[BUG] Unable to set tenant id when creating a key vault resource
See original GitHub issueDescribe the bug
When creating an Azure KeyVault in an empty resource group, an Unrecognized Guid format.
exception is thrown. After some debugging and investigation I found that the TenantId
of the vault object is not set.
Exception or Stack Trace
System.FormatException
HResult=0x80131537
Message=Unrecognized Guid format.
Source=System.Private.CoreLib
StackTrace:
System.Guid.GuidResult.SetFailure(bool, string)
System.Guid.TryParseGuid(System.ReadOnlySpan<char>, ref System.Guid.GuidResult)
System.Guid.Parse(string)
Microsoft.Azure.Management.KeyVault.Fluent.VaultsImpl.WrapModel(string)
Microsoft.Azure.Management.KeyVault.Fluent.VaultsImpl.Define(string)
Microsoft.Azure.Management.KeyVault.Fluent.VaultsImpl.Microsoft.Azure.Management.ResourceManager.Fluent.Core.CollectionActions.ISupportsCreating<Microsoft.Azure.Management.KeyVault.Fluent.Vault.Definition.IBlank>.Define(string)
...
[Call Stack Truncated]
To Reproduce I run this code in an .NET Core 3.1 console application inside Visual Studio 16.4.1
Code Snippet
AzureServiceTokenProvider azureServiceTokenProvider = new AzureServiceTokenProvider();
string accessToken = await azureServiceTokenProvider.GetAccessTokenAsync("https://management.core.windows.net/", "<MyTenantId>");
TokenCredentials tokenCredential = new TokenCredentials(accessToken);
AzureCredentials azureCredential = new AzureCredentials(tokenCredential, tokenCredential, string.Empty, AzureEnvironment.AzureGlobalCloud);
IAzure azure = Azure.Authenticate(azureCredential).WithSubscription("<mySubscriptionId>");
await azure.Vaults.Define("MyVaultName")
.WithRegion(Region.EuropeWest)
.WithExistingResourceGroup("MyResourceGroupName")
.WithEmptyAccessPolicy()
.CreateAsync();
Expected behavior
I would expect that the tenant ID is inferred from the current subscription context of the IAzure
object or that it can be set with some .Define()
properties or actions.
Screenshots – none –
Setup (please complete the following information):
- OS: Windows 10 1809 on my local development machine
- IDE : Visual Studio 2019 16.4.1
- Version of the Library
- NuGet package Microsoft.Azure.Management.Fluent 1.29.0
- NuGet package Microsoft.Azure.Services.AppAuthentication 1.3.1
Additional context
My Azure AD account assigned with Visual Studio (Azure Service Authentication) is owner of the target subscription. This account is owner of subscriptions for multiple tenants, that is the reason why I need to specify the tenant id within the GetAccessTokenAsync
method.
Information Checklist Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report
- Bug Description Added
- Repro Steps Added
- Setup information Added
Issue Analytics
- State:
- Created 4 years ago
- Reactions:1
- Comments:7 (2 by maintainers)
Top GitHub Comments
@Andreas-Lehmann @ArnimSchinz Sorry for late response. It looks you didn’t set the tenant ID correctly.
AzureCredentials azureCredential = new AzureCredentials(tokenCredential, tokenCredential, string.Empty, AzureEnvironment.AzureGlobalCloud);
Please refer this. I think you can replace the
string.Empty
with your tenant ID.And also, you may check AUTH.md and AzureCredentialsFactory if any existing method could help you build credential more easily. Thanks.
Great seems to work that way. Thanks for your help.