Describe the bug
I'm trying to get a grasp of using Azure's API coming from AWS... I can successfully run az login to authenticate to one of my organization's Azure subscriptions then run something like az group list to list the resource-groups associated with that subscription.
I'm running into an issue where I'm trying to manage tenant-level resources.
Example:
I want to manage the secret for a particular App Registration application. I'm internally told to login to the tenant like so:
az login --tenant <insert-tenant-id> --allow-no-subscriptions.
Then when I run az account list -o table I notice that I have successfully authenticated to the tenant specific account.
Name CloudName SubscriptionId TenantId State IsDefault
------------------------- ----------- ---------------- ---------- ------- -----------
SubscriptionA AzureCloud abc-1234 12309481230948 Enabled False
SubscriptionB AzureCloud abc-9893 23980805458034 Enabled False
N/A(tenant level account) AzureCloud abc-9999 48230482309482 Enabled True
My issue/question arises when I'm trying to use the CLI to query the "tenant". I constantly receive errors like the one below.
Errors:
(SubscriptionNotFound) The subscription 'abc-9999' could not be found.
Code: SubscriptionNotFound
Message: The subscription 'abc-9999' could not be found.
To Reproduce:
Steps to reproduce the behavior. Note that argument values have been redacted, as they may contain sensitive information.
- Login to a tenant directory using Azure CLI (
az login --tenant <insert_tenant_id> --no-allow-subscriptions
- Attempt to run anything. For example:
az group list
Expected Behavior
- See the resources associated with the tenant
Environment Summary
macOS-12.6-x86_64-i386-64bit, Darwin 21.6.0
Python 3.10.6
Installer: HOMEBREW
azure-cli 2.40.0
Extensions:
account 0.2.5
Dependencies:
msal 1.18.0b1
azure-mgmt-resource 21.1.0b1
Additional Context
Describe the bug
I'm trying to get a grasp of using Azure's API coming from AWS... I can successfully run
az loginto authenticate to one of my organization's Azure subscriptions then run something likeaz group listto list the resource-groups associated with that subscription.I'm running into an issue where I'm trying to manage tenant-level resources.
Example:
I want to manage the secret for a particular App Registration application. I'm internally told to login to the tenant like so:
az login --tenant <insert-tenant-id> --allow-no-subscriptions.Then when I run
az account list -o tableI notice that I have successfully authenticated to the tenant specific account.My issue/question arises when I'm trying to use the CLI to query the "tenant". I constantly receive errors like the one below.
Errors:
To Reproduce:
Steps to reproduce the behavior. Note that argument values have been redacted, as they may contain sensitive information.
az login --tenant <insert_tenant_id> --no-allow-subscriptionsaz group listExpected Behavior
Environment Summary
Additional Context