Describe the bug
When creating federated credential using only required parameters, error is given
usage error: please provide both --issuer and --subject parameters
but the issuer and subject are mentioned as optional parameters
Related command
az identity federated-credential create --name $fidName --identity-name $idName --resource-group $idResourceGroup
Errors
usage error: please provide both --issuer and --subject parameters
Issue script & Debug output
cli.knack.cli: Command arguments: ['identity', 'federated-credential', 'create', '--name', 'test-account', '--identity-name', 'deploy-test', '--resource-group', 'deployment', '--debug']
cli.knack.cli: init debug log:
Enable color in terminal.
cli.knack.cli: Event: Cli.PreExecute []
cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x1021de170>, <function OutputProducer.on_global_arguments at 0x10226f520>, <function CLIQuery.on_global_arguments at 0x1022d49d0>]
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate []
cli.azure.cli.core: Modules found from index for 'identity': ['azure.cli.command_modules.identity']
cli.azure.cli.core: Loading command modules:
cli.azure.cli.core: Name Load Time Groups Commands
cli.azure.cli.core: identity 0.010 2 11
cli.azure.cli.core: Total (1) 0.010 2 11
cli.azure.cli.core: These extensions are not installed and will be skipped: ['azext_ai_examples', 'azext_next']
cli.azure.cli.core: Loading extensions:
cli.azure.cli.core: Name Load Time Groups Commands Directory
cli.azure.cli.core: Total (0) 0.000 0 0
cli.azure.cli.core: Loaded 2 groups, 11 commands.
cli.azure.cli.core: Found a match in the command table.
cli.azure.cli.core: Raw command : identity federated-credential create
cli.azure.cli.core: Command table: identity federated-credential create
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x102e240d0>]
cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to '/Users/username/.azure/commands/2023-07-24.19-46-25.identity_federated-credential_create.49048.log'.
az_command_data_logger: command args: identity federated-credential create --name {} --identity-name {} --resource-group {} --debug
cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument..add_subscription_parameter at 0x102eba680>]
cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad []
cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument..add_ids_arguments at 0x1031fc700>, <function register_cache_arguments..add_cache_arguments at 0x1031fc790>]
cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded []
cli.knack.cli: Event: CommandInvoker.OnPreParseArgs []
cli.knack.cli: Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x10226f5b0>, <function CLIQuery.handle_query_parameter at 0x1022d4a60>, <function register_ids_argument..parse_ids_arguments at 0x1031fc670>]
cli.azure.cli.core.commands.client_factory: Getting management service client client_type=ManagedServiceIdentityClient
cli.azure.cli.core.auth.persistence: build_persistence: location='/Users/username/.azure/msal_token_cache.json', encrypt=False
cli.azure.cli.core.auth.binary_cache: load: /Users/tfidler/.azure/msal_http_cache.bin
urllib3.util.retry: Converted retries value: 1 -> Retry(total=1, connect=None, read=None, redirect=None, status=None)
msal.authority: openid_config = {'token_endpoint': 'https://login.microsoftonline.com/cdc5aeea-15c5-4db6-b079-fcadd2505dc2/oauth2/v2.0/token', 'token_endpoint_auth_methods_supported': ['client_secret_post', 'private_key_jwt', 'client_secret_basic'], 'jwks_uri': 'https://login.microsoftonline.com/cdc5aeea-15c5-4db6-b079-fcadd2505dc2/discovery/v2.0/keys', 'response_modes_supported': ['query', 'fragment', 'form_post'], 'subject_types_supported': ['pairwise'], 'id_token_signing_alg_values_supported': ['RS256'], 'response_types_supported': ['code', 'id_token', 'code id_token', 'id_token token'], 'scopes_supported': ['openid', 'profile', 'email', 'offline_access'], 'issuer': 'https://login.microsoftonline.com/cdc5aeea-15c5-4db6-b079-fcadd2505dc2/v2.0', 'request_uri_parameter_supported': False, 'userinfo_endpoint': 'https://graph.microsoft.com/oidc/userinfo', 'authorization_endpoint': 'https://login.microsoftonline.com/cdc5aeea-15c5-4db6-b079-fcadd2505dc2/oauth2/v2.0/authorize', 'device_authorization_endpoint': 'https://login.microsoftonline.com/cdc5aeea-15c5-4db6-b079-fcadd2505dc2/oauth2/v2.0/devicecode', 'http_logout_supported': True, 'frontchannel_logout_supported': True, 'end_session_endpoint': 'https://login.microsoftonline.com/cdc5aeea-15c5-4db6-b079-fcadd2505dc2/oauth2/v2.0/logout', 'claims_supported': ['sub', 'iss', 'cloud_instance_name', 'cloud_instance_host_name', 'cloud_graph_host_name', 'msgraph_host', 'aud', 'exp', 'iat', 'auth_time', 'acr', 'nonce', 'preferred_username', 'name', 'tid', 'ver', 'at_hash', 'c_hash', 'email'], 'kerberos_endpoint': 'https://login.microsoftonline.com/cdc5aeea-15c5-4db6-b079-fcadd2505dc2/kerberos', 'tenant_region_scope': 'NA', 'cloud_instance_name': 'microsoftonline.com', 'cloud_graph_host_name': 'graph.windows.net', 'msgraph_host': 'graph.microsoft.com', 'rbac_url': 'https://pas.windows.net'}
msal.application: Broker enabled? False
cli.azure.cli.core.azclierror: Traceback (most recent call last):
File "/usr/local/Cellar/azure-cli/2.50.0/libexec/lib/python3.10/site-packages/knack/cli.py", line 233, in invoke
cmd_result = self.invocation.execute(args)
File "/usr/local/Cellar/azure-cli/2.50.0/libexec/lib/python3.10/site-packages/azure/cli/core/commands/init.py", line 663, in execute
raise ex
File "/usr/local/Cellar/azure-cli/2.50.0/libexec/lib/python3.10/site-packages/azure/cli/core/commands/init.py", line 726, in _run_jobs_serially
results.append(self._run_job(expanded_arg, cmd_copy))
File "/usr/local/Cellar/azure-cli/2.50.0/libexec/lib/python3.10/site-packages/azure/cli/core/commands/init.py", line 697, in _run_job
result = cmd_copy(params)
File "/usr/local/Cellar/azure-cli/2.50.0/libexec/lib/python3.10/site-packages/azure/cli/core/commands/init.py", line 333, in call
return self.handler(*args, **kwargs)
File "/usr/local/Cellar/azure-cli/2.50.0/libexec/lib/python3.10/site-packages/azure/cli/core/commands/command_operation.py", line 121, in handler
return op(**command_args)
File "/usr/local/Cellar/azure-cli/2.50.0/libexec/lib/python3.10/site-packages/azure/cli/command_modules/identity/custom.py", line 42, in create_or_update_federated_credential
raise RequiredArgumentMissingError('usage error: please provide both --issuer and --subject parameters')
azure.cli.core.azclierror.RequiredArgumentMissingError: usage error: please provide both --issuer and --subject parameters
cli.azure.cli.core.azclierror: usage error: please provide both --issuer and --subject parameters
az_command_data_logger: usage error: please provide both --issuer and --subject parameters
cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x102e24310>]
az_command_data_logger: exit code: 1
cli.main: Command ran in 0.896 seconds (init: 0.354, invoke: 0.542)
telemetry.main: Begin splitting cli events and extra events, total events: 1
telemetry.client: Accumulated 0 events. Flush the clients.
telemetry.main: Finish splitting cli events and extra events, cli events: 1
telemetry.save: Save telemetry record of length 3664 in cache
telemetry.check: Negative: The /Users/username/.azure/telemetry.txt was modified at 2023-07-24 19:43:11.459246, which in less than 600.000000 s
Expected behavior
Federated credential is being created which is accepting the full scope of the calls
Environment Summary
azure-cli 2.50.0
core 2.50.0
telemetry 1.0.8
Extensions:
aks-preview 0.5.118
log-analytics 0.2.2
Dependencies:
msal 1.22.0
azure-mgmt-resource 23.1.0b2
Additional context
No response
Describe the bug
When creating federated credential using only required parameters, error is given
usage error: please provide both --issuer and --subject parameters
but the issuer and subject are mentioned as optional parameters
Related command
az identity federated-credential create --name $fidName --identity-name $idName --resource-group $idResourceGroup
Errors
usage error: please provide both --issuer and --subject parameters
Issue script & Debug output
cli.knack.cli: Command arguments: ['identity', 'federated-credential', 'create', '--name', 'test-account', '--identity-name', 'deploy-test', '--resource-group', 'deployment', '--debug']
cli.knack.cli: init debug log:
Enable color in terminal.
cli.knack.cli: Event: Cli.PreExecute []
cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x1021de170>, <function OutputProducer.on_global_arguments at 0x10226f520>, <function CLIQuery.on_global_arguments at 0x1022d49d0>]
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate []
cli.azure.cli.core: Modules found from index for 'identity': ['azure.cli.command_modules.identity']
cli.azure.cli.core: Loading command modules:
cli.azure.cli.core: Name Load Time Groups Commands
cli.azure.cli.core: identity 0.010 2 11
cli.azure.cli.core: Total (1) 0.010 2 11
cli.azure.cli.core: These extensions are not installed and will be skipped: ['azext_ai_examples', 'azext_next']
cli.azure.cli.core: Loading extensions:
cli.azure.cli.core: Name Load Time Groups Commands Directory
cli.azure.cli.core: Total (0) 0.000 0 0
cli.azure.cli.core: Loaded 2 groups, 11 commands.
cli.azure.cli.core: Found a match in the command table.
cli.azure.cli.core: Raw command : identity federated-credential create
cli.azure.cli.core: Command table: identity federated-credential create
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x102e240d0>]
cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to '/Users/username/.azure/commands/2023-07-24.19-46-25.identity_federated-credential_create.49048.log'.
az_command_data_logger: command args: identity federated-credential create --name {} --identity-name {} --resource-group {} --debug
cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument..add_subscription_parameter at 0x102eba680>]
cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad []
cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument..add_ids_arguments at 0x1031fc700>, <function register_cache_arguments..add_cache_arguments at 0x1031fc790>]
cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded []
cli.knack.cli: Event: CommandInvoker.OnPreParseArgs []
cli.knack.cli: Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x10226f5b0>, <function CLIQuery.handle_query_parameter at 0x1022d4a60>, <function register_ids_argument..parse_ids_arguments at 0x1031fc670>]
cli.azure.cli.core.commands.client_factory: Getting management service client client_type=ManagedServiceIdentityClient
cli.azure.cli.core.auth.persistence: build_persistence: location='/Users/username/.azure/msal_token_cache.json', encrypt=False
cli.azure.cli.core.auth.binary_cache: load: /Users/tfidler/.azure/msal_http_cache.bin
urllib3.util.retry: Converted retries value: 1 -> Retry(total=1, connect=None, read=None, redirect=None, status=None)
msal.authority: openid_config = {'token_endpoint': 'https://login.microsoftonline.com/cdc5aeea-15c5-4db6-b079-fcadd2505dc2/oauth2/v2.0/token', 'token_endpoint_auth_methods_supported': ['client_secret_post', 'private_key_jwt', 'client_secret_basic'], 'jwks_uri': 'https://login.microsoftonline.com/cdc5aeea-15c5-4db6-b079-fcadd2505dc2/discovery/v2.0/keys', 'response_modes_supported': ['query', 'fragment', 'form_post'], 'subject_types_supported': ['pairwise'], 'id_token_signing_alg_values_supported': ['RS256'], 'response_types_supported': ['code', 'id_token', 'code id_token', 'id_token token'], 'scopes_supported': ['openid', 'profile', 'email', 'offline_access'], 'issuer': 'https://login.microsoftonline.com/cdc5aeea-15c5-4db6-b079-fcadd2505dc2/v2.0', 'request_uri_parameter_supported': False, 'userinfo_endpoint': 'https://graph.microsoft.com/oidc/userinfo', 'authorization_endpoint': 'https://login.microsoftonline.com/cdc5aeea-15c5-4db6-b079-fcadd2505dc2/oauth2/v2.0/authorize', 'device_authorization_endpoint': 'https://login.microsoftonline.com/cdc5aeea-15c5-4db6-b079-fcadd2505dc2/oauth2/v2.0/devicecode', 'http_logout_supported': True, 'frontchannel_logout_supported': True, 'end_session_endpoint': 'https://login.microsoftonline.com/cdc5aeea-15c5-4db6-b079-fcadd2505dc2/oauth2/v2.0/logout', 'claims_supported': ['sub', 'iss', 'cloud_instance_name', 'cloud_instance_host_name', 'cloud_graph_host_name', 'msgraph_host', 'aud', 'exp', 'iat', 'auth_time', 'acr', 'nonce', 'preferred_username', 'name', 'tid', 'ver', 'at_hash', 'c_hash', 'email'], 'kerberos_endpoint': 'https://login.microsoftonline.com/cdc5aeea-15c5-4db6-b079-fcadd2505dc2/kerberos', 'tenant_region_scope': 'NA', 'cloud_instance_name': 'microsoftonline.com', 'cloud_graph_host_name': 'graph.windows.net', 'msgraph_host': 'graph.microsoft.com', 'rbac_url': 'https://pas.windows.net'}
msal.application: Broker enabled? False
cli.azure.cli.core.azclierror: Traceback (most recent call last):
File "/usr/local/Cellar/azure-cli/2.50.0/libexec/lib/python3.10/site-packages/knack/cli.py", line 233, in invoke
cmd_result = self.invocation.execute(args)
File "/usr/local/Cellar/azure-cli/2.50.0/libexec/lib/python3.10/site-packages/azure/cli/core/commands/init.py", line 663, in execute
raise ex
File "/usr/local/Cellar/azure-cli/2.50.0/libexec/lib/python3.10/site-packages/azure/cli/core/commands/init.py", line 726, in _run_jobs_serially
results.append(self._run_job(expanded_arg, cmd_copy))
File "/usr/local/Cellar/azure-cli/2.50.0/libexec/lib/python3.10/site-packages/azure/cli/core/commands/init.py", line 697, in _run_job
result = cmd_copy(params)
File "/usr/local/Cellar/azure-cli/2.50.0/libexec/lib/python3.10/site-packages/azure/cli/core/commands/init.py", line 333, in call
return self.handler(*args, **kwargs)
File "/usr/local/Cellar/azure-cli/2.50.0/libexec/lib/python3.10/site-packages/azure/cli/core/commands/command_operation.py", line 121, in handler
return op(**command_args)
File "/usr/local/Cellar/azure-cli/2.50.0/libexec/lib/python3.10/site-packages/azure/cli/command_modules/identity/custom.py", line 42, in create_or_update_federated_credential
raise RequiredArgumentMissingError('usage error: please provide both --issuer and --subject parameters')
azure.cli.core.azclierror.RequiredArgumentMissingError: usage error: please provide both --issuer and --subject parameters
cli.azure.cli.core.azclierror: usage error: please provide both --issuer and --subject parameters
az_command_data_logger: usage error: please provide both --issuer and --subject parameters
cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x102e24310>]
az_command_data_logger: exit code: 1
cli.main: Command ran in 0.896 seconds (init: 0.354, invoke: 0.542)
telemetry.main: Begin splitting cli events and extra events, total events: 1
telemetry.client: Accumulated 0 events. Flush the clients.
telemetry.main: Finish splitting cli events and extra events, cli events: 1
telemetry.save: Save telemetry record of length 3664 in cache
telemetry.check: Negative: The /Users/username/.azure/telemetry.txt was modified at 2023-07-24 19:43:11.459246, which in less than 600.000000 s
Expected behavior
Federated credential is being created which is accepting the full scope of the calls
Environment Summary
azure-cli 2.50.0
core 2.50.0
telemetry 1.0.8
Extensions:
aks-preview 0.5.118
log-analytics 0.2.2
Dependencies:
msal 1.22.0
azure-mgmt-resource 23.1.0b2
Additional context
No response