Skip to content

az storage account update / show not returning correct value for useSubdomainName and causing Domain error. #23870

Open
Open
az storage account update / show not returning correct value for useSubdomainName and causing Domain error.#23870
Assignees
evelyn-ys
Labels
Auto-AssignAuto assign by botService AttentionThis issue is responsible by Azure service team.Storageaz storageact-codegen-extensibility-squadcustomer-reportedIssues that are reported by GitHub users external to the Azure organization.feature-request
Milestone
Backlog
@pablojmarti

Description

@pablojmarti
pablojmarti
opened on Sep 13, 2022

az feedback auto-generates most of the information requested below, as of CLI version 2.0.62

Related command
az storage account update --resource-group resource-group --name storageaccount --custom-domain "www.example.com" --use-subdomain true

Describe the bug
When running this command I expect that the return output is set to true from the JSON output.

{
  "accessTier": "Hot",
  "allowBlobPublicAccess": true,
  "allowCrossTenantReplication": true,
  "allowSharedKeyAccess": true,
  "allowedCopyScope": null,
  "azureFilesIdentityBasedAuthentication": null,
  "blobRestoreStatus": null,
  "creationTime": "2022-09-12T19:24:47.591616+00:00",
  "customDomain": {
    "name": "www.example.com",
    "useSubDomainName": null
  },
  "defaultToOAuthAuthentication": false,
  "dnsEndpointType": "Standard",
  "enableHttpsTrafficOnly": true,
  "enableNfsV3": null,
  "encryption": {
    "encryptionIdentity": null,
    "keySource": "Microsoft.Storage",
    "keyVaultProperties": null,
    "requireInfrastructureEncryption": false,
    "services": {
      "blob": {
        "enabled": true,
        "keyType": "Account",
        "lastEnabledTime": "2022-09-12T19:24:48.044730+00:00"
      },
      "file": {
        "enabled": true,
        "keyType": "Account",
        "lastEnabledTime": "2022-09-12T19:24:48.044730+00:00"
      },
      "queue": null,
      "table": null
    }
  },
  "extendedLocation": null,
  "failoverInProgress": null,
  "geoReplicationStats": null,
  "id": "/subscription/id",
  "identity": null,
  "immutableStorageWithVersioning": null,
  "isHnsEnabled": null,
  "isLocalUserEnabled": null,
  "isSftpEnabled": null,
  "keyCreationTime": {
    "key1": "2022-09-12T19:24:47.747869+00:00",
    "key2": "2022-09-12T19:24:47.747869+00:00"
  },
  "keyPolicy": null,
  "kind": "StorageV2",
  "largeFileSharesState": null,
  "lastGeoFailoverTime": null,
  "location": "location",
  "minimumTlsVersion": "TLS1_2",
  "name": "storageaccount",
  "networkRuleSet": {
    "bypass": "AzureServices",
    "defaultAction": "Deny",
    "ipRules": [],
    "resourceAccessRules": [],
    "virtualNetworkRules": []
  },
  "primaryEndpoints": {
    "blob": "<redacted>",
    "dfs": "<redacted>",
    "file": "<redacted>",
    "internetEndpoints": null,
    "microsoftEndpoints": null,
    "queue": "<redacted>",
    "table": "<redacted>",
    "web": "<redacted>"
  },
  "primaryLocation": "location",
  "privateEndpointConnections": [],
  "provisioningState": "Succeeded",
  "publicNetworkAccess": "Enabled",
  "resourceGroup": "resource-group",
  "routingPreference": null,
  "sasPolicy": null,
  "secondaryEndpoints": {
    "blob": "<redacted>",
    "dfs": "<redacted>",
    "file": null,
    "internetEndpoints": null,
    "microsoftEndpoints": null,
    "queue": "<redacted>",
    "table": "<redacted>",
    "web": "<redacted>"
  },
  "secondaryLocation": "northeurope",
  "sku": {
    "name": "Standard_RAGRS",
    "tier": "Standard"
  },
  "statusOfPrimary": "available",
  "statusOfSecondary": "available",
  "storageAccountSkuConversionStatus": null,
  "tags": {},
  "type": "Microsoft.Storage/storageAccounts"
}

This becomes more of an issue when trying to run subsequent update commands against the same storage bucket. For example trying to update the public access: az storage account update --resource-group resource-group --name storageaccount --default-action Allow

will give the following output:

(StorageDomainNameCouldNotVerify) The custom domain name could not be verified. CNAME mapping from www.example.com to any of <redacted>,<redacted> does not exist.
Code: StorageDomainNameCouldNotVerify
Message: The custom domain name could not be verified. CNAME mapping from www.example.com to any of <redacted>,<redacted> does not exist.

The CNAME update does work and the storage account can be accessed from the custom domain mapping however using any kind of AZ CLI updates afterward will fail with this configuration.

To Reproduce

  1. Create Storage account
  2. Configure for static web hosting
  3. Configure with custom domain mapping using subdomain verification
  4. Try running update command after custom domain mapping.

Expected behavior
I expect that the domain which is working correctly and verified via the portal would allow us to run commands in the Azure CLI.

Environment summary

 az --version
azure-cli                         2.40.0

core                              2.40.0
telemetry                          1.0.8

Extensions:
aks-preview                       0.5.44

Dependencies:
msal                            1.18.0b1
azure-mgmt-resource             21.1.0b1

Python location '/opt/homebrew/Cellar/azure-cli/2.40.0/libexec/bin/python'
Extensions directory '/Users/pablo/.azure/cliextensions'

Python (Darwin) 3.10.6 (main, Aug 30 2022, 04:58:14) [Clang 13.1.6 (clang-1316.0.21.2.5)]

Legal docs and information: aka.ms/AzureCliLegal


Your CLI is up-to-date.

macOS Monterery 12.5.1

zsh --version
zsh 5.8 (arm-apple-darwin20.2.0)

Metadata

Metadata

Assignees

Labels

Auto-AssignAuto assign by botService AttentionThis issue is responsible by Azure service team.Storageaz storageact-codegen-extensibility-squadcustomer-reportedIssues that are reported by GitHub users external to the Azure organization.feature-request

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions