Describe the bug
It appears that Azure policy assignments can have names which are longer than 64 characters. The portal workflow allows this, and the resulting assignments seem to work just fine. Even so, az policy assignment create enforces a 64 character limit on --name, failing with InvalidPolicyAssignmentName when the constraint is not satisfied.
If the Azure Policy service really wants this restriction, it should be applied across all admin surfaces (portal, REST, etc.), not specific to Azure CLI. If the Azure Policy service does not really need this restriction (which appears to be the case), then the spurious constraint should be removed from Azure CLI. Either way, it should be consistent across admin surfaces.
Related command
az policy assignment create
Errors
(InvalidPolicyAssignmentName) The policy assignment name 'My demo assignment of [Preview]: Azure security baseline for Linux (powered by OSConfig)' is invalid. The policy assignment name length must not exceed '64' characters.
Code: InvalidPolicyAssignmentName
Message: The policy assignment name 'My demo assignment of [Preview]: Azure security baseline for Linux (powered by OSConfig)' is invalid. The policy assignment name length must not exceed '64' characters.
Issue script & Debug output
N/A. Seems to be a mismatched or obsolete funcitonal requirement rather than a debugging situation.
Expected behavior
Azure policy assignments can have a name which is longer than 64 characters. The portal workflow allows this, and the resulting assignments seem to work just fine. Even so, az policy assignment create enforces a 64 character limit on --name.
If the back end service really wants this restriction it should be applied across all admin surfaces, not specific to CLI. If the back-end service does not really need this restriction, it should be removed from CLI. Either way, it should be consistent.
Environment Summary
azure-cli 2.61.0 *
core 2.61.0 *
telemetry 1.1.0
Dependencies:
msal 1.28.0
azure-mgmt-resource 23.1.1
Python location 'C:\Program Files\Microsoft SDKs\Azure\CLI2\python.exe'
Extensions directory 'C:\Users\mreyn.azure\cliextensions'
Python (Windows) 3.11.8 (tags/v3.11.8:db85d51, Feb 6 2024, 22:03:32) [MSC v.1937 64 bit (AMD64)]
Legal docs and information: aka.ms/AzureCliLegal
Additional context
No response
Describe the bug
It appears that Azure policy assignments can have names which are longer than 64 characters. The portal workflow allows this, and the resulting assignments seem to work just fine. Even so,
az policy assignment createenforces a 64 character limit on--name, failing withInvalidPolicyAssignmentNamewhen the constraint is not satisfied.If the Azure Policy service really wants this restriction, it should be applied across all admin surfaces (portal, REST, etc.), not specific to Azure CLI. If the Azure Policy service does not really need this restriction (which appears to be the case), then the spurious constraint should be removed from Azure CLI. Either way, it should be consistent across admin surfaces.
Related command
az policy assignment createErrors
(InvalidPolicyAssignmentName) The policy assignment name 'My demo assignment of [Preview]: Azure security baseline for Linux (powered by OSConfig)' is invalid. The policy assignment name length must not exceed '64' characters.
Code: InvalidPolicyAssignmentName
Message: The policy assignment name 'My demo assignment of [Preview]: Azure security baseline for Linux (powered by OSConfig)' is invalid. The policy assignment name length must not exceed '64' characters.
Issue script & Debug output
N/A. Seems to be a mismatched or obsolete funcitonal requirement rather than a debugging situation.
Expected behavior
Azure policy assignments can have a name which is longer than 64 characters. The portal workflow allows this, and the resulting assignments seem to work just fine. Even so,
az policy assignment createenforces a 64 character limit on--name.If the back end service really wants this restriction it should be applied across all admin surfaces, not specific to CLI. If the back-end service does not really need this restriction, it should be removed from CLI. Either way, it should be consistent.
Environment Summary
azure-cli 2.61.0 *
core 2.61.0 *
telemetry 1.1.0
Dependencies:
msal 1.28.0
azure-mgmt-resource 23.1.1
Python location 'C:\Program Files\Microsoft SDKs\Azure\CLI2\python.exe'
Extensions directory 'C:\Users\mreyn.azure\cliextensions'
Python (Windows) 3.11.8 (tags/v3.11.8:db85d51, Feb 6 2024, 22:03:32) [MSC v.1937 64 bit (AMD64)]
Legal docs and information: aka.ms/AzureCliLegal
Additional context
No response