assignments
 assignments = search_role_assignments(cmd.cli_ctx, assignments_client, definitions_client,
src/azure-cli/azure/cli/command_modules/role/custom.py:589: in search_role_assignments
 assignments = list(assignments_client.list_for_scope(scope, filter=f))
env/lib/python3.9/site-packages/azure/core/paging.py:123: in next
 return next(self.page_iterator)
env/lib/python3.9/site-packages/azure/core/paging.py:75: in next
 self.response = self.get_next(self.continuation_token)
env/lib/python3.9/site-packages/azure/mgmt/authorization/v2022_04_01/operations/role_assignments_operations.py:1082: in get_next
 pipeline_response: PipelineResponse = self.client.pipeline.run( # pylint: disable=protected-access
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:229: in run
 return first_node.send(pipeline_request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/mgmt/core/policies/base.py:47: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/redirect.py:197: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/retry.py:532: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/authentication.py:147: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:118: in send
 self.sender.send(request.http_request, **request.context.options),
env/lib/python3.9/site-packages/azure/core/pipeline/transport/requests_basic.py:355: in send
 response = self.session.request( # type: ignore
env/lib/python3.9/site-packages/requests/sessions.py:589: in request
 resp = self.send(prep, **send_kwargs)
env/lib/python3.9/site-packages/requests/sessions.py:703: in send
 r = adapter.send(request, **kwargs)
env/lib/python3.9/site-packages/requests/adapters.py:667: in send
 resp = conn.urlopen(
env/lib/python3.9/site-packages/urllib3/connectionpool.py:715: in urlopen
 httplib_response = self.make_request(
env/lib/python3.9/site-packages/urllib3/connectionpool.py:458: in make_request
 httplib_response = conn.getresponse(buffering=True)


self = <vcr.patch.VCRRequestsHTTPSConnection/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/resource/tests/latest/recordings/test_resource_policy_identity.yaml object at 0x7fb21c2a8af0>
= False, kwargs = {'buffering': True}

 def getresponse(self, =False, **kwargs):
 """Retrieve the response"""
 # Check to see if the cassette has a response for this request. If so,
 # then return it
 if self.cassette.can_play_response_for(self._vcr_request):
 log.info(f"Playing response for {self._vcr_request} from cassette")
 response = self.cassette.play_response(self._vcr_request)
 return VCRHTTPResponse(response)
 else:
 if self.cassette.write_protected and self.cassette.filter_request(self._vcr_request):
> raise CannotOverwriteExistingCassetteException(
 cassette=self.cassette,
 failed_request=self._vcr_request,
 )
E vcr.errors.CannotOverwriteExistingCassetteException: Can't overwrite existing cassette ('/mnt/vss/_work/1/s/src/azure-cli/azure/cli/command_modules/resource/tests/latest/recordings/test_resource_policy_identity.yaml') in your current record mode ('once').
E No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_policy_identity000001/providers/Microsoft.Authorization/roleAssignments?api-version=2022-04-01>) was found.
E Found 2 similar requests with 1 different matcher(s) :
E
E 1 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_policy_identity000001/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01>).
E Matchers succeeded : ['method', 'scheme', 'host', 'port', 'path']
E Matchers failed :
E _custom_request_query_matcher - assertion failure :
E None
E
E 2 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_policy_identity000001/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01>).
E Matchers succeeded : ['method', 'scheme', 'host', 'port', 'path']
E Matchers failed :
E _custom_request_query_matcher - assertion failure :
E None

env/lib/python3.9/site-packages/vcr/stubs/init.py:264: CannotOverwriteExistingCassetteException

During handling of the above exception, another exception occurred:

self = <azure.cli.command_modules.resource.tests.latest.test_resource.PolicyScenarioTest testMethod=test_resource_policy_identity>
resource_group = 'cli_test_policy_identity000001'
resource_group_location = 'westus'

 @ResourceGroupPreparer(name_prefix='cli_test_policy_identity')
 @AllowLargeResponse(8192)
 def test_resource_policy_identity(self, resource_group, resource_group_location):
 self.kwargs.update({
 'pan': self.create_random_name('azurecli-test-policy-assignment', 40),
 'bip': '06a78e20-9358-41c9-923c-fb736d382a4d',
 'sub': self.get_subscription_id(),
 'location': resource_group_location,
 'em': 'DoNotEnforce'
 })

 with self.assertRaises(IncorrectUsageError):
 self.cmd('policy assignment create --policy 'test/error_policy' -n {pan} -g {rg} --location {location} --assign-identity --enforcement-mode {em}')

 # create a policy assignment with managed identity using a built in policy definition
 assignmentIdentity = self.cmd('policy assignment create --policy {bip} -n {pan} -g {rg} --location {location} --assign-identity --enforcement-mode {em}', checks=[
 self.check('name', '{pan}'),
 self.check('location', '{location}'),
 self.check('identity.type', 'SystemAssigned'),
 self.exists('identity.principalId'),
 self.exists('identity.tenantId')
 ]).get_output_in_json()['identity']

 # ensure managed identity details are retrievable directly through 'policy assignment identity' commands
 self.cmd('policy assignment identity show -n {pan} -g {rg}', checks=[
 self.check('type', assignmentIdentity['type']),
 self.check('principalId', assignmentIdentity['principalId']),
 self.check('tenantId', assignmentIdentity['tenantId'])
 ])

 # ensure the managed identity is not touched during update
 self.cmd('policy assignment update -n {pan} -g {rg} --description "New description"', checks=[
 self.check('description', 'New description'),
 self.check('identity.type', 'SystemAssigned'),
 self.exists('identity.principalId'),
 self.exists('identity.tenantId')
 ])

 # remove the managed identity and ensure it is removed when retrieving the policy assignment
 self.cmd('policy assignment identity remove -n {pan} -g {rg}', checks=[
 self.check('type', 'None')
 ])
 self.cmd('policy assignment show -n {pan} -g {rg}', checks=[
 self.check('name', '{pan}'),
 self.check('identity.type', 'None')
 ])

 # add an identity using 'identity assign'
 self.cmd('policy assignment identity assign -n {pan} -g {rg}', checks=[
 self.check('type', 'SystemAssigned'),
 self.exists('principalId'),
 self.exists('tenantId')
 ])
 self.cmd('policy assignment show -n {pan} -g {rg}', checks=[
 self.check('name', '{pan}'),
 self.check('identity.type', 'SystemAssigned'),
 self.exists('identity.principalId'),
 self.exists('identity.tenantId')
 ])

 self.cmd('policy assignment identity remove -n {pan} -g {rg}', checks=[
 self.check('type', 'None')
 ])

 # create a role assignment for the identity using --assign-identity
 self.kwargs.update({
 'idScope': '/subscriptions/{sub}/resourceGroups/{rg}'.format(**self.kwargs),
 'idRole': 'Reader'
 })
 with mock.patch('azure.cli.core.commands.arm._gen_guid', side_effect=self.create_guid):
 assignmentIdentity = self.cmd('policy assignment create --policy {bip} -n {pan} -g {rg} --location {location} --assign-identity --identity-scope {idScope} --role {idRole}', checks=[
 self.check('name', '{pan}'),
 self.check('location', '{location}'),
 self.check('identity.type', 'SystemAssigned'),
 self.exists('identity.principalId'),
 self.exists('identity.tenantId')
 ]).get_output_in_json()['identity']

 self.kwargs['principalId'] = assignmentIdentity['principalId']
> self.cmd('role assignment list --resource-group {rg} --role {idRole}', checks=[
 self.check("length([?principalId == '{principalId}'])", 1),
 self.check("[?principalId == '{principalId}'].roleDefinitionName [0]", '{idRole}')
 ])

src/azure-cli/azure/cli/command_modules/resource/tests/latest/test_resource.py:3850:

src/azure-cli-testsdk/azure/cli/testsdk/base.py:176: in cmd
 return execute(self.cli_ctx, command, expect_failure=expect_failure).assert_with_checks(checks)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:251: in init
 self.in_process_execute(cli_ctx, command, expect_failure=expect_failure)
 _

self = <azure.cli.testsdk.base.ExecutionResult object at 0x7fb21c1cea30>
cli_ctx = <azure.cli.core.mock.DummyCli object at 0x7fb2241d31c0>
command = 'role assignment list --resource-group cli_test_policy_identity000001 --role Reader'
expect_failure = False

 def _in_process_execute(self, cli_ctx, command, expect_failure=False):
 from io import StringIO
 from vcr.errors import CannotOverwriteExistingCassetteException

 if command.startswith('az '):
 command = command[3:]

 stdout_buf = StringIO()
 logging_buf = StringIO()
 try:
 # issue: stderr cannot be redirect in this form, as a result some failure information
 # is lost when command fails.
 self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0
 self.output = stdout_buf.getvalue()
 self.applog = logging_buf.getvalue()

 except CannotOverwriteExistingCassetteException as ex:
> raise AssertionError(ex)
E AssertionError: Can't overwrite existing cassette ('/mnt/vss/_work/1/s/src/azure-cli/azure/cli/command_modules/resource/tests/latest/recordings/test_resource_policy_identity.yaml') in your current record mode ('once').
E No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_policy_identity000001/providers/Microsoft.Authorization/roleAssignments?api-version=2022-04-01>) was found.
E Found 2 similar requests with 1 different matcher(s) :
E
E 1 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_policy_identity000001/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01>).
E Matchers succeeded : ['method', 'scheme', 'host', 'port', 'path']
E Matchers failed :
E _custom_request_query_matcher - assertion failure :
E None
E
E 2 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_policy_identity000001/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01>).
E Matchers succeeded : ['method', 'scheme', 'host', 'port', 'path']
E Matchers failed :
E _custom_request_query_matcher - assertion failure :
E None

src/azure-cli-testsdk/azure/cli/testsdk/base.py:307: AssertionError

Failed test_resource_policy_identity_systemassigned The error message is too long, please check the pipeline log for details. azure/cli/command_modules/resource/tests/latest/test_resource.py:3873

❌role

❌latest

❌3.12

Type Test Case Error Message Line

Failed test_role_assignment_create_using_principal_type The error message is too long, please check the pipeline log for details. azure/cli/command_modules/role/tests/latest/test_role.py:424

Failed test_role_assignment_no_graph self = <azure.cli.testsdk.base.ExecutionResult object at 0x7f61ce4efc50>
cli_ctx = <azure.cli.core.mock.DummyCli object at 0x7f61cf381670>
command = 'role assignment list --scope /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_role_assign000001 --fill-principal-name false'
expect_failure = False

 def in_process_execute(self, cli_ctx, command, expect_failure=False):
 from io import StringIO
 from vcr.errors import CannotOverwriteExistingCassetteException

 if command.startswith('az '):
 command = command[3:]

 stdout_buf = StringIO()
 logging_buf = StringIO()
 try:
 # issue: stderr cannot be redirect in this form, as a result some failure information
 # is lost when command fails.
> self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0

src/azure-cli-testsdk/azure/cli/testsdk/base.py:302:

env/lib/python3.12/site-packages/knack/cli.py:245: in invoke
 exit_code = self.exception_handler(ex)
src/azure-cli-core/azure/cli/core/init.py:129: in exception_handler
 return handle_exception(ex)
src/azure-cli-testsdk/azure/cli/testsdk/patches.py:33: in handle_main_exception
 raise ex
env/lib/python3.12/site-packages/knack/cli.py:233: in invoke
 cmd_result = self.invocation.execute(args)
src/azure-cli-core/azure/cli/core/commands/init.py:666: in execute
 raise ex
src/azure-cli-core/azure/cli/core/commands/init.py:734: in run_jobs_serially
 results.append(self.run_job(expanded_arg, cmd_copy))
src/azure-cli-core/azure/cli/core/commands/init.py:703: in run_job
 result = cmd_copy(params)
src/azure-cli-core/azure/cli/core/commands/init.py:336: in call
 return self.handler(*args, **kwargs)
src/azure-cli-core/azure/cli/core/commands/command_operation.py:120: in handler
 return op(**command_args)
src/azure-cli/azure/cli/command_modules/role/custom.py:255: in list_role_assignments
 assignments = search_role_assignments(cmd.cli_ctx, assignments_client, definitions_client,
src/azure-cli/azure/cli/command_modules/role/custom.py:589: in search_role_assignments
 assignments = list(assignments_client.list_for_scope(scope, filter=f))
env/lib/python3.12/site-packages/azure/core/paging.py:123: in next
 return next(self.page_iterator)
env/lib/python3.12/site-packages/azure/core/paging.py:75: in next
 self.response = self.get_next(self.continuation_token)
env/lib/python3.12/site-packages/azure/mgmt/authorization/v2022_04_01/operations/role_assignments_operations.py:1082: in get_next
 pipeline_response: PipelineResponse = self.client.pipeline.run( # pylint: disable=protected-access
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:229: in run
 return first_node.send(pipeline_request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/mgmt/core/policies/base.py:47: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/policies/redirect.py:197: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/policies/retry.py:532: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/policies/authentication.py:147: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.12/site-packages/azure/core/pipeline/base.py:118: in send
 self.sender.send(request.http_request, **request.context.options),
env/lib/python3.12/site-packages/azure/core/pipeline/transport/requests_basic.py:355: in send
 response = self.session.request( # type: ignore
env/lib/python3.12/site-packages/requests/sessions.py:589: in request
 resp = self.send(prep, **send_kwargs)
env/lib/python3.12/site-packages/requests/sessions.py:703: in send
 r = adapter.send(request, **kwargs)
env/lib/python3.12/site-packages/requests/adapters.py:667: in send
 resp = conn.urlopen(
env/lib/python3.12/site-packages/urllib3/connectionpool.py:715: in urlopen
 httplib_response = self.make_request(
env/lib/python3.12/site-packages/urllib3/connectionpool.py:458: in make_request
 httplib_response = conn.getresponse(buffering=True)


self = <vcr.patch.VCRRequestsHTTPSConnection/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/role/tests/latest/recordings/test_role_assignment_no_graph.yaml object at 0x7f61ce44b5c0>
= False, kwargs = {'buffering': True}

 def getresponse(self, =False, **kwargs):
 """Retrieve the response"""
 # Check to see if the cassette has a response for this request. If so,
 # then return it
 if self.cassette.can_play_response_for(self.vcr_request):
 log.info(f"Playing response for {self.vcr_request} from cassette")
 response = self.cassette.play_response(self.vcr_request)
 return VCRHTTPResponse(response)
 else:
 if self.cassette.write_protected and self.cassette.filter_request(self.vcr_request):
> raise CannotOverwriteExistingCassetteException(
 cassette=self.cassette,
 failed_request=self.vcr_request,
 )
E vcr.errors.CannotOverwriteExistingCassetteException: Can't overwrite existing cassette ('/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/role/tests/latest/recordings/test_role_assignment_no_graph.yaml') in your current record mode ('once').
E No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_role_assign000001/providers/Microsoft.Authorization/roleAssignments?api-version=2022-04-01>) was found.
E Found 1 similar requests with 1 different matcher(s) :
E
E 1 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_role_assign000001/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01>).
E Matchers succeeded : ['method', 'scheme', 'host', 'port', 'path']
E Matchers failed :
E custom_request_query_matcher - assertion failure :
E None

env/lib/python3.12/site-packages/vcr/stubs/init.py:264: CannotOverwriteExistingCassetteException

During handling of the above exception, another exception occurred:

self = <azure.cli.command_modules.role.tests.latest.test_role.RoleAssignmentScenarioTest testMethod=test_role_assignment_no_graph>
resource_group = 'cli_role_assign000001'

 @ResourceGroupPreparer(name_prefix='cli_role_assign')
 @AllowLargeResponse()
 def test_role_assignment_no_graph(self, resource_group):
 with mock.patch('azure.cli.command_modules.role.custom.gen_guid', side_effect=self.create_guid):
 self.kwargs.update({
 'uami': self.create_random_name('clitest', 15), # user-assigned managed identity
 # https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
 'role_reader_guid': 'acdd72a7-3385-48ef-bd42-f606fba81ae7'
 })
 self.prepare_scope_kwargs()

 uami = self.cmd('identity create -g {rg} -n {uami} --location westus').get_output_in_json()
 self.kwargs['uami_object_id'] = uami['principalId']

 self.cmd('role assignment create '
 '--assignee-object-id {uami_object_id} --assignee-principal-type ServicePrincipal '
 '--role {role_reader_guid} --scope {rg_id}')
 # Verify '--fill-principal-name false' skips the Graph query for filling principalName.
> self.cmd('role assignment list --scope {rg_id} --fill-principal-name false',
 checks=[
 self.check("length([])", 1),
 self.not_exists("[0].principalName")
 ])

src/azure-cli/azure/cli/command_modules/role/tests/latest/test_role.py:710:

src/azure-cli-testsdk/azure/cli/testsdk/base.py:176: in cmd
 return execute(self.cli_ctx, command, expect_failure=expect_failure).assert_with_checks(checks)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:251: in init
 self.in_process_execute(cli_ctx, command, expect_failure=expect_failure)


self = <azure.cli.testsdk.base.ExecutionResult object at 0x7f61ce4efc50>
cli_ctx = <azure.cli.core.mock.DummyCli object at 0x7f61cf381670>
command = 'role assignment list --scope /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_role_assign000001 --fill-principal-name false'
expect_failure = False

 def _in_process_execute(self, cli_ctx, command, expect_failure=False):
 from io import StringIO
 from vcr.errors import CannotOverwriteExistingCassetteException

 if command.startswith('az '):
 command = command[3:]

 stdout_buf = StringIO()
 logging_buf = StringIO()
 try:
 # issue: stderr cannot be redirect in this form, as a result some failure information
 # is lost when command fails.
 self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0
 self.output = stdout_buf.getvalue()
 self.applog = logging_buf.getvalue()

 except CannotOverwriteExistingCassetteException as ex:
> raise AssertionError(ex)
E AssertionError: Can't overwrite existing cassette ('/mnt/vss/_work/1/s/src/azure-cli/azure/cli/command_modules/role/tests/latest/recordings/test_role_assignment_no_graph.yaml') in your current record mode ('once').
E No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_role_assign000001/providers/Microsoft.Authorization/roleAssignments?api-version=2022-04-01>) was found.
E Found 1 similar requests with 1 different matcher(s) :
E
E 1 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_role_assign000001/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01>).
E Matchers succeeded : ['method', 'scheme', 'host', 'port', 'path']
E Matchers failed :
E _custom_request_query_matcher - assertion failure :
E None

src/azure-cli-testsdk/azure/cli/testsdk/base.py:307: AssertionError azure/cli/command_modules/role/tests/latest/test_role.py:691

Failed test_role_assignment_scenario The error message is too long, please check the pipeline log for details. azure/cli/command_modules/role/tests/latest/test_role.py:301

Failed test_role_assignment_handle_conflicted_assignments The error message is too long, please check the pipeline log for details. azure/cli/command_modules/role/tests/latest/test_role.py:722

❌3.9

Type Test Case Error Message Line

Failed test_role_assignment_create_using_principal_type The error message is too long, please check the pipeline log for details. azure/cli/command_modules/role/tests/latest/test_role.py:424

Failed test_role_assignment_no_graph self = <azure.cli.testsdk.base.ExecutionResult object at 0x7f6db02588b0>
cli_ctx = <azure.cli.core.mock.DummyCli object at 0x7f6db140e550>
command = 'role assignment list --scope /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_role_assign000001 --fill-principal-name false'
expect_failure = False

 def in_process_execute(self, cli_ctx, command, expect_failure=False):
 from io import StringIO
 from vcr.errors import CannotOverwriteExistingCassetteException

 if command.startswith('az '):
 command = command[3:]

 stdout_buf = StringIO()
 logging_buf = StringIO()
 try:
 # issue: stderr cannot be redirect in this form, as a result some failure information
 # is lost when command fails.
> self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0

src/azure-cli-testsdk/azure/cli/testsdk/base.py:302:

env/lib/python3.9/site-packages/knack/cli.py:245: in invoke
 exit_code = self.exception_handler(ex)
src/azure-cli-core/azure/cli/core/init.py:129: in exception_handler
 return handle_exception(ex)
src/azure-cli-testsdk/azure/cli/testsdk/patches.py:33: in handle_main_exception
 raise ex
env/lib/python3.9/site-packages/knack/cli.py:233: in invoke
 cmd_result = self.invocation.execute(args)
src/azure-cli-core/azure/cli/core/commands/init.py:666: in execute
 raise ex
src/azure-cli-core/azure/cli/core/commands/init.py:734: in run_jobs_serially
 results.append(self.run_job(expanded_arg, cmd_copy))
src/azure-cli-core/azure/cli/core/commands/init.py:703: in run_job
 result = cmd_copy(params)
src/azure-cli-core/azure/cli/core/commands/init.py:336: in call
 return self.handler(*args, **kwargs)
src/azure-cli-core/azure/cli/core/commands/command_operation.py:120: in handler
 return op(**command_args)
src/azure-cli/azure/cli/command_modules/role/custom.py:255: in list_role_assignments
 assignments = search_role_assignments(cmd.cli_ctx, assignments_client, definitions_client,
src/azure-cli/azure/cli/command_modules/role/custom.py:589: in search_role_assignments
 assignments = list(assignments_client.list_for_scope(scope, filter=f))
env/lib/python3.9/site-packages/azure/core/paging.py:123: in next
 return next(self.page_iterator)
env/lib/python3.9/site-packages/azure/core/paging.py:75: in next
 self.response = self.get_next(self.continuation_token)
env/lib/python3.9/site-packages/azure/mgmt/authorization/v2022_04_01/operations/role_assignments_operations.py:1082: in get_next
 pipeline_response: PipelineResponse = self.client.pipeline.run( # pylint: disable=protected-access
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:229: in run
 return first_node.send(pipeline_request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/mgmt/core/policies/base.py:47: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/redirect.py:197: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/retry.py:532: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/authentication.py:147: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:86: in send
 response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:118: in send
 self.sender.send(request.http_request, **request.context.options),
env/lib/python3.9/site-packages/azure/core/pipeline/transport/requests_basic.py:355: in send
 response = self.session.request( # type: ignore
env/lib/python3.9/site-packages/requests/sessions.py:589: in request
 resp = self.send(prep, **send_kwargs)
env/lib/python3.9/site-packages/requests/sessions.py:703: in send
 r = adapter.send(request, **kwargs)
env/lib/python3.9/site-packages/requests/adapters.py:667: in send
 resp = conn.urlopen(
env/lib/python3.9/site-packages/urllib3/connectionpool.py:715: in urlopen
 httplib_response = self.make_request(
env/lib/python3.9/site-packages/urllib3/connectionpool.py:458: in make_request
 httplib_response = conn.getresponse(buffering=True)


self = <vcr.patch.VCRRequestsHTTPSConnection/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/role/tests/latest/recordings/test_role_assignment_no_graph.yaml object at 0x7f6db03ec610>
= False, kwargs = {'buffering': True}

 def getresponse(self, =False, **kwargs):
 """Retrieve the response"""
 # Check to see if the cassette has a response for this request. If so,
 # then return it
 if self.cassette.can_play_response_for(self.vcr_request):
 log.info(f"Playing response for {self.vcr_request} from cassette")
 response = self.cassette.play_response(self.vcr_request)
 return VCRHTTPResponse(response)
 else:
 if self.cassette.write_protected and self.cassette.filter_request(self.vcr_request):
> raise CannotOverwriteExistingCassetteException(
 cassette=self.cassette,
 failed_request=self.vcr_request,
 )
E vcr.errors.CannotOverwriteExistingCassetteException: Can't overwrite existing cassette ('/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/role/tests/latest/recordings/test_role_assignment_no_graph.yaml') in your current record mode ('once').
E No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_role_assign000001/providers/Microsoft.Authorization/roleAssignments?api-version=2022-04-01>) was found.
E Found 1 similar requests with 1 different matcher(s) :
E
E 1 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_role_assign000001/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01>).
E Matchers succeeded : ['method', 'scheme', 'host', 'port', 'path']
E Matchers failed :
E custom_request_query_matcher - assertion failure :
E None

env/lib/python3.9/site-packages/vcr/stubs/init.py:264: CannotOverwriteExistingCassetteException

During handling of the above exception, another exception occurred:

self = <azure.cli.command_modules.role.tests.latest.test_role.RoleAssignmentScenarioTest testMethod=test_role_assignment_no_graph>
resource_group = 'cli_role_assign000001'

 @ResourceGroupPreparer(name_prefix='cli_role_assign')
 @AllowLargeResponse()
 def test_role_assignment_no_graph(self, resource_group):
 with mock.patch('azure.cli.command_modules.role.custom.gen_guid', side_effect=self.create_guid):
 self.kwargs.update({
 'uami': self.create_random_name('clitest', 15), # user-assigned managed identity
 # https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
 'role_reader_guid': 'acdd72a7-3385-48ef-bd42-f606fba81ae7'
 })
 self.prepare_scope_kwargs()

 uami = self.cmd('identity create -g {rg} -n {uami} --location westus').get_output_in_json()
 self.kwargs['uami_object_id'] = uami['principalId']

 self.cmd('role assignment create '
 '--assignee-object-id {uami_object_id} --assignee-principal-type ServicePrincipal '
 '--role {role_reader_guid} --scope {rg_id}')
 # Verify '--fill-principal-name false' skips the Graph query for filling principalName.
> self.cmd('role assignment list --scope {rg_id} --fill-principal-name false',
 checks=[
 self.check("length([])", 1),
 self.not_exists("[0].principalName")
 ])

src/azure-cli/azure/cli/command_modules/role/tests/latest/test_role.py:710:

src/azure-cli-testsdk/azure/cli/testsdk/base.py:176: in cmd
 return execute(self.cli_ctx, command, expect_failure=expect_failure).assert_with_checks(checks)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:251: in init
 self.in_process_execute(cli_ctx, command, expect_failure=expect_failure)


self = <azure.cli.testsdk.base.ExecutionResult object at 0x7f6db02588b0>
cli_ctx = <azure.cli.core.mock.DummyCli object at 0x7f6db140e550>
command = 'role assignment list --scope /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_role_assign000001 --fill-principal-name false'
expect_failure = False

 def _in_process_execute(self, cli_ctx, command, expect_failure=False):
 from io import StringIO
 from vcr.errors import CannotOverwriteExistingCassetteException

 if command.startswith('az '):
 command = command[3:]

 stdout_buf = StringIO()
 logging_buf = StringIO()
 try:
 # issue: stderr cannot be redirect in this form, as a result some failure information
 # is lost when command fails.
 self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0
 self.output = stdout_buf.getvalue()
 self.applog = logging_buf.getvalue()

 except CannotOverwriteExistingCassetteException as ex:
> raise AssertionError(ex)
E AssertionError: Can't overwrite existing cassette ('/mnt/vss/_work/1/s/src/azure-cli/azure/cli/command_modules/role/tests/latest/recordings/test_role_assignment_no_graph.yaml') in your current record mode ('once').
E No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_role_assign000001/providers/Microsoft.Authorization/roleAssignments?api-version=2022-04-01>) was found.
E Found 1 similar requests with 1 different matcher(s) :
E
E 1 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_role_assign000001/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2022-04-01>).
E Matchers succeeded : ['method', 'scheme', 'host', 'port', 'path']
E Matchers failed :
E _custom_request_query_matcher - assertion failure :
E None

src/azure-cli-testsdk/azure/cli/testsdk/base.py:307: AssertionError azure/cli/command_modules/role/tests/latest/test_role.py:691

Failed test_role_assignment_scenario The error message is too long, please check the pipeline log for details. azure/cli/command_modules/role/tests/latest/test_role.py:301

Failed test_role_assignment_handle_conflicted_assignments The error message is too long, please check the pipeline log for details. azure/cli/command_modules/role/tests/latest/test_role.py:722

️✔️search

️✔️latest

️✔️3.12

️✔️3.9

️✔️security

️✔️latest

️✔️3.12

️✔️3.9

️✔️servicebus

️✔️latest

️✔️3.12

️✔️3.9

️✔️serviceconnector

️✔️latest

️✔️3.12

️✔️3.9

️✔️servicefabric

️✔️latest

️✔️3.12

️✔️3.9

️✔️signalr

️✔️latest

️✔️3.12

️✔️3.9

️✔️sql

️✔️latest

️✔️3.12

️✔️3.9

️✔️sqlvm

️✔️latest

️✔️3.12

️✔️3.9

️✔️storage

️✔️2018-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2019-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️synapse

️✔️latest

️✔️3.12

️✔️3.9

️✔️telemetry

️✔️2018-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2019-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️util

️✔️latest

️✔️3.12

️✔️3.9

️✔️vm

️✔️2018-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2019-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

azure-client-tools-bot-prd · 2025-04-02T15:21:15Z

⚠️AzureCLI-BreakingChangeTest

⚠️role

rule cmd_name rule_message suggest_message

⚠️ 1006 - ParaAdd role assignment list cmd role assignment list added parameter at_scope

⚠️ 1008 - ParaPropAdd role assignment list cmd role assignment list update parameter show_all: added property deprecate_info_hide=True

⚠️ 1008 - ParaPropAdd role assignment list cmd role assignment list update parameter show_all: added property deprecate_info_target=--all

yonzhan · 2025-04-02T15:21:21Z

Thank you for your contribution! We will review the pull request and get back to you soon.

github-actions · 2025-04-02T15:21:23Z

The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR.

Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions).
After that please run the following commands to enable git hooks:

pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>

show_all

929f9d4

azure-client-tools-bot-prd bot added this to the May 2025 (2025-05-06) milestone Apr 2, 2025

microsoft-github-policy-service bot requested a review from yonzhan April 2, 2025 15:21

microsoft-github-policy-service bot added the Auto-Assign Auto assign by bot label Apr 2, 2025

microsoft-github-policy-service bot assigned jiasli Apr 2, 2025

microsoft-github-policy-service bot added the RBAC az role label Apr 2, 2025

jiasli modified the milestones: May 2025 (2025-05-06), Backlog Apr 7, 2025

a0x1ab added the act-identity-squad label Apr 1, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Role] `az role assignment list`: Make `--at-scope false` the default behavior#31181

[Role] `az role assignment list`: Make `--at-scope false` the default behavior#31181
jiasli wants to merge 1 commit intoAzure:devfrom
jiasli:at_scope_default

jiasli commented Apr 2, 2025

Uh oh!

azure-client-tools-bot-prd bot commented Apr 2, 2025 •

edited

Loading

Uh oh!

azure-client-tools-bot-prd bot commented Apr 2, 2025 •

edited

Loading

Uh oh!

yonzhan commented Apr 2, 2025

Uh oh!

github-actions bot commented Apr 2, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

jiasli commented Apr 2, 2025

Uh oh!

azure-client-tools-bot-prd bot commented Apr 2, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

azure-client-tools-bot-prd bot commented Apr 2, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

yonzhan commented Apr 2, 2025

Uh oh!

github-actions bot commented Apr 2, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

azure-client-tools-bot-prd bot commented Apr 2, 2025 •

edited

Loading

azure-client-tools-bot-prd bot commented Apr 2, 2025 •

edited

Loading