Azcli fails to create FrontDoor WAF Policy

[alsastre]

Describe the bug

Command Name
az network front-door waf-policy create Extension Name: front-door. Version: 1.0.17.
az-cli fails to create the azure front-door WAF policy with the latest version.

Errors:

(BadRequest) WebApplicationFirewallPolicy validation failed. More information "Policy ArmResourceId has incorrect formatting".
Code: BadRequest
Message: WebApplicationFirewallPolicy validation failed. More information "Policy ArmResourceId has incorrect formatting".

Debug logs (With confidential data removed):

cli.azure.cli.core.sdk.policies: Request URL: 'https://management.azure.com/subscriptions/XXXXX/resourceGroups/XXXXXX/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/XXXXXXX?api-version=2020-11-01'
cli.azure.cli.core.sdk.policies: Request method: 'PUT'
cli.azure.cli.core.sdk.policies: Request headers:
cli.azure.cli.core.sdk.policies:     'Content-Type': 'application/json'
cli.azure.cli.core.sdk.policies:     'Accept': 'application/json'
cli.azure.cli.core.sdk.policies:     'Content-Length': '230'
cli.azure.cli.core.sdk.policies:     'x-ms-client-request-id': 'XXXXXXXX'
cli.azure.cli.core.sdk.policies:     'CommandName': 'network front-door waf-policy create'
cli.azure.cli.core.sdk.policies:     'ParameterSetName': '--name --resource-group --mode --sku --request-body-check --debug'
cli.azure.cli.core.sdk.policies:     'User-Agent': 'AZURECLI/2.43.0 (HOMEBREW) azsdk-python-mgmt-frontdoor/1.0.0 Python/3.10.8 (macOS-12.6.1-x86_64-i386-64bit)'
cli.azure.cli.core.sdk.policies:     'Authorization': '*****'
cli.azure.cli.core.sdk.policies: Request body:
cli.azure.cli.core.sdk.policies: {"location": "global", "sku": {"name": "Premium_AzureFrontDoor"}, "properties": {"policySettings": {"enabledState": "Enabled", "mode": "Detection", "requestBodyCheck": "Enabled"}, "customRules": {"rules": []}, "managedRules": {}}}
urllib3.connectionpool: Starting new HTTPS connection (1): management.azure.com:443
urllib3.connectionpool: https://management.azure.com:443 "PUT /subscriptions/XXXXX/resourceGroups/XXXXXX/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/XXXXXXX?api-version=2020-11-01 HTTP/1.1" 400 179
cli.azure.cli.core.sdk.policies: Response status: 400
cli.azure.cli.core.sdk.policies: Response headers:
....
cli.azure.cli.core.sdk.policies: Response content:
cli.azure.cli.core.sdk.policies: {
  "error": {
    "code": "BadRequest",
    "message": "WebApplicationFirewallPolicy validation failed. More information \"Policy ArmResourceId has incorrect formatting\"."
  }
}

To Reproduce:

Steps to reproduce the behaviour. Note that argument values have been redacted, as they may contain sensitive information.

• az network front-door waf-policy create --name {} --resource-group {} --mode {} --sku {} --request-body-check {} --debug

Expected Behavior

Front door policy is created

Environment Summary

macOS-12.6.1-x86_64-i386-64bit, Darwin 21.6.0
Python 3.10.8
Installer: HOMEBREW

azure-cli 2.43.0

Extensions:
front-door 1.0.17
azure-firewall 0.14.4
log-analytics-solution 0.1.1
aks-preview 0.5.118
logic 0.1.6
azure-devops 0.25.0
storage-preview 0.8.3
sentinel 0.2.0
ssh 1.1.3
log-analytics 0.2.2
scheduled-query 0.5.1

Dependencies:
msal 1.20.0
azure-mgmt-resource 21.1.0b1

Additional Context

Thank you for your feedback. This has been routed to the support team for assistance.

[yonzhan]

route to CXP team

[navba-MSFT]

@alsastre Thanks for reaching out to us and reporting this issue. We are looking into this issue and we will provide an update.

[navba-MSFT]

@alsastre

To manage Azure Front Door Standard/Premium resource, use az afd CLI command.

To manage Classic Azure Front Door resource, use az network front-door CLI command.