-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Azure Data Connector cli doesn't work #27190
Comments
Thank you for opening this issue, we will look into it. |
Thank you for your feedback. This has been routed to the support team for assistance. |
@necusjz, please help take a look. |
@zoxendine Thanks for reaching out to us and reporting this issue. While running the More info here. |
@navba-MSFT Why is active-directory required for Azure Activity? What permissions are required for sentinel connections with AAD as I can't find any documentation with this information, as I am seeing a permissions error that must be due to AAD access as I was able to use the data connector for defender with no errors.
|
@zoxendine What about other similar arguments? Is there any argument meet your scenario? If so, then try to fill it. |
I get access denied when attempt to create an AAD connection. We need to know what perms are required for these data connections to take place
|
Could you please provide the debug log by appending |
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @amirkeren. |
Still seeing an access denied issue are there no documentation on what perms are required for data connections? `cli.azure.cli.core.sdk.policies: Request URL: 'https://management.usgovcloudapi.net/subscriptions/sub-id/resourceGroups/rg/providers/Microsoft.OperationalInsights/workspaces/workspace/providers/Microsoft.SecurityInsights/dataConnectors/AzureActiveDirectory?api-version=2022-06-01-preview' cli.azure.cli.core.azclierror: (Unauthorized) Access denied |
Thank you for your info, I'll contact service team for the root cause. |
@necusjz Any update on this matter? |
Waiting for reply from service team. |
Bumping for assistance @necusjz |
I'll keep you updated, but unfortunately... |
Any updates? |
These are completely different data connectors so this does not help this case at all unfortunately. Azure Activity currently applies through policy and it had changed sometime back so my bet is that it had never been implemented in az cli. |
Am I correct to assume that the az cli doesn't support/work with data connectors at this point; and this needs to be done manually through the Portal? I am also attempting to use terraform for automation but get authorization issues with that as well. |
I think so. |
Any timeline or feedback on this issue. Can we expect az cli to implement these at some point? This is really an issue with automation of IaC steps. Applying the policy through code seems wonky and I couldn't get it to work under: I still have yet to raise a support case on that one but this is a blocker for us. |
I have the same issue deploying through terraform. The service principle has data connector update perms but returns a 401. Any update? Details on perms for the user/spn creating the service connector through the apis would be helpful |
Describe the bug
the azure data connector create does not create the desired data connection
Related command
az sentinel data-connector create -n AzureActivity -g rg -w workspace
Errors
The command failed with an unexpected error. Here is the traceback:
"Model 'AAZObjectType' has no field named 'kind'"
Traceback (most recent call last):
File "/usr/lib64/az/lib/python3.9/site-packages/knack/cli.py", line 233, in invoke
cmd_result = self.invocation.execute(args)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 663, in execute
raise ex
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 726, in _run_jobs_serially
results.append(self._run_job(expanded_arg, cmd_copy))
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 697, in _run_job
result = cmd_copy(params)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_command.py", line 154, in call
return self._handler(*args, **kwargs)
File "/home/vagrant/.azure/cliextensions/sentinel/azext_sentinel/aaz/latest/sentinel/data_connector/_create.py", line 31, in _handler
self._execute_operations()
File "/home/vagrant/.azure/cliextensions/sentinel/azext_sentinel/aaz/latest/sentinel/data_connector/_create.py", line 1105, in _execute_operations
self.DataConnectorsCreateOrUpdate(ctx=self.ctx)()
File "/home/vagrant/.azure/cliextensions/sentinel/azext_sentinel/aaz/latest/sentinel/data_connector/_create.py", line 1115, in call
request = self.make_request()
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_operation.py", line 318, in make_request
self.content, self.form_content, self.stream_content)
File "/home/vagrant/.azure/cliextensions/sentinel/azext_sentinel/aaz/latest/sentinel/data_connector/_create.py", line 1209, in content
_builder.discriminate_by("kind", "APIPolling")
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_content_builder.py", line 159, in discriminate_by
schema.discriminate_by(prop_name, prop_value)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_field_type.py", line 243, in discriminate_by
raise AAZUnknownFieldError(self, key)
azure.cli.core.aaz.exceptions.AAZUnknownFieldError: "Model 'AAZObjectType' has no field named 'kind'"
Issue script & Debug output
msal.application: Broker enabled? False
cli.azure.cli.core.azclierror: Traceback (most recent call last):
File "/usr/lib64/az/lib/python3.9/site-packages/knack/cli.py", line 233, in invoke
cmd_result = self.invocation.execute(args)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 663, in execute
raise ex
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 726, in _run_jobs_serially
results.append(self._run_job(expanded_arg, cmd_copy))
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 697, in _run_job
result = cmd_copy(params)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_command.py", line 154, in call
return self._handler(*args, **kwargs)
File "/home/vagrant/.azure/cliextensions/sentinel/azext_sentinel/aaz/latest/sentinel/data_connector/_create.py", line 31, in _handler
self._execute_operations()
File "/home/vagrant/.azure/cliextensions/sentinel/azext_sentinel/aaz/latest/sentinel/data_connector/_create.py", line 1105, in _execute_operations
self.DataConnectorsCreateOrUpdate(ctx=self.ctx)()
File "/home/vagrant/.azure/cliextensions/sentinel/azext_sentinel/aaz/latest/sentinel/data_connector/_create.py", line 1115, in call
request = self.make_request()
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_operation.py", line 318, in make_request
self.content, self.form_content, self.stream_content)
File "/home/vagrant/.azure/cliextensions/sentinel/azext_sentinel/aaz/latest/sentinel/data_connector/_create.py", line 1209, in content
_builder.discriminate_by("kind", "APIPolling")
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_content_builder.py", line 159, in discriminate_by
schema.discriminate_by(prop_name, prop_value)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_field_type.py", line 243, in discriminate_by
raise AAZUnknownFieldError(self, key)
azure.cli.core.aaz.exceptions.AAZUnknownFieldError: "Model 'AAZObjectType' has no field named 'kind'"
cli.azure.cli.core.azclierror: The command failed with an unexpected error. Here is the traceback:
az_command_data_logger: The command failed with an unexpected error. Here is the traceback:
cli.azure.cli.core.azclierror: "Model 'AAZObjectType' has no field named 'kind'"
Traceback (most recent call last):
File "/usr/lib64/az/lib/python3.9/site-packages/knack/cli.py", line 233, in invoke
cmd_result = self.invocation.execute(args)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 663, in execute
raise ex
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 726, in _run_jobs_serially
results.append(self._run_job(expanded_arg, cmd_copy))
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 697, in _run_job
result = cmd_copy(params)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_command.py", line 154, in call
return self._handler(*args, **kwargs)
File "/home/vagrant/.azure/cliextensions/sentinel/azext_sentinel/aaz/latest/sentinel/data_connector/_create.py", line 31, in _handler
self._execute_operations()
File "/home/vagrant/.azure/cliextensions/sentinel/azext_sentinel/aaz/latest/sentinel/data_connector/_create.py", line 1105, in _execute_operations
self.DataConnectorsCreateOrUpdate(ctx=self.ctx)()
File "/home/vagrant/.azure/cliextensions/sentinel/azext_sentinel/aaz/latest/sentinel/data_connector/_create.py", line 1115, in call
request = self.make_request()
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_operation.py", line 318, in make_request
self.content, self.form_content, self.stream_content)
File "/home/vagrant/.azure/cliextensions/sentinel/azext_sentinel/aaz/latest/sentinel/data_connector/_create.py", line 1209, in content
_builder.discriminate_by("kind", "APIPolling")
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_content_builder.py", line 159, in discriminate_by
schema.discriminate_by(prop_name, prop_value)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_field_type.py", line 243, in discriminate_by
raise AAZUnknownFieldError(self, key)
azure.cli.core.aaz.exceptions.AAZUnknownFieldError: "Model 'AAZObjectType' has no field named 'kind'"
az_command_data_logger: "Model 'AAZObjectType' has no field named 'kind'"
Traceback (most recent call last):
File "/usr/lib64/az/lib/python3.9/site-packages/knack/cli.py", line 233, in invoke
cmd_result = self.invocation.execute(args)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 663, in execute
raise ex
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 726, in _run_jobs_serially
results.append(self._run_job(expanded_arg, cmd_copy))
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 697, in _run_job
result = cmd_copy(params)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_command.py", line 154, in call
return self._handler(*args, **kwargs)
File "/home/vagrant/.azure/cliextensions/sentinel/azext_sentinel/aaz/latest/sentinel/data_connector/_create.py", line 31, in _handler
self._execute_operations()
File "/home/vagrant/.azure/cliextensions/sentinel/azext_sentinel/aaz/latest/sentinel/data_connector/_create.py", line 1105, in _execute_operations
self.DataConnectorsCreateOrUpdate(ctx=self.ctx)()
File "/home/vagrant/.azure/cliextensions/sentinel/azext_sentinel/aaz/latest/sentinel/data_connector/_create.py", line 1115, in call
request = self.make_request()
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_operation.py", line 318, in make_request
self.content, self.form_content, self.stream_content)
File "/home/vagrant/.azure/cliextensions/sentinel/azext_sentinel/aaz/latest/sentinel/data_connector/_create.py", line 1209, in content
_builder.discriminate_by("kind", "APIPolling")
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_content_builder.py", line 159, in discriminate_by
schema.discriminate_by(prop_name, prop_value)
File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/aaz/_field_type.py", line 243, in discriminate_by
raise AAZUnknownFieldError(self, key)
azure.cli.core.aaz.exceptions.AAZUnknownFieldError: "Model 'AAZObjectType' has no field named 'kind'"
To check existing issues, please visit: https://github.com/Azure/azure-cli/issues
cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x7fb2bc4ea790>]
az_command_data_logger: exit code: 1
cli.main: Command ran in 2.296 seconds (init: 1.040, invoke: 1.257)
telemetry.main: Begin splitting cli events and extra events, total events: 1
telemetry.client: Accumulated 0 events. Flush the clients.
telemetry.main: Finish splitting cli events and extra events, cli events: 1
telemetry.save: Save telemetry record of length 7412 in cache
telemetry.main: Begin creating telemetry upload process.
telemetry.process: Creating upload process: "/usr/bin/python3.9 /usr/lib64/az/lib/python3.9/site-packages/azure/cli/telemetry/init.py /home/vagrant/.azure"
telemetry.process: Return from creating process
telemetry.main: Finish creating telemetry upload process.
Expected behavior
data connection work
Environment Summary
azure-cli 2.51
Additional context
No response
The text was updated successfully, but these errors were encountered: