Skip to content

{sqlvm} Migrate validator function from calling Compute module to aaz-based implementation #32964

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
william051200 wants to merge 4 commits into
base: dev
Choose a base branch
from
+19 −18
Open

{sqlvm} Migrate validator function from calling Compute module to aaz-based implementation #32964

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a62f4e0
Migrate code
william051200 Mar 13, 2026
6c93592
Update test case recording
william051200 Mar 13, 2026
bdca8dd
Remove unused import
william051200 Mar 13, 2026
e237f0a
Merge remote-tracking branch 'origin/dev' into sqlvm-vm-migration
william051200 Mar 15, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 11 additions & 10 deletions src/azure-cli/azure/cli/command_modules/sqlvm/_validators.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -243,38 +243,39 @@ def _validate_msi_valid_on_vm(cli_ctx, namespace):
"""
logger.debug("Validate Azure AD authentication regarding the validity of the managed identity.")

from azure.cli.core.commands.client_factory import get_mgmt_service_client
from azure.cli.core.profiles import ResourceType
compute_client = get_mgmt_service_client(cli_ctx, ResourceType.MGMT_COMPUTE)
from ..vm.operations.vm import VMShow

# Retrieve the vm instance. This is a rest call to the server and deserialization afterwards
# therefore there is a greater chance to encouter an exception. Instead of poping the exception
# to the caller directly, we will throw our own InvalidArgumentValueError with more context
# information.
try:
# Azure virtual machine has the same name as the SQL VM
vm = compute_client.virtual_machines.get(namespace.resource_group_name, namespace.sql_virtual_machine_name)
vm = VMShow(cli_ctx=cli_ctx)(command_args={
'resource_group': namespace.resource_group_name,
'vm_name': namespace.sql_virtual_machine_name
})
Comment on lines +254 to +257
except Exception as ex:
raise InvalidArgumentValueError("Unable to validate Azure AD authentication due to retrieving the Azure virtual machine instance encountering an error: {}.".format(ex)) from ex

# The system-assigned MSI case.
if namespace.msi_client_id is None:
if vm.identity is None or not hasattr(vm.identity, 'principal_id') or getattr(vm.identity, 'principal_id') is None:
if vm.get('identity') is None or not vm.get('identity', {}).get('principalId'):
az_error = InvalidArgumentValueError("Enable Azure AD authentication with system-assigned managed identity but the system-assigned managed identity is not enabled on this Azure virtual machine.")
az_error.set_recommendation("Enable the system-assigned managed identity on the Azure virtual machine: {}.".format(namespace.sql_virtual_machine_name))
raise az_error

return vm.identity.principal_id
return vm['identity']['principalId']

# The user-assigned MSI case.
if vm.identity is None or not hasattr(vm.identity, 'user_assigned_identities') or getattr(vm.identity, 'user_assigned_identities') is None:
if vm.get('identity') is None or not vm.get('identity', {}).get('userAssignedIdentities'):
az_error = InvalidArgumentValueError("Enable Azure AD authentication with user-assigned managed identity {}, but the managed identity is not attached to this Azure virtual machine.".format(namespace.msi_client_id))
az_error.set_recommendation("Attach the user-assigned managed identity {} to the Azure virtual machine {}.".format(namespace.msi_client_id, namespace.sql_virtual_machine_name))
raise az_error

for umi in vm.identity.user_assigned_identities.values():
if umi.client_id == namespace.msi_client_id:
return umi.principal_id
for umi in vm['identity']['userAssignedIdentities'].keys():
if vm['identity']['userAssignedIdentities'][umi]['clientId'] == namespace.msi_client_id:
return vm['identity']['userAssignedIdentities'][umi]['principalId']
Comment on lines +276 to +278

az_error = InvalidArgumentValueError("Enable Azure AD authentication with user-assigned managed identity {}, but the managed identity is not attached to this Azure virtual machine.".format(namespace.msi_client_id))
az_error.set_recommendation("Attach the user-assigned managed identity {} to the Azure virtual machine {}.".format(namespace.msi_client_id, namespace.sql_virtual_machine_name))
Expand Down
16 changes: 8 additions & 8 deletions ...azure/cli/command_modules/sqlvm/tests/latest/recordings/test_sqlvm_aad_auth_negative.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3521,7 +3521,7 @@ interactions:
User-Agent:
- AZURECLI/2.81.0 azsdk-python-core/1.35.0 Python/3.12.10 (Windows-11-10.0.26200-SP0)
method: GET
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2024-11-01
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2025-04-01
response:
body:
string: "{\r\n \"name\": \"clisqlvm000003\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003\",\r\n
Expand Down Expand Up @@ -3611,7 +3611,7 @@ interactions:
User-Agent:
- AZURECLI/2.81.0 azsdk-python-core/1.35.0 Python/3.12.10 (Windows-11-10.0.26200-SP0)
method: GET
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2024-11-01
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2025-04-01
response:
body:
string: "{\r\n \"name\": \"clisqlvm000003\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003\",\r\n
Expand Down Expand Up @@ -4187,7 +4187,7 @@ interactions:
User-Agent:
- AZURECLI/2.81.0 azsdk-python-core/1.35.0 Python/3.12.10 (Windows-11-10.0.26200-SP0)
method: GET
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2024-11-01
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2025-04-01
response:
body:
string: "{\r\n \"name\": \"clisqlvm000003\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003\",\r\n
Expand Down Expand Up @@ -11070,7 +11070,7 @@ interactions:
User-Agent:
- AZURECLI/2.81.0 azsdk-python-core/1.35.0 Python/3.12.10 (Windows-11-10.0.26200-SP0)
method: GET
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2024-11-01
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2025-04-01
response:
body:
string: "{\r\n \"name\": \"clisqlvm000003\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003\",\r\n
Expand Down Expand Up @@ -17560,7 +17560,7 @@ interactions:
User-Agent:
- AZURECLI/2.81.0 azsdk-python-core/1.35.0 Python/3.12.10 (Windows-11-10.0.26200-SP0)
method: GET
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2024-11-01
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2025-04-01
response:
body:
string: "{\r\n \"name\": \"clisqlvm000003\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003\",\r\n
Expand Down Expand Up @@ -17650,7 +17650,7 @@ interactions:
User-Agent:
- AZURECLI/2.81.0 azsdk-python-core/1.35.0 Python/3.12.10 (Windows-11-10.0.26200-SP0)
method: GET
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2024-11-01
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2025-04-01
response:
body:
string: "{\r\n \"name\": \"clisqlvm000003\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003\",\r\n
Expand Down Expand Up @@ -18226,7 +18226,7 @@ interactions:
User-Agent:
- AZURECLI/2.81.0 azsdk-python-core/1.35.0 Python/3.12.10 (Windows-11-10.0.26200-SP0)
method: GET
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2024-11-01
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2025-04-01
response:
body:
string: "{\r\n \"name\": \"clisqlvm000003\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003\",\r\n
Expand Down Expand Up @@ -25109,7 +25109,7 @@ interactions:
User-Agent:
- AZURECLI/2.81.0 azsdk-python-core/1.35.0 Python/3.12.10 (Windows-11-10.0.26200-SP0)
method: GET
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2024-11-01
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003?api-version=2025-04-01
response:
body:
string: "{\r\n \"name\": \"clisqlvm000003\",\r\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlvm_cli_test_aad000001/providers/Microsoft.Compute/virtualMachines/clisqlvm000003\",\r\n
Expand Down
Loading