diff --git a/src/azure-cli/azure/cli/command_modules/identity/aaz/latest/identity/federated_credential/_create.py b/src/azure-cli/azure/cli/command_modules/identity/aaz/latest/identity/federated_credential/_create.py index 17be02521dc..ef10ec55423 100644 --- a/src/azure-cli/azure/cli/command_modules/identity/aaz/latest/identity/federated_credential/_create.py +++ b/src/azure-cli/azure/cli/command_modules/identity/aaz/latest/identity/federated_credential/_create.py @@ -88,6 +88,7 @@ def _build_arguments_schema(cls, *args, **kwargs): options=["--audiences"], arg_group="Properties", help="The aud value in the token sent to Azure for getting the user-assigned managed identity token. The value configured in the federated credential and the one in the incoming token must exactly match for Azure to issue the access token.", + default=["api://AzureADTokenExchange"], ) _args_schema.issuer = AAZStrArg( options=["--issuer"], diff --git a/src/azure-cli/azure/cli/command_modules/identity/tests/latest/recordings/test_federated_identity_credential.yaml b/src/azure-cli/azure/cli/command_modules/identity/tests/latest/recordings/test_federated_identity_credential.yaml index 56d99c9de48..bdac3231ff1 100644 --- a/src/azure-cli/azure/cli/command_modules/identity/tests/latest/recordings/test_federated_identity_credential.yaml +++ b/src/azure-cli/azure/cli/command_modules/identity/tests/latest/recordings/test_federated_identity_credential.yaml @@ -13,12 +13,12 @@ interactions: ParameterSetName: - -n -g User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: GET uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_federated_identity_credential_000001?api-version=2024-11-01 response: body: - string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001","name":"cli_test_federated_identity_credential_000001","type":"Microsoft.Resources/resourceGroups","location":"centraluseuap","tags":{"product":"azurecli","cause":"automation","test":"test_federated_identity_credential","date":"2025-05-13T16:18:30Z","module":"identity"},"properties":{"provisioningState":"Succeeded"}}' + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001","name":"cli_test_federated_identity_credential_000001","type":"Microsoft.Resources/resourceGroups","location":"centraluseuap","tags":{"product":"azurecli","cause":"automation","test":"test_federated_identity_credential","date":"2025-06-06T13:53:05Z","module":"identity"},"properties":{"provisioningState":"Succeeded"}}' headers: cache-control: - no-cache @@ -27,7 +27,7 @@ interactions: content-type: - application/json; charset=utf-8 date: - - Tue, 13 May 2025 16:18:32 GMT + - Fri, 06 Jun 2025 13:53:07 GMT expires: - '-1' pragma: @@ -41,7 +41,7 @@ interactions: x-ms-ratelimit-remaining-subscription-global-reads: - '3749' x-msedge-ref: - - 'Ref A: CCDEC4CB1BA74117A191612CD926C25E Ref B: SN4AA2022303023 Ref C: 2025-05-13T16:18:32Z' + - 'Ref A: 8A77C6A83412402294907F6F27B517A4 Ref B: SN4AA2022303025 Ref C: 2025-06-06T13:53:07Z' status: code: 200 message: OK @@ -63,12 +63,12 @@ interactions: ParameterSetName: - -n -g User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: PUT uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide?api-version=2023-01-31 response: body: - string: '{"location":"centraluseuap","tags":{},"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide","name":"ide","type":"Microsoft.ManagedIdentity/userAssignedIdentities","properties":{"tenantId":"abd8daee-d393-4239-9377-883adda3d40f","principalId":"bfec20f8-b4cc-44db-8490-d2bf8ece6cbe","clientId":"d5a162ad-ae2d-460f-a791-bce75b9b777b"}}' + string: '{"location":"centraluseuap","tags":{},"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide","name":"ide","type":"Microsoft.ManagedIdentity/userAssignedIdentities","properties":{"tenantId":"abd8daee-d393-4239-9377-883adda3d40f","principalId":"79128027-2560-488a-a048-b713ed14fe18","clientId":"1b838f5f-bdee-4e68-8b12-954d29476a05"}}' headers: cache-control: - no-cache @@ -77,7 +77,7 @@ interactions: content-type: - application/json; charset=utf-8 date: - - Tue, 13 May 2025 16:18:35 GMT + - Fri, 06 Jun 2025 13:53:11 GMT expires: - '-1' location: @@ -91,13 +91,13 @@ interactions: x-content-type-options: - nosniff x-ms-operation-identifier: - - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/8e4232a0-3a2f-4513-8787-ed011ff9f349 + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/8f8a026c-883b-4a41-a734-1607be24cb69 x-ms-ratelimit-remaining-subscription-global-writes: - '2999' x-ms-ratelimit-remaining-subscription-writes: - '199' x-msedge-ref: - - 'Ref A: 5BEC40721B534EE48F95CFDC61E297AE Ref B: SN4AA2022302049 Ref C: 2025-05-13T16:18:32Z' + - 'Ref A: 47DC449B6F07487BBFB56D5CE856C466 Ref B: SN4AA2022305037 Ref C: 2025-06-06T13:53:08Z' status: code: 201 message: Created @@ -120,7 +120,7 @@ interactions: ParameterSetName: - --name --identity-name --resource-group --subject --issuer --audiences User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: PUT uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic1?api-version=2025-01-31-preview response: @@ -134,7 +134,7 @@ interactions: content-type: - application/json; charset=utf-8 date: - - Tue, 13 May 2025 16:18:37 GMT + - Fri, 06 Jun 2025 13:53:13 GMT expires: - '-1' location: @@ -148,13 +148,13 @@ interactions: x-content-type-options: - nosniff x-ms-operation-identifier: - - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/ead4f916-d2b7-4a2d-aad2-8b104e4ca7ad + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/d318cb52-175c-486f-948e-cf802f7e13fb x-ms-ratelimit-remaining-subscription-global-writes: - '2999' x-ms-ratelimit-remaining-subscription-writes: - '199' x-msedge-ref: - - 'Ref A: AC05F81CFB884EDA9C04760EA65EFB0C Ref B: SN4AA2022302011 Ref C: 2025-05-13T16:18:36Z' + - 'Ref A: 97D804052A1443D7B5EFEEBD4E96DFFF Ref B: SN4AA2022302053 Ref C: 2025-06-06T13:53:12Z' status: code: 201 message: Created @@ -177,7 +177,7 @@ interactions: ParameterSetName: - --name --identity-name --resource-group --subject --issuer --audiences User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: PUT uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic2?api-version=2025-01-31-preview response: @@ -191,7 +191,7 @@ interactions: content-type: - application/json; charset=utf-8 date: - - Tue, 13 May 2025 16:18:38 GMT + - Fri, 06 Jun 2025 13:53:15 GMT expires: - '-1' location: @@ -205,13 +205,13 @@ interactions: x-content-type-options: - nosniff x-ms-operation-identifier: - - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/4f8fffd4-2f5c-4cb0-a667-f784122538a5 + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/bdf3e9f7-86ac-4506-bf82-f941f21d1257 x-ms-ratelimit-remaining-subscription-global-writes: - '2999' x-ms-ratelimit-remaining-subscription-writes: - '199' x-msedge-ref: - - 'Ref A: A93DAA3348284E46A2AE39B370178BA2 Ref B: SN4AA2022304029 Ref C: 2025-05-13T16:18:38Z' + - 'Ref A: 9729A881BC714202AD4B55A4038CBACB Ref B: SN4AA2022304051 Ref C: 2025-06-06T13:53:14Z' status: code: 201 message: Created @@ -235,7 +235,7 @@ interactions: - --name --identity-name --resource-group --claims-matching-expression-version --claims-matching-expression-value --issuer --audiences User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: PUT uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic3?api-version=2025-01-31-preview response: @@ -250,7 +250,7 @@ interactions: content-type: - application/json; charset=utf-8 date: - - Tue, 13 May 2025 16:18:40 GMT + - Fri, 06 Jun 2025 13:53:16 GMT expires: - '-1' location: @@ -264,13 +264,13 @@ interactions: x-content-type-options: - nosniff x-ms-operation-identifier: - - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/63dbb151-d6fa-42a1-b2a3-19aeef95b52e + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/f668ce85-54a4-4efe-8a76-486e116bbb9b x-ms-ratelimit-remaining-subscription-global-writes: - '2999' x-ms-ratelimit-remaining-subscription-writes: - '199' x-msedge-ref: - - 'Ref A: 51EB7DB4C96B4AC6AFEE3E0622FFE23E Ref B: SN4AA2022305019 Ref C: 2025-05-13T16:18:39Z' + - 'Ref A: E4C37B6D845648A7A699014C8A258C01 Ref B: SN4AA2022303009 Ref C: 2025-06-06T13:53:15Z' status: code: 201 message: Created @@ -288,7 +288,7 @@ interactions: ParameterSetName: - --name --identity-name --resource-group User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: GET uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic1?api-version=2025-01-31-preview response: @@ -302,7 +302,7 @@ interactions: content-type: - application/json; charset=utf-8 date: - - Tue, 13 May 2025 16:18:41 GMT + - Fri, 06 Jun 2025 13:53:17 GMT expires: - '-1' pragma: @@ -314,11 +314,11 @@ interactions: x-content-type-options: - nosniff x-ms-operation-identifier: - - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/4166165a-a785-491a-b027-a8747890fa8a + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/30c8eaa1-7e59-42e1-9174-d32f230e6d23 x-ms-ratelimit-remaining-subscription-global-reads: - '3749' x-msedge-ref: - - 'Ref A: CD93FEF490A5403C84B89CB03BCDAA6A Ref B: SN4AA2022305037 Ref C: 2025-05-13T16:18:41Z' + - 'Ref A: CBDBE530355042FA86DAA37DB3937EA2 Ref B: SN4AA2022302017 Ref C: 2025-06-06T13:53:17Z' status: code: 200 message: OK @@ -336,7 +336,7 @@ interactions: ParameterSetName: - --name --identity-name --resource-group User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: GET uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic3?api-version=2025-01-31-preview response: @@ -351,7 +351,7 @@ interactions: content-type: - application/json; charset=utf-8 date: - - Tue, 13 May 2025 16:18:41 GMT + - Fri, 06 Jun 2025 13:53:18 GMT expires: - '-1' pragma: @@ -363,11 +363,11 @@ interactions: x-content-type-options: - nosniff x-ms-operation-identifier: - - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/961ea5d4-2590-4a35-b39d-84a63f731475 + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/6c407ddc-e71a-44c0-95e1-af25ff113d63 x-ms-ratelimit-remaining-subscription-global-reads: - '3749' x-msedge-ref: - - 'Ref A: 5EB5BA63F1AD4DD8920708F0691EA337 Ref B: SN4AA2022302017 Ref C: 2025-05-13T16:18:42Z' + - 'Ref A: 67A0CE2371704F9DBAFD4815210BEF3D Ref B: SN4AA2022302009 Ref C: 2025-06-06T13:53:18Z' status: code: 200 message: OK @@ -385,7 +385,7 @@ interactions: ParameterSetName: - --identity-name --resource-group User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: GET uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials?api-version=2025-01-31-preview response: @@ -400,7 +400,7 @@ interactions: content-type: - application/json; charset=utf-8 date: - - Tue, 13 May 2025 16:18:42 GMT + - Fri, 06 Jun 2025 13:53:19 GMT expires: - '-1' pragma: @@ -412,11 +412,11 @@ interactions: x-content-type-options: - nosniff x-ms-operation-identifier: - - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/6d55f60f-3454-461a-ad07-e34066cc29c8 + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/e870578b-ed9e-4fd8-971a-8a75d640466e x-ms-ratelimit-remaining-subscription-global-reads: - '3749' x-msedge-ref: - - 'Ref A: A8C06687DCA8436BB8B104FE4BD618E7 Ref B: SN4AA2022302027 Ref C: 2025-05-13T16:18:42Z' + - 'Ref A: 24C864DBA7EA4179B087847B59B0374F Ref B: SN4AA2022303019 Ref C: 2025-06-06T13:53:19Z' status: code: 200 message: OK @@ -434,7 +434,7 @@ interactions: ParameterSetName: - --name --identity-name --resource-group --subject --issuer --audiences User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: GET uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic1?api-version=2025-01-31-preview response: @@ -448,7 +448,7 @@ interactions: content-type: - application/json; charset=utf-8 date: - - Tue, 13 May 2025 16:18:43 GMT + - Fri, 06 Jun 2025 13:53:20 GMT expires: - '-1' pragma: @@ -460,11 +460,11 @@ interactions: x-content-type-options: - nosniff x-ms-operation-identifier: - - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/fa21b6bb-6659-4d4c-8f7e-ac053c7f906d + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/a2583402-c0e4-42d1-8c6e-341bc2800a57 x-ms-ratelimit-remaining-subscription-global-reads: - '3749' x-msedge-ref: - - 'Ref A: 73D9EB3C7CA6451AAE0B6A127F322D19 Ref B: SN4AA2022303053 Ref C: 2025-05-13T16:18:43Z' + - 'Ref A: 0BA2133A125944A88876A06F830066B8 Ref B: SN4AA2022304053 Ref C: 2025-06-06T13:53:20Z' status: code: 200 message: OK @@ -487,7 +487,7 @@ interactions: ParameterSetName: - --name --identity-name --resource-group --subject --issuer --audiences User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: PUT uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic1?api-version=2025-01-31-preview response: @@ -501,7 +501,7 @@ interactions: content-type: - application/json; charset=utf-8 date: - - Tue, 13 May 2025 16:18:44 GMT + - Fri, 06 Jun 2025 13:53:22 GMT expires: - '-1' pragma: @@ -513,13 +513,13 @@ interactions: x-content-type-options: - nosniff x-ms-operation-identifier: - - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/352e8bfa-6ea8-465b-8b16-68f1b32f7015 + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/89941643-76d6-4a9d-a343-ab5dfc6fe342 x-ms-ratelimit-remaining-subscription-global-writes: - '2999' x-ms-ratelimit-remaining-subscription-writes: - '199' x-msedge-ref: - - 'Ref A: 6DA129A82AAC44A79C9BACA957AB83E0 Ref B: SN4AA2022303031 Ref C: 2025-05-13T16:18:44Z' + - 'Ref A: 6F389FF2F345433F8C65BD75FEE5C4FB Ref B: SN4AA2022304053 Ref C: 2025-06-06T13:53:21Z' status: code: 200 message: OK @@ -538,7 +538,7 @@ interactions: - --name --identity-name --resource-group --claims-matching-expression-version --claims-matching-expression-value --issuer --audiences User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: GET uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic3?api-version=2025-01-31-preview response: @@ -553,7 +553,7 @@ interactions: content-type: - application/json; charset=utf-8 date: - - Tue, 13 May 2025 16:18:44 GMT + - Fri, 06 Jun 2025 13:53:23 GMT expires: - '-1' pragma: @@ -565,11 +565,11 @@ interactions: x-content-type-options: - nosniff x-ms-operation-identifier: - - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/88ade9b1-e6d0-4809-9253-74e667162b9f + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/af736d34-a901-4dfe-b144-7ffa9d703493 x-ms-ratelimit-remaining-subscription-global-reads: - '3749' x-msedge-ref: - - 'Ref A: B86BD6EAC6764B858CACE80918ECE442 Ref B: SN4AA2022305047 Ref C: 2025-05-13T16:18:45Z' + - 'Ref A: 4A48A723ABBE4289A8E5E17D5E93F764 Ref B: SN4AA2022302029 Ref C: 2025-06-06T13:53:23Z' status: code: 200 message: OK @@ -594,7 +594,7 @@ interactions: - --name --identity-name --resource-group --claims-matching-expression-version --claims-matching-expression-value --issuer --audiences User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: PUT uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic3?api-version=2025-01-31-preview response: @@ -609,7 +609,7 @@ interactions: content-type: - application/json; charset=utf-8 date: - - Tue, 13 May 2025 16:18:46 GMT + - Fri, 06 Jun 2025 13:53:25 GMT expires: - '-1' pragma: @@ -621,13 +621,13 @@ interactions: x-content-type-options: - nosniff x-ms-operation-identifier: - - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/36d49a46-9dd3-4d37-b800-1a431267fe2d + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/d8dc50bf-040a-4720-b372-41e46d940a43 x-ms-ratelimit-remaining-subscription-global-writes: - '2999' x-ms-ratelimit-remaining-subscription-writes: - '199' x-msedge-ref: - - 'Ref A: 0DC0B4BF5AB84302A58D3D021AF081F8 Ref B: SN4AA2022305029 Ref C: 2025-05-13T16:18:46Z' + - 'Ref A: DC4707E6132D48159A4EED5097E7F425 Ref B: SN4AA2022302025 Ref C: 2025-06-06T13:53:23Z' status: code: 200 message: OK @@ -647,7 +647,7 @@ interactions: ParameterSetName: - --name --identity-name --resource-group --yes User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: DELETE uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic1?api-version=2025-01-31-preview response: @@ -659,7 +659,7 @@ interactions: content-length: - '0' date: - - Tue, 13 May 2025 16:18:48 GMT + - Fri, 06 Jun 2025 13:53:26 GMT expires: - '-1' pragma: @@ -671,13 +671,13 @@ interactions: x-content-type-options: - nosniff x-ms-operation-identifier: - - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/f539478d-fe8e-44e1-bc87-4799843cf085 + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/33baa0dd-e658-494e-a1dc-6c25923d7cad x-ms-ratelimit-remaining-subscription-deletes: - '199' x-ms-ratelimit-remaining-subscription-global-deletes: - '2999' x-msedge-ref: - - 'Ref A: C179BAFA65834744BA794DCD21A329D4 Ref B: SN4AA2022305045 Ref C: 2025-05-13T16:18:47Z' + - 'Ref A: D2A9027E994C4CC693056C46876FB17B Ref B: SN4AA2022302019 Ref C: 2025-06-06T13:53:25Z' status: code: 200 message: OK @@ -695,7 +695,7 @@ interactions: ParameterSetName: - --identity-name --resource-group User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: GET uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials?api-version=2025-01-31-preview response: @@ -710,7 +710,7 @@ interactions: content-type: - application/json; charset=utf-8 date: - - Tue, 13 May 2025 16:18:49 GMT + - Fri, 06 Jun 2025 13:53:27 GMT expires: - '-1' pragma: @@ -722,14 +722,71 @@ interactions: x-content-type-options: - nosniff x-ms-operation-identifier: - - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/967155cd-af24-4617-9cec-c38453f03b1a + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/6757861f-5582-4cfa-a9fc-eee6f545f862 x-ms-ratelimit-remaining-subscription-global-reads: - '3749' x-msedge-ref: - - 'Ref A: 18AB4822A0224850A818A8168F20FBD0 Ref B: SN4AA2022303025 Ref C: 2025-05-13T16:18:48Z' + - 'Ref A: C1FD8D319B24465C9E914607417ADBDF Ref B: SN4AA2022304053 Ref C: 2025-06-06T13:53:26Z' status: code: 200 message: OK +- request: + body: '{"properties": {"audiences": ["api://AzureADTokenExchange"], "issuer": + "https://token.actions.githubusercontent.com", "subject": "system:serviceaccount:ns:svcaccount4"}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - identity federated-credential create + Connection: + - keep-alive + Content-Length: + - '169' + Content-Type: + - application/json + ParameterSetName: + - --name --identity-name --resource-group --subject --issuer + User-Agent: + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic4?api-version=2025-01-31-preview + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic4","name":"fic4","type":"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials","properties":{"issuer":"https://token.actions.githubusercontent.com","subject":"system:serviceaccount:ns:svcaccount4","audiences":["api://AzureADTokenExchange"]}}' + headers: + cache-control: + - no-cache + content-length: + - '481' + content-type: + - application/json; charset=utf-8 + date: + - Fri, 06 Jun 2025 13:53:28 GMT + expires: + - '-1' + location: + - /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic4 + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + x-cache: + - CONFIG_NOCACHE + x-content-type-options: + - nosniff + x-ms-operation-identifier: + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/aa574850-4dd2-4317-8926-c5c8bfbb0647 + x-ms-ratelimit-remaining-subscription-global-writes: + - '2999' + x-ms-ratelimit-remaining-subscription-writes: + - '199' + x-msedge-ref: + - 'Ref A: 1310F94B30044CBA85F0CF821E0B0925 Ref B: SN4AA2022304023 Ref C: 2025-06-06T13:53:27Z' + status: + code: 201 + message: Created - request: body: null headers: @@ -746,7 +803,7 @@ interactions: ParameterSetName: - --name --identity-name --resource-group --yes User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: DELETE uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic2?api-version=2025-01-31-preview response: @@ -758,7 +815,7 @@ interactions: content-length: - '0' date: - - Tue, 13 May 2025 16:18:50 GMT + - Fri, 06 Jun 2025 13:53:29 GMT expires: - '-1' pragma: @@ -770,13 +827,13 @@ interactions: x-content-type-options: - nosniff x-ms-operation-identifier: - - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/54091a22-ec01-442a-9f87-62802d9febb1 + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/465e9dc4-a2d1-4750-bf03-80b300818de6 x-ms-ratelimit-remaining-subscription-deletes: - '199' x-ms-ratelimit-remaining-subscription-global-deletes: - '2999' x-msedge-ref: - - 'Ref A: 810689F43B7E4D5A8D160ADE214A9BAF Ref B: SN4AA2022304025 Ref C: 2025-05-13T16:18:49Z' + - 'Ref A: C71BDCE8765C40A28A50D86EE53554B1 Ref B: SN4AA2022303029 Ref C: 2025-06-06T13:53:29Z' status: code: 200 message: OK @@ -796,7 +853,7 @@ interactions: ParameterSetName: - --name --identity-name --resource-group --yes User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: DELETE uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic3?api-version=2025-01-31-preview response: @@ -808,7 +865,57 @@ interactions: content-length: - '0' date: - - Tue, 13 May 2025 16:18:50 GMT + - Fri, 06 Jun 2025 13:53:30 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + x-cache: + - CONFIG_NOCACHE + x-content-type-options: + - nosniff + x-ms-operation-identifier: + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/cf8c47ce-aad0-4175-b679-412c1d1b9cf1 + x-ms-ratelimit-remaining-subscription-deletes: + - '199' + x-ms-ratelimit-remaining-subscription-global-deletes: + - '2999' + x-msedge-ref: + - 'Ref A: CE9304E9D13C487A9C0AAE5276BB1B0B Ref B: SN4AA2022305029 Ref C: 2025-06-06T13:53:30Z' + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - identity federated-credential delete + Connection: + - keep-alive + Content-Length: + - '0' + ParameterSetName: + - --name --identity-name --resource-group --yes + User-Agent: + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + method: DELETE + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic4?api-version=2025-01-31-preview + response: + body: + string: '' + headers: + cache-control: + - no-cache + content-length: + - '0' + date: + - Fri, 06 Jun 2025 13:53:32 GMT expires: - '-1' pragma: @@ -820,13 +927,13 @@ interactions: x-content-type-options: - nosniff x-ms-operation-identifier: - - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/dc2f032a-8e0f-46e9-9bc8-9254b931be04 + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/cf80b234-4f5c-4c00-9980-f61d6520b1ae x-ms-ratelimit-remaining-subscription-deletes: - '199' x-ms-ratelimit-remaining-subscription-global-deletes: - '2999' x-msedge-ref: - - 'Ref A: 3E3367223BA642438CD3E36E69DFD270 Ref B: SN4AA2022305047 Ref C: 2025-05-13T16:18:50Z' + - 'Ref A: C0EE39096BAC45EB80BB77717ADF1663 Ref B: SN4AA2022305021 Ref C: 2025-06-06T13:53:31Z' status: code: 200 message: OK @@ -844,7 +951,7 @@ interactions: ParameterSetName: - --identity-name --resource-group User-Agent: - - AZURECLI/2.72.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) + - AZURECLI/2.74.0 azsdk-python-core/1.34.0 Python/3.12.10 (Windows-11-10.0.26100-SP0) method: GET uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials?api-version=2025-01-31-preview response: @@ -858,7 +965,7 @@ interactions: content-type: - application/json; charset=utf-8 date: - - Tue, 13 May 2025 16:18:51 GMT + - Fri, 06 Jun 2025 13:53:33 GMT expires: - '-1' pragma: @@ -870,11 +977,11 @@ interactions: x-content-type-options: - nosniff x-ms-operation-identifier: - - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/446defe4-15ac-48c8-8662-f25509af958b + - tenantId=abd8daee-d393-4239-9377-883adda3d40f,objectId=7d2472ba-902d-407c-ae0d-72c7f66f95c6/southcentralus/248c9ce0-0622-474b-89ce-42fda995dda8 x-ms-ratelimit-remaining-subscription-global-reads: - '3749' x-msedge-ref: - - 'Ref A: D41D27B044F74CA28A4E0D72736649F8 Ref B: SN4AA2022303047 Ref C: 2025-05-13T16:18:51Z' + - 'Ref A: CE05A8EBDD6340E8ABDB59C0370752FE Ref B: SN4AA2022305027 Ref C: 2025-06-06T13:53:33Z' status: code: 200 message: OK diff --git a/src/azure-cli/azure/cli/command_modules/identity/tests/latest/test_identity.py b/src/azure-cli/azure/cli/command_modules/identity/tests/latest/test_identity.py index 3ffb87e5901..a3b1628f1b6 100644 --- a/src/azure-cli/azure/cli/command_modules/identity/tests/latest/test_identity.py +++ b/src/azure-cli/azure/cli/command_modules/identity/tests/latest/test_identity.py @@ -36,9 +36,11 @@ def test_federated_identity_credential(self, resource_group): 'fic1': 'fic1', 'fic2': 'fic2', 'fic3': 'fic3', + 'fic4': 'fic4', 'subject1': 'system:serviceaccount:ns:svcaccount1', 'subject2': 'system:serviceaccount:ns:svcaccount2', 'subject3': 'system:serviceaccount:ns:svcaccount3', + 'subject4': 'system:serviceaccount:ns:svcaccount4', 'issuer': 'https://token.actions.githubusercontent.com', 'audience': 'api://AzureADTokenExchange', 'cme_version': '1', @@ -155,15 +157,27 @@ def test_federated_identity_credential(self, resource_group): self.check('[1].claimsMatchingExpression.value', "{new_cme_value}") ]) + # test default audiences value + self.cmd('identity federated-credential create --name {fic4} --identity-name {identity} --resource-group {rg} ' + '--subject {subject4} --issuer {issuer}', + checks=[ + self.check('length(audiences)', 1), + self.check('audiences[0]', 'api://AzureADTokenExchange'), + self.check('issuer', '{issuer}'), + self.check('subject', '{subject4}') + ]) + # delete remaining federated identity credentials self.cmd('identity federated-credential delete --name {fic2}' ' --identity-name {identity} --resource-group {rg} --yes') self.cmd('identity federated-credential delete --name {fic3}' ' --identity-name {identity} --resource-group {rg} --yes') + self.cmd('identity federated-credential delete --name {fic4}' + ' --identity-name {identity} --resource-group {rg} --yes') - # verify all are deleted self.cmd('identity federated-credential list --identity-name {identity} --resource-group {rg}', checks=[ self.check('type(@)', 'array'), self.check('length(@)', 0) ]) + \ No newline at end of file