Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
`az vm format-secret` fails with error `Parameter ‘resource_group_name’ can not be None.`
See original GitHub issueEnvironment summary
Install Method: How did you install the CLI? (e.g. pip, interactive script, apt-get, Docker, MSI, nightly)
Docker: docker run -v ${HOME}:/root -it azuresdk/azure-cli-python:latest
CLI Version: What version of the CLI and modules are installed? (Use az --version)
azure-cli (2.0.2+dev)
acr (2.0.0+dev) acs (2.0.2+dev) appservice (0.1.2+dev) batch (2.0.0+dev) cloud (2.0.0+dev) component (2.0.0+dev) configure (2.0.2+dev) container (0.1.2+dev) core (2.0.2+dev) dla (0.0.1+dev) dls (0.0.1+dev) documentdb (0.1.2+dev) feedback (2.0.0+dev) find (0.0.1b1+dev) iot (0.1.2+dev) keyvault (2.0.0+dev) lab (0.0.1+dev) monitor (0.0.1+dev) network (2.0.2+dev) nspkg (2.0.0+dev) profile (2.0.2+dev) redis (0.1.1b3+dev) resource (2.0.2+dev) role (2.0.1+dev) sql (2.0.0+dev) storage (2.0.2+dev) taskhelp (0.1.1b4+dev) vm (2.0.2+dev)
Python (Linux) 3.5.2 (default, Dec 27 2016, 21:33:11) [GCC 5.3.0]
OS Version: What OS and version are you using?
Alpine 3.4.6
Shell Type: What shell are you using? (e.g. bash, cmd.exe, Bash on Windows)
GNU bash, version 4.3.42(1)-release (x86_64-alpine-linux-musl)
Description
I’m following through the steps add a secret from Key Vault when creating a VM. The steps as indicated in various parts of the CLI help and ref content should be:
az keyvault create --resource-group resourcegroupname --name vaultname --enabled-for-deployment
az keyvault certificate create --vault-name vaultname -n cert1 \
-p "$(az keyvault certificate get-default-policy)"
secrets=$(az keyvault secret list-versions --vault-name vaultname \
-n cert1 --query "[?attributes.enabled].id" -o tsv)
vm_secrets=$(az vm format-secret -s "$secrets")
az vm create -g group-name -n vm-name --admin-username deploy \
--image debian --secrets "$vm_secrets"
When it comes to az vm format-secret, I receive the error: Parameter ‘resource_group_name’ can not be None.. I can’t see anything in the commands that have me define a resource group, other than when you first create the Key Vault.
$secrets is defined:
echo $secrets
https://mykeyvault9780.vault.azure.net/secrets/myCert/5e7e56fa361a45b1bdb7bfb61c8b2d0b
Full debug output:
bash-4.3# az vm format-secret --secrets $secrets --debug
Command arguments [‘vm’, ‘format-secret’, ‘--secrets’, ’https://mykeyvault9780.vault.azure.net/secrets/myCert/5e7e56fa361a45b1bdb7bfb61c8b2d0b']
Current active cloud ‘AzureCloud’
{‘active_directory’: ‘https://login.microsoftonline.com’,
‘active_directory_graph_resource_id’: ‘https://graph.windows.net/’,
‘active_directory_resource_id’: ‘https://management.core.windows.net/’,
‘batch_resource_id’: None,
‘gallery’: ‘https://gallery.azure.com/’,
‘management’: ‘https://management.core.windows.net/’,
‘resource_manager’: ‘https://management.azure.com/’,
‘sql_management’: ‘https://management.core.windows.net:8443/’}
{‘azure_datalake_analytics_catalog_and_job_endpoint’: ‘azuredatalakeanalytics.net’,
‘azure_datalake_store_file_system_endpoint’: ‘azuredatalakestore.net’,
‘keyvault_dns’: ‘.vault.azure.net’,
‘sql_server_hostname’: ‘.database.windows.net’,
‘storage_endpoint’: ‘core.windows.net’}
Registered application event handler ‘CommandTableParams.Loaded’ at <function add_id_parameters at 0x7f5b4c539f28>
Registered application event handler ‘CommandTable.Loaded’ at <function add_id_parameters at 0x7f5b4c539f28>
Successfully loaded command table from module ‘vm’.
Application event ‘CommandTable.Loaded’ with event data {‘command_table’: {‘vm format-secret’: <azure.cli.core.commands.CliCommand object at 0x7f5b4c52ba20>}}
Application event ‘CommandParser.Loaded’ with event data {‘parser’: AzCliCommandParser(prog=‘az’, usage=None, description=None, formatter_class=<class ‘argparse.HelpFormatter’>, conflict_handler=‘error’, add_help=True)}
Application event ‘CommandTableParams.Loaded’ with event data {‘command_table’: {‘vm format-secret’: <azure.cli.core.commands.CliCommand object at 0x7f5b4c52ba20>}}
Application event ‘CommandParser.Parsed’ with event data {‘command’: ‘vm format-secret’, ‘args’: Namespace(_command_package=‘vm’, _jmespath_query=None, _log_verbosity_debug=False, _log_verbosity_verbose=False, _output_format=‘json’, _parser=AzCliCommandParser(prog=‘az vm format-secret’, usage=None, description=‘Format secrets to be used in `az vm create --secrets`’, formatter_class=<class ‘argparse.HelpFormatter’>, conflict_handler=‘error’, add_help=True), _validators=[], certificate_store=None, command=‘vm format-secret’, func=<function create_ [...]
Getting management service client client_type=KeyVaultManagementClient
msrest.pipeline : Adding ‘log_request’ callback before event: ‘request’
msrest.pipeline : Callback to overwrite original call: False
msrest.pipeline : Adding ‘log_response’ callback after event: ‘response’
msrest.pipeline : Callback to overwrite original call: False
Getting management service client client_type=KeyVaultManagementClient
msrest.pipeline : Adding ‘log_request’ callback before event: ‘request’
msrest.pipeline : Callback to overwrite original call: False
msrest.pipeline : Adding ‘log_response’ callback after event: ‘response’
msrest.pipeline : Callback to overwrite original call: False
adal-python : 41f7dd6a-7e13-458a-9461-32437bfbd54f - Authority:Performing instance discovery: https://login.microsoftonline.com/a4442dcc-ce0e-4940-a367-3029b469f0e5
adal-python : 41f7dd6a-7e13-458a-9461-32437bfbd54f - Authority:Performing static instance discovery
adal-python : 41f7dd6a-7e13-458a-9461-32437bfbd54f - Authority:Authority validated via static instance discovery
adal-python : 41f7dd6a-7e13-458a-9461-32437bfbd54f - TokenRequest:Getting token from cache with refresh if necessary.
adal-python : 41f7dd6a-7e13-458a-9461-32437bfbd54f - OAuth2Client:finding with query: {“userId”: “i_foulds@live.com”, “_clientId”: “04b07795-8ddb-461a-bbee-02f9e1bf7b46"}
adal-python : 41f7dd6a-7e13-458a-9461-32437bfbd54f - OAuth2Client:Looking for potential cache entries:
adal-python : 41f7dd6a-7e13-458a-9461-32437bfbd54f - OAuth2Client:{“userId”: “i_foulds@live.com”, “_clientId”: “04b07795-8ddb-461a-bbee-02f9e1bf7b46"}
adal-python : 41f7dd6a-7e13-458a-9461-32437bfbd54f - OAuth2Client:Found 4 potential entries.
adal-python : 41f7dd6a-7e13-458a-9461-32437bfbd54f - OAuth2Client:Resource specific token found.
adal-python : 41f7dd6a-7e13-458a-9461-32437bfbd54f - OAuth2Client:Returning token from cache lookup, AccessTokenId: b’MqjdOlWQCE29wpKQ75otCiN7o7SUEQhrU7T08BSJa8M=‘, RefreshTokenId: b’vTxz8td408Z0YP/0aj1wL3IR3kOXlwZW0DxqD5KnrUs=’
msrest.pipeline : Configuring request: timeout=100, verify=True, cert=None
msrest.pipeline : Configuring redirects: allow=True, max=30
msrest.pipeline : Configuring proxies: ‘’
msrest.pipeline : Evaluate proxies against ENV settings: True
msrest.pipeline : Configuring retry: max_retries=3, backoff_factor=0.8, max_backoff=90
msrest.http_logger : Request URL: ‘https://management.azure.com/subscriptions/<snip>/resources?$filter=resourceType%20eq%20%27Microsoft.KeyVault%2Fvaults%27&api-version=2015-11-01’
msrest.http_logger : Request method: ‘GET’
msrest.http_logger : Request headers:
msrest.http_logger : ‘User-Agent’: ‘python/3.5.2 (Linux-4.9.12-moby-x86_64-with) requests/2.13.0 msrest/0.4.7 msrest_azure/0.4.7 keyvaultmanagementclient/0.30.0 Azure-SDK-For-Python AZURECLI/2.0.2+dev’
msrest.http_logger : ‘Connection’: ‘keep-alive’
msrest.http_logger : ‘Accept-Encoding’: ‘gzip, deflate’
msrest.http_logger : ‘Accept’: ‘application/json’
msrest.http_logger : ‘Authorization’: ‘*****’
msrest.http_logger : ‘x-ms-client-request-id’: ‘d8127b9e-1ef2-11e7-bbd5-0242ac110002’
msrest.http_logger : ‘CommandName’: ‘vm format-secret’
msrest.http_logger : ‘Content-Type’: ‘application/json; charset=utf-8’
msrest.http_logger : ‘accept-language’: ‘en-US’
msrest.http_logger : Request body:
msrest.http_logger : None
requests.packages.urllib3.connectionpool : Starting new HTTPS connection (1): management.azure.com
requests.packages.urllib3.connectionpool : https://management.azure.com:443 “GET /subscriptions/<snip>/resources?$filter=resourceType%20eq%20%27Microsoft.KeyVault%2Fvaults%27&api-version=2015-11-01 HTTP/1.1” 200 305
msrest.http_logger : Response status: 200
msrest.http_logger : Response headers:
msrest.http_logger : ‘Cache-Control’: ‘no-cache’
msrest.http_logger : ‘Pragma’: ‘no-cache’
msrest.http_logger : ‘Content-Type’: ‘application/json; charset=utf-8’
msrest.http_logger : ‘Content-Encoding’: ‘gzip’
msrest.http_logger : ‘Expires’: ‘-1’
msrest.http_logger : ‘Vary’: ‘Accept-Encoding’
msrest.http_logger : ‘x-ms-ratelimit-remaining-subscription-reads’: ‘14999’
msrest.http_logger : ‘x-ms-request-id’: ‘fd5a10bc-04a6-4185-a915-8bc6a89d8221’
msrest.http_logger : ‘x-ms-correlation-request-id’: ‘fd5a10bc-04a6-4185-a915-8bc6a89d8221’
msrest.http_logger : ‘x-ms-routing-request-id’: ‘WESTUS:20170411T201002Z:fd5a10bc-04a6-4185-a915-8bc6a89d8221’
msrest.http_logger : ‘Strict-Transport-Security’: ‘max-age=31536000; includeSubDomains’
msrest.http_logger : ‘Date’: ‘Tue, 11 Apr 2017 20:10:02 GMT’
msrest.http_logger : ‘Content-Length’: ‘305’
msrest.http_logger : Response content:
msrest.http_logger : b’{“value”:[{“id”:“/subscriptions/<snip>/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myKeyVault18265",“name”:“myKeyVault18265",“type”:“Microsoft.KeyVault/vaults”,“location”:“westus”,“tags”:{}},{“id”:“/subscriptions/<snip>/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myKeyVault9780”,“name”:“myKeyVault9780”,“type”:“Microsoft.KeyVault/vaults”,“location”:“westus”,“tags”:{}}]}'
msrest.exceptions : Parameter ‘resource_group_name’ can not be None.
Parameter ‘resource_group_name’ can not be None.
This behavior also replicates on another machine that was installed from latest interactive script rather than Docker image:
'User-Agent': 'python/2.7.6 (Linux-3.4.0+-x86_64-with-Ubuntu-14.04-trusty) requests/2.13.0 msrest/0.4.7 msrest_azure/0.4.7 keyvaultmanagementclient/0.30.0 Azure-SDK-For-Python AZURECLI/2.0.2'
Issue Analytics
- State:
- Created 6 years ago
- Comments:16 (10 by maintainers)
Top Results From Across the Web
Resource not found errors - Azure Resource Manager
Describes how to resolve errors when a resource can't be found. The error might occur when you deploy a Bicep file or Azure...
Read more >Failed to start virtual machine 'xxxx'. Error: The Key Vault ...
Now I can't start my virtual machines and this error message appears. Failed to start virtual machine 'xxxx'. Error: The Key Vault secret...
Read more >Azure Powershell task 4.* failing for Export-AzResourceGroup ...
I am trying to use inline script in Azure Powershell task 4.* but it is failing with error "##[error]Cannot bind parameter because parameter...
Read more >How to restore Azure Virtual Machines from snapshots
If the upgrade fails on an Azure environment, you can follow the ... VM information $vm= Get-AzVM -ResourceGroupName resourceGroupName -Name ...
Read more >How to fetch resource group name( with pattern matching ...
How can i do it. I tried with az group list -n '***kafka'. validation error: Parameter 'resource_group_name' must conform to the ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@squillace Secrets are dropped in to
/var/lib/waagenton the VM. For this example, you get a .crt and .prv placed there.close stable issue. feel free to create new issue if any error met. thanks.