Azure · jiasli · Sep 5, 2025 · Aug 29, 2025 · basdanny · Sep 2, 2025
@@ -787,7 +787,7 @@ def assign_identity(cli_ctx, getter, setter, identity_role=None, identity_scope=
                                           parameters=parameters)
                 break
             except HttpResponseError as ex:
-                if 'role assignment already exists' in ex.message:
+                if ex.error.code == 'RoleAssignmentExists':
                     logger.info('Role assignment already exists')
                     break
                 if retry_time < retry_times and ' does not exist in the directory ' in ex.message:

@@ -118,7 +118,7 @@ def add_role_assignment(cmd, role, service_principal_msi_id, is_service_principa
             )
             break
         except HttpResponseError as ex:
-            if isinstance(ex, ResourceExistsError) or "The role assignment already exists." in ex.message:
+            if isinstance(ex, ResourceExistsError) or ex.error.code == 'RoleAssignmentExists':
                 break
             logger.info(ex.message)
         except Exception as ex:  # pylint: disable=broad-except

@@ -1332,7 +1332,7 @@ def _process_certificate(cli_ctx, years, app_start_date, app_end_date, cert, cre
 
 
 def _error_caused_by_role_assignment_exists(ex):
-    return getattr(ex, 'status_code', None) == 409 and 'role assignment already exists' in ex.message
+    return getattr(ex, 'status_code', None) == 409 and ex.error.code == 'RoleAssignmentExists'
-    return getattr(ex, 'status_code', None) == 409 and ex.error.code == 'RoleAssignmentExists'
+    error = getattr(ex, 'error', None)
+    return getattr(ex, 'status_code', None) == 409 and error is not None and getattr(error, 'code', None) == 'RoleAssignmentExists'
-    return getattr(ex, 'status_code', None) == 409 and ex.error.code == 'RoleAssignmentExists'
+    error = getattr(ex, 'error', None)
+    return getattr(ex, 'status_code', None) == 409 and error is not None and getattr(error, 'code', None) == 'RoleAssignmentExists'
 
 
 def _validate_app_dates(app_start_date, app_end_date, cert_start_date, cert_end_date):

@@ -158,7 +158,7 @@ def _get_object_stubs(graph_client, assignees):
 
 
 def _error_caused_by_role_assignment_exists(ex):
-    return getattr(ex, 'status_code', None) == 409 and 'role assignment already exists' in ex.message
+    return getattr(ex, 'status_code', None) == 409 and ex.error.code == 'RoleAssignmentExists'
 
 
 def _create_role_assignment(cmd, workspace_name, role, assignee, scope=None, item=None, item_type=None,