Skip to content

Update-AzSynapseSqlVulnerabilityAssessmentSetting cannot use Managed Identity #22714

New issue
New issue
Open
Open
Update-AzSynapseSqlVulnerabilityAssessmentSetting cannot use Managed Identity#22714
Assignees
SaurabhSharma-MSFT
Labels
Service AttentionThis issue is responsible by Azure service team.SynapsebugThis issue requires a change to an existing behavior in the product in order to be resolved.customer-reported
@qzhou-hmcts

Description

@qzhou-hmcts
qzhou-hmcts
opened on Sep 1, 2023

Description

Using Update-AzSynapseSqlVulnerabilityAssessmentSetting targeting a storage account with keys disabled, the command fails

Update-AzSynapseSqlVulnerabilityAssessmentSetting -ResourceGroupName xxx-rg -WorkspaceName xxxxx -StorageAccountName XXXX -RecurringScansInterval "Weekly"
-NotificationEmail "[email protected]" -EmailAdmins $True
-ScanResultsContainerName "synapse-vulnerability-assessment"

Issue script & Debug output

DEBUG: 1:47:44 PM - [ConfigManager] Got [True] from [EnableDataCollection], Module = [], Cmdlet = [].
Update-AzSynapseSqlVulnerabilityAssessmentSetting: The provided storage account shared access signature or account storage key is not valid. The provided storage account shared access signature or account storage key is not valid.
DEBUG: 1:47:44 PM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: AzureQoSEvent:  Module: Az.Synapse:2.0.0; CommandName: Update-AzSynapseSqlVulnerabilityAssessmentSetting; PSVersion: 7.3.4; IsSuccess: False; Duration: 00:00:01.7677708; Exception: The provided storage account shared access signature or account storage key is not valid. The provided storage account shared access signature or account storage key is not valid.;
DEBUG: 1:47:44 PM - UpdateAzureSynapseSqlVulnerabilityAssessmentSetting end processing.

Environment data

Name                           Value
----                           -----
PSVersion                      7.3.4
PSEdition                      Core
GitCommitId                    7.3.4
OS                             Darwin 22.5.0 Darwin Kernel Version 22.5.0: Mon Apr 24 20:51:50 PDT 2023; root:xnu-8796.121.2~5/RELEASE_X86_64
Platform                       Unix
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Module versions

ModuleType Version    PreRelease Name                                ExportedCommands
---------- -------    ---------- ----                                ----------------
Script     2.10.3                Az.Accounts                         {Add-AzEnvironment, Clear-AzConfig, Clear-AzContext, Clear-AzDefault…}
Script     2.0.0                 Az.Synapse                          {Add-AzSynapseDataFlowDebugSessionPackage, Add-AzSynapseTriggerSubscription, Clear-AzSyn

Error output

Resolve-AzError                                             
DEBUG: 2:14:53 PM - ResolveError begin processing with ParameterSet 'AnyErrorParameterSet'.
DEBUG: 2:14:53 PM - using account id 'XXXXXX'...
DEBUG: 2:14:53 PM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
WARNING: Upcoming breaking changes in the cmdlet 'Resolve-AzError' :
The `Resolve-Error` alias will be removed in a future release.  Please change any scripts that use this alias to use `Resolve-AzError` instead.
Note : Go to https://aka.ms/azps-changewarnings for steps to suppress this breaking change warning, and other information on breaking changes in Azure PowerShell.

  HistoryId: 14

Message        : The provided storage account shared access signature or account storage key is not valid. The provided storage account shared access 
                signature or account storage key is not valid.
StackTrace     :    at Microsoft.Azure.Commands.Synapse.Models.SynapseAnalyticsManagementClient.CreateOrUpdateWorkspaceVulnerabilityAssessmentSettings(String 
                resourceGroupName, String workspaceName, ServerVulnerabilityAssessment parameters)
                   at Microsoft.Azure.Commands.Synapse.UpdateAzureSynapseSqlVulnerabilityAssessmentSetting.ExecuteCmdlet()
                   at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.<>c__3`1.<ExecuteSynchronouslyOrAsJob>b__3_0(T c)
                   at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet, Action`1 executor)
                   at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet)
                   at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord()
Exception      : Microsoft.Azure.Commands.Common.Exceptions.AzPSException
InvocationInfo : {Update-AzSynapseSqlVulnerabilityAssessmentSetting}
Line           : Update-AzSynapseSqlVulnerabilityAssessmentSetting -ResourceGroupName XXXXXX-rg -WorkspaceName XXXXXX  -StorageAccountName 
                miaudittest `
                
Position       : At line:1 char:1
                + Update-AzSynapseSqlVulnerabilityAssessmentSetting -ResourceGroupName  …
                + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HistoryId      : 14

RequestId      : 863ad5bf-cb84-47c8-a4fa-38cc9ec8e440
Message        : The provided storage account shared access signature or account storage key is not valid.
ServerMessage  : InvalidStorageAccountCredentials: The provided storage account shared access signature or account storage key is not valid. 
                (System.Collections.Generic.List`1[Microsoft.Rest.Azure.CloudError])
ServerResponse : {BadRequest}
RequestMessage : {PUT https://management.azure.com/subscriptions/XXXXXX/resourceGroups/XXXXXX-rg/providers/Microsoft.Synapse/wo
                rkspaces/XXXXXX/vulnerabilityAssessments/default?api-version=2021-06-01}
InvocationInfo : {Update-AzSynapseSqlVulnerabilityAssessmentSetting}
Line           : Update-AzSynapseSqlVulnerabilityAssessmentSetting -ResourceGroupName XXXXXX-rg -WorkspaceName XXXXXX  -StorageAccountName 
                miaudittest `
                
Position       : At line:1 char:1
                + Update-AzSynapseSqlVulnerabilityAssessmentSetting -ResourceGroupName  …
                + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
StackTrace     :    at 
                Microsoft.Azure.Management.Synapse.WorkspaceManagedSqlServerVulnerabilityAssessmentsOperations.CreateOrUpdateWithHttpMessagesAsync(String 
                resourceGroupName, String workspaceName, ServerVulnerabilityAssessment parameters, Dictionary`2 customHeaders, CancellationToken 
                cancellationToken)
                   at Microsoft.Azure.Management.Synapse.WorkspaceManagedSqlServerVulnerabilityAssessmentsOperationsExtensions.CreateOrUpdateAsync(IWorkspace
                ManagedSqlServerVulnerabilityAssessmentsOperations operations, String resourceGroupName, String workspaceName, ServerVulnerabilityAssessment 
                parameters, CancellationToken cancellationToken)
                   at Microsoft.Azure.Management.Synapse.WorkspaceManagedSqlServerVulnerabilityAssessmentsOperationsExtensions.CreateOrUpdate(IWorkspaceManag
                edSqlServerVulnerabilityAssessmentsOperations operations, String resourceGroupName, String workspaceName, ServerVulnerabilityAssessment 
                parameters)
                   at Microsoft.Azure.Commands.Synapse.Models.SynapseAnalyticsManagementClient.CreateOrUpdateWorkspaceVulnerabilityAssessmentSettings(String 
                resourceGroupName, String workspaceName, ServerVulnerabilityAssessment parameters)
HistoryId      : 14

Metadata

Metadata

Assignees

Labels

Service AttentionThis issue is responsible by Azure service team.SynapsebugThis issue requires a change to an existing behavior in the product in order to be resolved.customer-reported

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions