英文:
Why can I not query this Azure AD app registration created by Terraform via AZCLI?
问题
我通过Terraform创建了一个Azure AD应用程序注册。
我可以在Azure控制台中看到它,也可以看到它有一个客户端和对象ID。我正在尝试通过AZCLI获取客户端ID以自动化一些无关的操作。但是,我完全无法通过AZCLI查询此应用程序。
我通过Terraform创建了以下内容:
resource "azuread_application" "test" {
display_name = "something-something-microsoft"
}
然后我尝试执行以下命令:
$ az ad sp list --display-name something-something-microsoft
[]
$ az ad sp show --id d5f75adb-XXXX-XXXX-XXXX-1473334f1386
Resource 'd5f75adb-XXXX-XXXX-XXXX-1473334f1386' does not exist or one of its queried reference-property objects are not present.
我在CLI和UI中都位于同一订阅和租户中。
当我通过UI完全相同的方式操作时,它会奇迹般地起作用。
通过UI和通过Terraform创建的应用程序不同,但是当我手动编辑由Terraform创建的应用程序以包含所有相同的选项,使其完全相同时,我仍然无法通过AZCLI查询它。
当我尝试筛选应用程序的整个列表时,我也无法找到应用程序注册
az ad sp list --all | jq '.[].displayName' | grep something
我真的不明白为什么,我已经试图解决这个问题整整一天了。我已经筋疲力尽了。
英文:
I made an Azure AD App registration via Terraform.
I can see it via the Azure console and I can see it has a client and object ID. I'm trying to get the client ID via the AZCLI to automate something unrelated. However, I am completely unable to query this application via the AZCLI.
I created the following via Terraform:
resource "azuread_application" "test" {
display_name = "something-something-microsoft"
}
Then I try to execute the following commands:
$ az ad sp list --display-name something-something-microsoft
[]
$ az ad sp show --id d5f75adb-XXXX-XXXX-XXXX-1473334f1386
Resource 'd5f75adb-XXXX-XXXX-XXXX-1473334f1386' does not exist or one of its queried reference-property objects are not present.
I am in the same subscription and tenant in both the CLI and the UI.
When I do the exact same thing via the UI, it magically does work.
The applications made from the UI and via Terraform differ, however when I edit the one created by Terraform manually to contain all the same options, making it EXACTLY the same, I'm STILL not able to query it via AZCLI.
When I try to filter the entire list of application I am also unable to find the app registration
az ad sp list --all | jq '.[].displayName' | grep something
I honestly don't understand why and I've been trying to figure this out for the better part of this entire day. I'm at my wits end.
答案1
得分: 0
I tried to fetch Azure AD app registration created by Terraform via AZCLI and I was able to do it successfully.
我尝试通过 AZCLI 获取由 Terraform 创建的 Azure AD 应用程序注册表,并成功完成。
I tried provisioning an application using terraform as mentioned.
我尝试使用 Terraform 进行应用程序的配置,如下所述。
main.tf
provider "azurerm" {
features {}
subscription_id = ""
client_id = ""
tenant_id = ""
client_secret = ""
}
resource "azuread_application" "test" {
display_name = "something-something-microsoft"
}
Output:
step terraform_apply
Resource application in portal:
Initially tired with the command as mentioned in the query and I ended up facing the same error.
最初尝试使用查询中提到的命令,结果遇到了相同的错误。
The main cause for the error is the commands used in CLI.
错误的主要原因是在 CLI 中使用的命令。
$ az ad sp list --display-name <name>
$ az ad sp show --id <id>
$ az ad sp list --all | jq '.[].displayName' | grep <name>
But as per the query we are trying to fetch the data of the application which we create using terraform not the service principal as we cannot create one using terraform.
但根据查询,我们尝试获取使用 Terraform 创建的应用程序的数据,而不是服务主体,因为无法使用 Terraform 创建服务主体。
So, for the cases where we created an application using terraform and try to fetch the details using CLI we need to run the commands mentioned in the Document.
因此,在我们使用 Terraform 创建应用程序并尝试使用 CLI 获取详细信息的情况下,我们需要运行文档中提到的命令。
The commandlets supposed to be as mentioned.
应该如下所示的 commandlets。
az ad app show --id <id>
&
az ad app list --display-name <name>
Output in CLI:
&
英文:
> I tried to fetch Azure AD app registration created by Terraform via AZCLI and I was able to do it successfully.
I tried provisioning an application using terraform as mentioned.
main.tf
provider "azurerm" {
features {}
subscription_id = " "
client_id = " "
tenant_id = " "
client_secret = " "
}
resource "azuread_application" "test" {
display_name = "something-something-microsoft"
}
Output:
step terraform_apply
Resource application in portal:
Initially tired with the command as mentioned in the query and I ended up facing the same error.
The main cause for the error is the commands used in CLI.
$ az ad sp list --display-name <>
$ az ad sp show --id <>
$ az ad sp list --all | jq '.[].displayName' | grep <>
But as per the query we are trying to fetch the data of the application which we create using terraform not the service principal as we cannot create one using terraform.
So, for the cases where we created an application using terraform and try to fetch the details using CLI we need to run the commands mentioned in the Document.
The commandlets supposed to be as mentioned.
az ad app show --id <>
&
az ad app list --display-name <>
Output in CLI:
&
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论