Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Microsoft.Sql/servers bug: administrators property set, but ignored #16423

Open
aristosvo opened this issue Oct 15, 2021 · 2 comments
Open

Microsoft.Sql/servers bug: administrators property set, but ignored #16423

aristosvo opened this issue Oct 15, 2021 · 2 comments
Labels
customer-reported Issues that are reported by GitHub users external to the Azure organization. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that Service Attention Workflow: This issue is responsible by Azure service team. SQL

Comments

@aristosvo
Copy link

aristosvo commented Oct 15, 2021
edited
Loading

When trying to set the properties.administrators property in Microsoft.Sql/servers createUpdate request for an existing server, nothing happens. Is this expected behaviour or a bug?:

PUT /subscriptions/<subscriptionId>/resourceGroups/acctestRG-mssql-211015113918523226/providers/Microsoft.Sql/servers/acctestsqlserver211015113918523226?api-version=2021-02-01-preview HTTP/1.1
Host: management.azure.com
User-Agent: Go/go1.16.6 (amd64-darwin) go-autorest/v14.2.1 Azure-SDK-For-Go/v58.0.0 sql/v5.0 HashiCorp Terraform/1.0.5 (+https://www.terraform.io) Terraform Plugin SDK/2.7.0 terraform-provider-azurerm/acc pid-222c6c49-1b0a-5959-a213-6608f9eb8820
Content-Length: 296
Content-Type: application/json; charset=utf-8
X-Ms-Correlation-Request-Id: 93484ffa-cd98-9b67-5173-6a1da36e3e91
Accept-Encoding: gzip

{"location":"westeurope","properties":{"administratorLogin":"missadministrator","administrators":{"administratorType":"ActiveDirectory","principalType":"Application","login":"AzureAD Admin","sid":"a009252d-9bb1-418e-803b-939f87182168"},"publicNetworkAccess":"Enabled","version":"12.0"},"tags":{}}
2021/10/15 11:43:32 [DEBUG] AzureRM Response for https://management.azure.com/subscriptions/<subscriptionId>/resourceGroups/acctestRG-mssql-211015113918523226/providers/Microsoft.Sql/servers/acctestsqlserver211015113918523226?api-version=2021-02-01-preview: 
HTTP/2.0 202 Accepted
Content-Length: 74

2021/10/15 11:43:36 [DEBUG] AzureRM Request: 
GET /subscriptions/<subscriptionId>/resourceGroups/acctestRG-mssql-211015113918523226/providers/Microsoft.Sql/locations/westeurope/serverAzureAsyncOperation/66e0b7a0-7caa-4dba-aac3-0d4ce9d2eb91?api-version=2021-02-01-preview HTTP/1.1
Host: management.azure.com
User-Agent: Go/go1.16.6 (amd64-darwin) go-autorest/v14.2.1 Azure-SDK-For-Go/v58.0.0 sql/v5.0 HashiCorp Terraform/1.0.5 (+https://www.terraform.io) Terraform Plugin SDK/2.7.0 terraform-provider-azurerm/acc pid-222c6c49-1b0a-5959-a213-6608f9eb8820
X-Ms-Correlation-Request-Id: 93484ffa-cd98-9b67-5173-6a1da36e3e91
Accept-Encoding: gzip


2021/10/15 11:43:36 [DEBUG] AzureRM Response for https://management.azure.com/subscriptions/<subscriptionId>/resourceGroups/acctestRG-mssql-211015113918523226/providers/Microsoft.Sql/locations/westeurope/serverAzureAsyncOperation/66e0b7a0-7caa-4dba-aac3-0d4ce9d2eb91?api-version=2021-02-01-preview: 
HTTP/2.0 200 OK
Cache-Control: no-cache
Content-Type: application/json; charset=utf-8
Date: Fri, 15 Oct 2021 09:43:36 GMT
Expires: -1
Pragma: no-cache
Retry-After: 15
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Ms-Correlation-Request-Id: 93484ffa-cd98-9b67-5173-6a1da36e3e91
X-Ms-Ratelimit-Remaining-Subscription-Reads: 11992
X-Ms-Request-Id: f5d8c083-d6c0-407c-a296-6bdd5a5ee154
X-Ms-Routing-Request-Id: WESTEUROPE:20211015T094336Z:c9ea393b-5157-4aa8-b0ab-9cde2a6d9c14

{"name":"66e0b7a0-7caa-4dba-aac3-0d4ce9d2eb91","status":"Succeeded","startTime":"2021-10-15T09:43:32.067Z"}
2021/10/15 11:44:39 [DEBUG] AzureRM Request: 
GET /subscriptions/<subscriptionId>/resourceGroups/acctestRG-mssql-211015113918523226/providers/Microsoft.Sql/servers/acctestsqlserver211015113918523226?api-version=2021-02-01-preview HTTP/1.1
Host: management.azure.com
User-Agent: Go/go1.16.6 (amd64-darwin) go-autorest/v14.2.1 Azure-SDK-For-Go/v58.0.0 sql/v5.0 HashiCorp Terraform/1.0.5 (+https://www.terraform.io) Terraform Plugin SDK/2.7.0 terraform-provider-azurerm/acc pid-222c6c49-1b0a-5959-a213-6608f9eb8820
X-Ms-Correlation-Request-Id: 93484ffa-cd98-9b67-5173-6a1da36e3e91
Accept-Encoding: gzip


2021/10/15 11:44:39 [DEBUG] AzureRM Response for https://management.azure.com/subscriptions/<subscriptionId>/resourceGroups/acctestRG-mssql-211015113918523226/providers/Microsoft.Sql/servers/acctestsqlserver211015113918523226?api-version=2021-02-01-preview: 
HTTP/2.0 200 OK
Cache-Control: no-cache
Content-Type: application/json; charset=utf-8
Date: Fri, 15 Oct 2021 09:44:38 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Ms-Correlation-Request-Id: 93484ffa-cd98-9b67-5173-6a1da36e3e91
X-Ms-Ratelimit-Remaining-Subscription-Reads: 11991
X-Ms-Request-Id: 27dc715a-020a-4196-b17d-5e488fd676e7
X-Ms-Routing-Request-Id: WESTEUROPE:20211015T094439Z:5f794f92-ba58-4d2c-b361-5f03abc11868

{"kind":"v12.0","properties":{"administratorLogin":"missadministrator","version":"12.0","state":"Ready","fullyQualifiedDomainName":"acctestsqlserver211015113918523226.database.windows.net","privateEndpointConnections":[],"publicNetworkAccess":"Enabled","restrictOutboundNetworkAccess":"Disabled"},"location":"westeurope","tags":{},"id":"/subscriptions/<subscriptionId>/resourceGroups/acctestRG-mssql-211015113918523226/providers/Microsoft.Sql/servers/acctestsqlserver211015113918523226","name":"acctestsqlserver211015113918523226","type":"Microsoft.Sql/servers"}

Related to: Terraform issue.
@ghost ghost added needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels Oct 15, 2021
@ghost ghost added the customer-reported Issues that are reported by GitHub users external to the Azure organization. label Oct 15, 2021
@ruowan ruowan added the SQL label Oct 18, 2021
@ghost ghost removed the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Oct 18, 2021
@ruowan ruowan added needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. Service Attention Workflow: This issue is responsible by Azure service team. labels Oct 18, 2021
@ghost ghost removed the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Oct 18, 2021
@ghost
Copy link

ghost commented Oct 18, 2021

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @azureSQLGitHub.

Issue Details

When trying to set the properties.administrators property in Microsoft.Sql/servers createUpdate request for an existing server, nothing happens. Is this expected behaviour or a bug?:

PUT /subscriptions/<subscriptionId>/resourceGroups/acctestRG-mssql-211015113918523226/providers/Microsoft.Sql/servers/acctestsqlserver211015113918523226?api-version=2021-02-01-preview HTTP/1.1
Host: management.azure.com
User-Agent: Go/go1.16.6 (amd64-darwin) go-autorest/v14.2.1 Azure-SDK-For-Go/v58.0.0 sql/v5.0 HashiCorp Terraform/1.0.5 (+https://www.terraform.io) Terraform Plugin SDK/2.7.0 terraform-provider-azurerm/acc pid-222c6c49-1b0a-5959-a213-6608f9eb8820
Content-Length: 296
Content-Type: application/json; charset=utf-8
X-Ms-Correlation-Request-Id: 93484ffa-cd98-9b67-5173-6a1da36e3e91
Accept-Encoding: gzip

{"location":"westeurope","properties":{"administratorLogin":"missadministrator","administrators":{"administratorType":"ActiveDirectory","principalType":"Application","login":"AzureAD Admin","sid":"a009252d-9bb1-418e-803b-939f87182168"},"publicNetworkAccess":"Enabled","version":"12.0"},"tags":{}}
2021/10/15 11:43:32 [DEBUG] AzureRM Response for https://management.azure.com/subscriptions/<subscriptionId>/resourceGroups/acctestRG-mssql-211015113918523226/providers/Microsoft.Sql/servers/acctestsqlserver211015113918523226?api-version=2021-02-01-preview: 
HTTP/2.0 202 Accepted
Content-Length: 74

2021/10/15 11:43:36 [DEBUG] AzureRM Request: 
GET /subscriptions/<subscriptionId>/resourceGroups/acctestRG-mssql-211015113918523226/providers/Microsoft.Sql/locations/westeurope/serverAzureAsyncOperation/66e0b7a0-7caa-4dba-aac3-0d4ce9d2eb91?api-version=2021-02-01-preview HTTP/1.1
Host: management.azure.com
User-Agent: Go/go1.16.6 (amd64-darwin) go-autorest/v14.2.1 Azure-SDK-For-Go/v58.0.0 sql/v5.0 HashiCorp Terraform/1.0.5 (+https://www.terraform.io) Terraform Plugin SDK/2.7.0 terraform-provider-azurerm/acc pid-222c6c49-1b0a-5959-a213-6608f9eb8820
X-Ms-Correlation-Request-Id: 93484ffa-cd98-9b67-5173-6a1da36e3e91
Accept-Encoding: gzip


2021/10/15 11:43:36 [DEBUG] AzureRM Response for https://management.azure.com/subscriptions/<subscriptionId>/resourceGroups/acctestRG-mssql-211015113918523226/providers/Microsoft.Sql/locations/westeurope/serverAzureAsyncOperation/66e0b7a0-7caa-4dba-aac3-0d4ce9d2eb91?api-version=2021-02-01-preview: 
HTTP/2.0 200 OK
Cache-Control: no-cache
Content-Type: application/json; charset=utf-8
Date: Fri, 15 Oct 2021 09:43:36 GMT
Expires: -1
Pragma: no-cache
Retry-After: 15
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Ms-Correlation-Request-Id: 93484ffa-cd98-9b67-5173-6a1da36e3e91
X-Ms-Ratelimit-Remaining-Subscription-Reads: 11992
X-Ms-Request-Id: f5d8c083-d6c0-407c-a296-6bdd5a5ee154
X-Ms-Routing-Request-Id: WESTEUROPE:20211015T094336Z:c9ea393b-5157-4aa8-b0ab-9cde2a6d9c14

{"name":"66e0b7a0-7caa-4dba-aac3-0d4ce9d2eb91","status":"Succeeded","startTime":"2021-10-15T09:43:32.067Z"}
2021/10/15 11:44:39 [DEBUG] AzureRM Request: 
GET /subscriptions/<subscriptionId>/resourceGroups/acctestRG-mssql-211015113918523226/providers/Microsoft.Sql/servers/acctestsqlserver211015113918523226?api-version=2021-02-01-preview HTTP/1.1
Host: management.azure.com
User-Agent: Go/go1.16.6 (amd64-darwin) go-autorest/v14.2.1 Azure-SDK-For-Go/v58.0.0 sql/v5.0 HashiCorp Terraform/1.0.5 (+https://www.terraform.io) Terraform Plugin SDK/2.7.0 terraform-provider-azurerm/acc pid-222c6c49-1b0a-5959-a213-6608f9eb8820
X-Ms-Correlation-Request-Id: 93484ffa-cd98-9b67-5173-6a1da36e3e91
Accept-Encoding: gzip


2021/10/15 11:44:39 [DEBUG] AzureRM Response for https://management.azure.com/subscriptions/<subscriptionId>/resourceGroups/acctestRG-mssql-211015113918523226/providers/Microsoft.Sql/servers/acctestsqlserver211015113918523226?api-version=2021-02-01-preview: 
HTTP/2.0 200 OK
Cache-Control: no-cache
Content-Type: application/json; charset=utf-8
Date: Fri, 15 Oct 2021 09:44:38 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Ms-Correlation-Request-Id: 93484ffa-cd98-9b67-5173-6a1da36e3e91
X-Ms-Ratelimit-Remaining-Subscription-Reads: 11991
X-Ms-Request-Id: 27dc715a-020a-4196-b17d-5e488fd676e7
X-Ms-Routing-Request-Id: WESTEUROPE:20211015T094439Z:5f794f92-ba58-4d2c-b361-5f03abc11868

{"kind":"v12.0","properties":{"administratorLogin":"missadministrator","version":"12.0","state":"Ready","fullyQualifiedDomainName":"acctestsqlserver211015113918523226.database.windows.net","privateEndpointConnections":[],"publicNetworkAccess":"Enabled","restrictOutboundNetworkAccess":"Disabled"},"location":"westeurope","tags":{},"id":"/subscriptions/<subscriptionId>/resourceGroups/acctestRG-mssql-211015113918523226/providers/Microsoft.Sql/servers/acctestsqlserver211015113918523226","name":"acctestsqlserver211015113918523226","type":"Microsoft.Sql/servers"}

Related to: Terraform issue.

Author: aristosvo
Assignees: ruowan
Labels:

question, SQL, Service Attention, customer-reported, needs-triage
Milestone: -

@xenon8 xenon8 mentioned this issue Aug 9, 2022
Open
@nofield
Copy link

nofield commented May 19, 2023

Updates to the Azure AD Admin are not currently supported through the Servers API. However, we support updates to the Azure AD Admin through the ServerAzureADAdministrators API: azure-rest-api-specs/ServerAzureADAdministrators.json.

We've made improvements to the administrators property description in recent API releases to clarify this behavior:

The Azure Active Directory administrator of the server. This can only be used at server create time. If used for server update, it will be ignored or it will result in an error. For updates individual APIs will need to be used.

We don't support updates to the Azure AD Admin through the Server API due to a difference in RBAC permission requirements. The permission model is SQL DB contributor for create server, and SQL Security Manager for updating the Azure AD Only property, and we decided to maintain consistency in API behavior between the two Azure AD properties.

We are revisiting this design to determine if we should expose the Azure AD Admin property through the Server API.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
customer-reported Issues that are reported by GitHub users external to the Azure organization. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that Service Attention Workflow: This issue is responsible by Azure service team. SQL
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@aristosvo @ruowan @nofield