az network private-endpoint-connection list fails for Private Link Service resources
See original GitHub issueThis is autogenerated. Please review and update as needed.
Describe the bug
Command Name
az network private-endpoint-connection list
Errors:
Resource type must be one of Microsoft.Batch/batchAccounts, Microsoft.Automation/automationAccounts, Microsoft.Authorization/resourceManagementPrivateLinks, Microsoft.AppConfiguration/configurationStores, Microsoft.BotService/botServices, Microsoft.Cache/Redis, Microsoft.CognitiveServices/accounts, Microsoft.Compute/diskAccesses, Microsoft.ContainerRegistry/registries, Microsoft.DBforMySQL/servers, Microsoft.DBforMariaDB/servers, Microsoft.DBforPostgreSQL/servers, Microsoft.Devices/IotHubs, Microsoft.DocumentDB/databaseAccounts, Microsoft.DigitalTwins/digitalTwinsInstances, Microsoft.EventGrid/topics, Microsoft.EventGrid/domains, Microsoft.EventHub/namespaces, Microsoft.HDInsight/clusters, Microsoft.HealthcareApis/services, microsoft.insights/privateLinkScopes, Microsoft.KeyVault/managedHSMs, Microsoft.Keyvault/vaults, Microsoft.MachineLearningServices/workspaces, Microsoft.Media/mediaservices, Microsoft.Network/applicationGateways, Microsoft.Purview/accounts, Microsoft.PowerBI/privateLinkServicesForPowerBI, Microsoft.Search/searchServices, Microsoft.ServiceBus/namespaces, Microsoft.SignalRService/signalr, Microsoft.Sql/servers, Microsoft.Storage/storageAccounts, Microsoft.StorageSync/storageSyncServices, Microsoft.Synapse/workspaces, Microsoft.Web/sites, Microsoft.Web/hostingEnvironments, Microsoft.SignalRService/WebPubSub
To Reproduce:
Steps to reproduce the behavior. Note that argument values have been redacted, as they may contain sensitive information.
- Deploy a Private Link Service resource and create a private endpoint that needs approval. An easy way to do this is to deploy this sample:
az group deployment create -g MyResourceGroup --template-uri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.network/front-door-premium-vm-private-link/azuredeploy.json
- Get the resource ID of the Private Link Service resource.
az network private-endpoint-connection list --id resource-id-of-private-link-service
Expected Behavior
This should return a list of private endpoint connections that are associated with the Private Link Service resource.
Note that this behaves correctly for resources like Azure Storage accounts, App Service apps, etc.
Also, note that the same problem here happens when approving connections by using the az network private-endpoint-connection approve
command.
Environment Summary
macOS-12.1-arm64-arm-64bit, Darwin 21.2.0
Python 3.10.1
Installer: HOMEBREW
azure-cli 2.32.0
Extensions:
azure-devops 0.22.0
Dependencies:
msal 1.16.0
azure-mgmt-resource 20.0.0
Additional Context
Issue Analytics
- State:
- Created 2 years ago
- Reactions:1
- Comments:11 (8 by maintainers)
Top Results From Across the Web
Diagnose private links configuration issues on Azure Key Vault
Open the Private DNS Zone resource and click the Virtual network links option in the left menu. This will show a list of...
Read more >June 2021 – baeke.info
To do so, first list the private endpoint connections of your resource, in my case that is a web app: az network private-endpoint-connection...
Read more >Azure Synapse Private Endpoint Approve - Stack Overflow
Terraform Script called to create resource (code snippet 1); Another YAML file executed to approve endpoints using inline Bash (code snippet 2).
Read more >azure-cli 2.23.0 - PyPI
az network private -link-resource list : support more providers for –type (#17731). Packaging ... az ssh vm : Support VM SSH with Service...
Read more >Azure Private Link :: TigerGraph Cloud
Setting up Private Link on Azure. ... az network private-endpoint \ create -g resource-group \ -n private-endpoint \ --vnet-name <vnet> \ --subnet <subnet> ......
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Hi @simonesavi, I have no way to repeat your question, please provide specific command steps. Or you can try the following command steps: az network vnet create -g {rg} -n {vnet_name} --subnet-name {subnet_name}
az network vnet subnet update -g {rg} --vnet-name {vnet_name} --name {subnet_name} --disable-private-endpoint-network-policies true
storage_id = az storage account create --name {account_name} --resource-group {rg} --query “[].id” -o tsv
group_id = az network private-link-resource list --id {storage_id} --query “[].properties.groupId” -o tsv
az network private-endpoint create -g {rg} -n {endpoint_name} --vnet-name {vnet_name} --subnet {subnet_name} --private-connection-resource-id {storage_id} --connection-name {endpoint_connection_name} --group-id {group_id} --manual-request
private-endpoint-connection-id = az network private-endpoint-connection list --id {storage_id} --query “[].id” -o tsv
az network private-endpoint-connection approve --id {private-endpoint-connection-id} --description “Approved”
@YuanyuanNi I don’t think that’s accurate. If I deploy a storage account with a private endpoint, then I can run
And it successfully returns a list of private endpoint connections for that storage account.
My feedback here is that it should behave the same way when I run the command and provide a Private Link Service resource ID.
(Note that your comment would be correct for other commands, such as
az network private-endpoint-connection approve
, but not forlist
.)