[Stream Analytics] Fix #9708: Policy isn't triggered when creating a stream analytics input#9734
Conversation
️✔️Azure CLI Extensions Breaking Change Test
|
|
Hi @william051200, |
|
Thank you for your contribution! We will review the pull request and get back to you soon. |
|
The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR. Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions). pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>
|
CodeGen Tools Feedback CollectionThank you for using our CodeGen tool. We value your feedback, and we would like to know how we can improve our product. Please take a few minutes to fill our codegen survey |
william051200
changed the title
|
There was a problem hiding this comment.
Pull request overview
Fixes az stream-analytics input create not sending authenticationMode for Blob-based inputs, which prevented Azure Policy (deny non–Managed Identity auth) from evaluating correctly.
Changes:
- Add
authentication_mode/authenticationModeserialization mappings to vendored Stream Analytics SDK models for Blob datasource/input types. - Add a scenario test that validates policy denial occurs when creating a Blob input with
authenticationMode=ConnectionString. - Update/add VCR recordings for the new test and for storage API-version drift in existing input CRUD recordings.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| src/stream-analytics/azext_stream_analytics/vendored_sdks/streamanalytics/models/_models_py3.py | Adds authenticationMode mapping/constructor plumbing for Blob datasource and Blob input models (py3 typed models). |
| src/stream-analytics/azext_stream_analytics/vendored_sdks/streamanalytics/models/_models.py | Adds authenticationMode mapping and stores the value in legacy (kwargs-based) models. |
| src/stream-analytics/azext_stream_analytics/tests/latest/test_stream_analytics_commands.py | Adds a regression scenario test for policy denial when using ConnectionString authentication mode. |
| src/stream-analytics/azext_stream_analytics/tests/latest/recordings/test_input_crud.yaml | Updates recorded Storage RP api-version used during the scenario. |
| src/stream-analytics/azext_stream_analytics/tests/latest/recordings/test_input_create_policy_violation.yaml | New recording capturing the policy assignment + denied input creation flow. |
src/stream-analytics/azext_stream_analytics/tests/latest/test_stream_analytics_commands.py
Show resolved
Hide resolved
src/stream-analytics/azext_stream_analytics/tests/latest/test_stream_analytics_commands.py
Outdated
Show resolved
Hide resolved
src/stream-analytics/azext_stream_analytics/tests/latest/test_stream_analytics_commands.py
Outdated
Show resolved
Hide resolved
necusjz
changed the title
necusjz
changed the title
|
[Release] Update index.json for extension [ stream-analytics-1.0.2 ] : https://dev.azure.com/msazure/One/_build/results?buildId=158405133&view=results |
Bug fix #9708
Added missing param
authentication_modebased on this documentation.This checklist is used to make sure that common guidelines for a pull request are followed.
Related command
az stream-analytics input createGeneral Guidelines
azdev style <YOUR_EXT>locally? (pip install azdevrequired)python scripts/ci/test_index.py -qlocally? (pip install wheel==0.30.0required)For new extensions:
About Extension Publish
There is a pipeline to automatically build, upload and publish extension wheels.
Once your pull request is merged into main branch, a new pull request will be created to update
src/index.jsonautomatically.You only need to update the version information in file setup.py and historical information in file HISTORY.rst in your PR but do not modify
src/index.json.