From 50e95490f035a319daba229526cdd6be6a908722 Mon Sep 17 00:00:00 2001 From: Xiaofan Zhou Date: Wed, 28 Aug 2024 15:07:42 +0800 Subject: [PATCH 1/4] add quotation marks --- .../_credential_free.py | 100 +++++++++--------- .../action.py | 2 +- 2 files changed, 51 insertions(+), 51 deletions(-) diff --git a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py index af3452b0fa7..2f52c970e96 100644 --- a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py +++ b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py @@ -92,7 +92,7 @@ def enable_mi_for_db_linker(cmd, source_id, target_id, auth_info, client_type, c target_handler.identity_name = source_handler.get_identity_name() elif target_type in [RESOURCE.Postgres, RESOURCE.MysqlFlexible]: identity_info = run_cli_cmd( - 'az ad sp show --id {}'.format(source_object_id), 15, 10) + 'az ad sp show --id "{}"'.format(source_object_id), 15, 10) target_handler.identity_client_id = identity_info.get( 'appId') target_handler.identity_name = identity_info.get( @@ -106,7 +106,7 @@ def enable_mi_for_db_linker(cmd, source_id, target_id, auth_info, client_type, c mi_client_id = auth_info.get('client_id') mi_sub_id = auth_info.get('subscription_id') umi_info = run_cli_cmd( - f'az identity list --subscription {mi_sub_id} --query "[?clientId==\'{mi_client_id}\']"') + f'az identity list --subscription "{mi_sub_id}" --query "[?clientId==\'{mi_client_id}\']"') if umi_info is None or len(umi_info) == 0: e = ResourceNotFoundError( "No identity found for client id {}".format(mi_client_id)) @@ -121,7 +121,7 @@ def enable_mi_for_db_linker(cmd, source_id, target_id, auth_info, client_type, c sp_object_id = auth_info.get('principal_id') try: sp_info = run_cli_cmd( - 'az ad sp show --id {}'.format(sp_client_id)) + 'az ad sp show --id "{}"'.format(sp_client_id)) if sp_info is None: e = ResourceNotFoundError( "Not found the service principal with client id {}".format(sp_client_id)) @@ -263,7 +263,7 @@ def __init__(self, cmd, target_id, target_type, auth_info, connection_name, skip def check_db_existence(self): try: db_info = run_cli_cmd( - 'az mysql flexible-server db show --ids {}'.format(self.target_id)) + 'az mysql flexible-server db show --ids "{}"'.format(self.target_id)) if db_info is None: e = ResourceNotFoundError( "No database found with name {}".format(self.dbname)) @@ -276,7 +276,7 @@ def check_db_existence(self): def set_user_admin(self, user_object_id, **kwargs): mysql_identity_id = kwargs['mysql_identity_id'] admins = run_cli_cmd( - 'az mysql flexible-server ad-admin list -g {} -s {} --subscription {}'.format( + 'az mysql flexible-server ad-admin list -g "{}" -s "{}" --subscription "{}"'.format( self.resource_group, self.server, self.subscription) ) if not user_object_id: @@ -303,11 +303,11 @@ def set_user_admin(self, user_object_id, **kwargs): telemetry.set_exception(e, "Missing-Mysql-Umi") raise e mysql_umi = run_cli_cmd( - 'az mysql flexible-server identity list -g {} -s {} --subscription {}'.format(self.resource_group, self.server, self.subscription)) + 'az mysql flexible-server identity list -g "{}" -s "{}" --subscription "{}"'.format(self.resource_group, self.server, self.subscription)) if (not mysql_umi) or (not mysql_umi.get("userAssignedIdentities")) or mysql_identity_id not in mysql_umi.get("userAssignedIdentities"): - run_cli_cmd('az mysql flexible-server identity assign -g {} -s {} --subscription {} --identity {}'.format( + run_cli_cmd('az mysql flexible-server identity assign -g "{}" -s "{}" --subscription "{}" --identity "{}"'.format( self.resource_group, self.server, self.subscription, mysql_identity_id)) - run_cli_cmd('az mysql flexible-server ad-admin create -g {} -s {} --subscription {} -u {} -i {} --identity {}'.format( + run_cli_cmd('az mysql flexible-server ad-admin create -g "{}" -s "{}" --subscription "{}" -u "{}" -i "{}" --identity "{}"'.format( self.resource_group, self.server, self.subscription, self.login_username, user_object_id, mysql_identity_id)) self.admin_username = self.login_username @@ -352,7 +352,7 @@ def create_aad_user(self): def set_target_firewall(self, is_add, ip_name, start_ip=None, end_ip=None): if is_add: target = run_cli_cmd( - 'az mysql flexible-server show --ids {}'.format(self.target_id)) + 'az mysql flexible-server show --ids "{}"'.format(self.target_id)) if target.get('network').get('publicNetworkAccess') == "Disabled": ex = AzureConnectionError( "The target resource doesn't allow public access. Please enable it manually and try again.") @@ -362,8 +362,8 @@ def set_target_firewall(self, is_add, ip_name, start_ip=None, end_ip=None): ('(it will be removed after connection is created)' if self.auth_type != AUTHTYPES[ AUTH_TYPE.UserAccount] else '(Please delete it manually if it has security risk.)')) run_cli_cmd( - 'az mysql flexible-server firewall-rule create --resource-group {0} --name {1} --rule-name {2} ' - '--subscription {3} --start-ip-address {4} --end-ip-address {5}'.format( + 'az mysql flexible-server firewall-rule create --resource-group "{0}" --name "{1}" --rule-name "{2}" ' + '--subscription "{3}" --start-ip-address {4} --end-ip-address {5}'.format( self.resource_group, self.server, ip_name, self.subscription, start_ip, end_ip) ) else: @@ -373,8 +373,8 @@ def set_target_firewall(self, is_add, ip_name, start_ip=None, end_ip=None): "Remove database server firewall rule %s to recover...", ip_name) try: run_cli_cmd( - 'az mysql flexible-server firewall-rule delete --resource-group {0} --name {1} --rule-name {2} ' - '--subscription {3} --yes'.format( + 'az mysql flexible-server firewall-rule delete --resource-group "{0}" --name "{1}" --rule-name "{2}" ' + '--subscription "{3}" --yes'.format( self.resource_group, self.server, ip_name, self.subscription) ) except CLIInternalError as e: @@ -491,7 +491,7 @@ def set_user_admin(self, user_object_id, **kwargs): if set_admin: logger.warning('Setting current user as database server Microsoft Entra admin:' ' user=%s object id=%s', self.login_username, user_object_id) - admin_info = run_cli_cmd('az sql server ad-admin create -g {} --server-name {} --display-name "{}" --object-id {} --subscription {}'.format( + admin_info = run_cli_cmd('az sql server ad-admin create -g "{}" --server-name "{}" --display-name "{}" --object-id "{}" --subscription "{}"'.format( self.resource_group, self.server, self.login_username, user_object_id, self.subscription)) self.admin_username = admin_info.get('login', self.login_username) if admin_info else self.login_username @@ -552,8 +552,8 @@ def set_target_firewall(self, is_add, ip_name, start_ip=None, end_ip=None): ('(it will be removed after connection is created)' if self.auth_type != AUTHTYPES[ AUTH_TYPE.UserAccount] else '(Please delete it manually if it has security risk.)')) run_cli_cmd( - 'az sql server firewall-rule create -g {0} -s {1} -n {2} ' - '--subscription {3} --start-ip-address {4} --end-ip-address {5}'.format( + 'az sql server firewall-rule create -g "{0}" -s "{1}" -n "{2}" ' + '--subscription "{3}" --start-ip-address {4} --end-ip-address {5}'.format( self.resource_group, self.server, ip_name, self.subscription, start_ip, end_ip) ) else: @@ -563,7 +563,7 @@ def set_target_firewall(self, is_add, ip_name, start_ip=None, end_ip=None): "Remove database server firewall rule %s to recover...", ip_name) try: run_cli_cmd( - 'az sql server firewall-rule delete -g {0} -s {1} -n {2} --subscription {3}'.format( + 'az sql server firewall-rule delete -g "{0}" -s "{1}" -n "{2}" --subscription "{3}"'.format( self.resource_group, self.server, ip_name, self.subscription) ) except CLIInternalError as e: @@ -654,7 +654,7 @@ def check_db_existence(self): # `az postgres flexible-server db show -d postgres` will throw exception if self.dbname == "postgres": server_info = run_cli_cmd( - 'az postgres flexible-server show -n {} -g {} --subscription {}'.format( + 'az postgres flexible-server show -n "{}" -g "{}" --subscription "{}"'.format( self.db_server, self.resource_group, self.subscription)) if server_info is None: e = ResourceNotFoundError( @@ -664,7 +664,7 @@ def check_db_existence(self): else: return db_info = run_cli_cmd( - 'az postgres flexible-server db show --server-name {} --database-name {} -g {} --subscription {}'.format( + 'az postgres flexible-server db show --server-name "{}" --database-name "{}" -g "{}" --subscription "{}"'.format( self.db_server, self.dbname, self.resource_group, self.subscription)) if db_info is None: e = ResourceNotFoundError( @@ -677,23 +677,23 @@ def check_db_existence(self): def enable_target_aad_auth(self): target = run_cli_cmd( - 'az postgres flexible-server show -g {} -n {} --subscription {}'.format( + 'az postgres flexible-server show -g "{}" -n "{}" --subscription "{}"'.format( self.resource_group, self.db_server, self.subscription)) if target.get('authConfig').get('activeDirectoryAuth') == "Enabled": return if not self.skip_prompt: confirm_enable_entra_auth() - run_cli_cmd('az postgres flexible-server update --ids {} --active-directory-auth Enabled'.format( + run_cli_cmd('az postgres flexible-server update --ids "{}" --active-directory-auth Enabled'.format( self.target_id)) def set_user_admin(self, user_object_id, **kwargs): - admins = run_cli_cmd('az postgres flexible-server ad-admin list -g {} -s {} --subscription {}'.format( + admins = run_cli_cmd('az postgres flexible-server ad-admin list -g "{}" -s "{}" --subscription "{}"'.format( self.resource_group, self.db_server, self.subscription)) if not user_object_id: - if not admins: + if not admins or not any(admin.get('name', "") == self.login_username for admin in admins): e = ValidationError( - 'No Microsoft Entra admin found. Please set current user as Microsoft Entra admin and try again.') + f'No Microsoft Entra admin found with name {self.login_username}. Please set current user as Microsoft Entra admin and try again.') telemetry.set_exception(e, "Missing-Aad-Admin") raise e else: @@ -703,7 +703,7 @@ def set_user_admin(self, user_object_id, **kwargs): admin_info = next((ad for ad in admins if ad.get('objectId', "") == user_object_id), None) if not admin_info: logger.warning('Set current user as DB Server Microsoft Entra Administrators.') - admin_info = run_cli_cmd('az postgres flexible-server ad-admin create -u {} -i {} -g {} -s {} --subscription {} -t {}'.format( + admin_info = run_cli_cmd('az postgres flexible-server ad-admin create -u "{}" -i "{}" -g "{}" -s "{}" --subscription "{}" -t {}'.format( self.login_username, user_object_id, self.resource_group, self.db_server, self.subscription, self.login_usertype)) self.admin_username = admin_info.get('principalName', self.login_username) @@ -758,7 +758,7 @@ def create_aad_user(self): def set_target_firewall(self, is_add, ip_name, start_ip=None, end_ip=None): if is_add: target = run_cli_cmd( - 'az postgres flexible-server show --ids {}'.format(self.target_id)) + 'az postgres flexible-server show --ids "{}"'.format(self.target_id)) if target.get('network').get('publicNetworkAccess') == "Disabled": ex = AzureConnectionError( "The target resource doesn't allow public access. Please enable it manually and try again.") @@ -768,8 +768,8 @@ def set_target_firewall(self, is_add, ip_name, start_ip=None, end_ip=None): ('(it will be removed after connection is created)' if self.auth_type != AUTHTYPES[ AUTH_TYPE.UserAccount] else '(Please delete it manually if it has security risk.)')) run_cli_cmd( - 'az postgres flexible-server firewall-rule create --resource-group {0} --name {1} --rule-name {2} ' - '--subscription {3} --start-ip-address {4} --end-ip-address {5}'.format( + 'az postgres flexible-server firewall-rule create --resource-group "{0}" --name "{1}" --rule-name "{2}" ' + '--subscription "{3}" --start-ip-address {4} --end-ip-address {5}'.format( self.resource_group, self.db_server, ip_name, self.subscription, start_ip, end_ip) ) else: @@ -779,8 +779,8 @@ def set_target_firewall(self, is_add, ip_name, start_ip=None, end_ip=None): "Remove database server firewall rule %s to recover...", ip_name) try: run_cli_cmd( - 'az postgres flexible-server firewall-rule delete --resource-group {0} --name {1} --rule-name {2} ' - '--subscription {3} --yes'.format( + 'az postgres flexible-server firewall-rule delete --resource-group "{0}" --name "{1}" --rule-name "{2}" ' + '--subscription "{3}" --yes'.format( self.resource_group, self.db_server, ip_name, self.subscription) ) except CLIInternalError as e: @@ -863,7 +863,7 @@ def enable_target_aad_auth(self): def check_db_existence(self): try: db_info = run_cli_cmd( - 'az postgres db show --ids {} -n {}'.format(self.target_id, self.dbname)) + 'az postgres db show --ids "{}" -n "{}"'.format(self.target_id, self.dbname)) if db_info is None: e = ResourceNotFoundError( "No database found with name {}".format(self.dbname)) @@ -880,7 +880,7 @@ def set_user_admin(self, user_object_id, **kwargs): # pylint: disable=not-an-iterable admins = run_cli_cmd( - 'az postgres server ad-admin list --ids {}'.format(self.target_id)) + 'az postgres server ad-admin list --ids "{}"'.format(self.target_id)) if not user_object_id: if not admins: @@ -896,8 +896,8 @@ def set_user_admin(self, user_object_id, **kwargs): if not admin_info: logger.warning('Setting current user as database server Microsoft Entra admin:' ' user=%s object id=%s', self.login_username, user_object_id) - admin_info = run_cli_cmd('az postgres server ad-admin create -g {} --server-name {} --display-name {} --object-id {}' - ' --subscription {}'.format(rg, server, self.login_username, user_object_id, sub)) + admin_info = run_cli_cmd('az postgres server ad-admin create -g "{}" --server-name "{}" --display-name "{}" --object-id "{}"' + ' --subscription "{}"'.format(rg, server, self.login_username, user_object_id, sub)) self.admin_username = admin_info.get('login', self.login_username) def set_target_firewall(self, is_add, ip_name, start_ip=None, end_ip=None): @@ -907,7 +907,7 @@ def set_target_firewall(self, is_add, ip_name, start_ip=None, end_ip=None): target_id = self.target_id if is_add: target = run_cli_cmd( - 'az postgres server show --ids {}'.format(target_id)) + 'az postgres server show --ids "{}"'.format(target_id)) if target.get('publicNetworkAccess') == "Disabled": ex = AzureConnectionError( "The target resource doesn't allow public access. Please enable it manually and try again.") @@ -917,7 +917,7 @@ def set_target_firewall(self, is_add, ip_name, start_ip=None, end_ip=None): ('(it will be removed after connection is created)' if self.auth_type != AUTHTYPES[ AUTH_TYPE.UserAccount] else '(Please delete it manually if it has security risk.)')) run_cli_cmd( - 'az postgres server firewall-rule create -g {0} -s {1} -n {2} --subscription {3}' + 'az postgres server firewall-rule create -g "{0}" -s "{1}" -n "{2}" --subscription "{3}"' ' --start-ip-address {4} --end-ip-address {5}'.format( rg, server, ip_name, sub, start_ip, end_ip) ) @@ -928,7 +928,7 @@ def set_target_firewall(self, is_add, ip_name, start_ip=None, end_ip=None): "Remove database server firewall rule %s to recover...", ip_name) try: run_cli_cmd( - 'az postgres server firewall-rule delete -g {0} -s {1} -n {2} -y'.format(rg, server, ip_name)) + 'az postgres server firewall-rule delete -g "{0}" -s "{1}" -n "{2}" -y'.format(rg, server, ip_name)) except CLIInternalError as e: logger.warning( "Can't remove firewall rule %s. Please manually delete it to avoid security issue. %s", ip_name, str(e)) @@ -960,15 +960,15 @@ def get_create_query(self): ] -def getSourceHandler(source_id, source_type): +def getSourceHandler(cmd, source_id, source_type): if source_type in {RESOURCE.WebApp, RESOURCE.FunctionApp}: - return WebappHandler(source_id, source_type) + return WebappHandler(cmd, source_id, source_type) if source_type in {RESOURCE.ContainerApp}: - return ContainerappHandler(source_id, source_type) + return ContainerappHandler(cmd, source_id, source_type) if source_type in {RESOURCE.SpringCloud, RESOURCE.SpringCloudDeprecated}: - return SpringHandler(source_id, source_type) + return SpringHandler(cmd, source_id, source_type) if source_type in {RESOURCE.Local}: - return LocalHandler(source_id, source_type) + return LocalHandler(cmd, source_id, source_type) return None @@ -1010,16 +1010,16 @@ def get_identity_pid(self): rg = segments.get('resource_group') logger.warning( 'Checking if Spring app enables System Identity...') - identity = run_cli_cmd('az {} app identity show -g {} -s {} -n {} --subscription {}'.format( + identity = run_cli_cmd('az {} app identity show -g "{}" -s "{}" -n "{}" --subscription "{}"'.format( self.source_type, rg, spring, app, sub)) if (identity is None or identity.get('type') != "SystemAssigned"): # assign system identity for spring-cloud logger.warning('Enabling Spring app System Identity...') run_cli_cmd( - 'az {} app identity assign -g {} -s {} -n {} --subscription {}'.format( + 'az {} app identity assign -g "{}" -s "{}" -n "{}" --subscription "{}"'.format( self.source_type, rg, spring, app, sub)) - identity = run_cli_cmd('az {} app identity show -g {} -s {} -n {} --subscription {}'.format( + identity = run_cli_cmd('az {} app identity show -g "{}" -s "{}" -n "{}" --subscription "{}"'.format( self.source_type, rg, spring, app, sub), 15, 5, output_is_none) if identity is None: @@ -1045,8 +1045,8 @@ def get_identity_name(self): def get_identity_pid(self): logger.warning('Checking if WebApp enables System Identity...') identity = run_cli_cmd( - 'az webapp identity show --ids {}'.format(self.source_id)) if self.slot_name is None else run_cli_cmd( - 'az webapp identity show --ids {} --slot {}'.format(self.source_id, self.slot_name)) + 'az webapp identity show --ids "{}"'.format(self.source_id)) if self.slot_name is None else run_cli_cmd( + 'az webapp identity show --ids "{}" --slot "{}"'.format(self.source_id, self.slot_name)) if (identity is None or "SystemAssigned" not in identity.get('type')): # assign system identity for spring-cloud logger.warning('Enabling WebApp System Identity...') @@ -1079,14 +1079,14 @@ def get_identity_name(self): def get_identity_pid(self): logger.warning('Checking if Container App enables System Identity...') identity = run_cli_cmd( - 'az containerapp identity show --ids {}'.format(self.source_id)) + 'az containerapp identity show --ids "{}"'.format(self.source_id)) if (identity is None or "SystemAssigned" not in identity.get('type')): # assign system identity for spring-cloud logger.warning('Enabling Container App System Identity...') run_cli_cmd( - 'az containerapp identity assign --ids {} --system-assigned'.format(self.source_id)) + 'az containerapp identity assign --ids "{}" --system-assigned'.format(self.source_id)) identity = run_cli_cmd( - 'az containerapp identity show --ids {}'.format(self.source_id), 15, 5, output_is_none) + 'az containerapp identity show --ids "{}"'.format(self.source_id), 15, 5, output_is_none) if identity is None: ex = CLIInternalError( diff --git a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/action.py b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/action.py index 5bcf755741b..e67bf83adf8 100644 --- a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/action.py +++ b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/action.py @@ -148,7 +148,7 @@ def get_action(self, values, option_string, command_name): if 'principal_id' not in d: from azure.cli.command_modules.serviceconnector._utils import run_cli_cmd output = run_cli_cmd( - 'az ad sp show --id {}'.format(d['client_id'])) + 'az ad sp show --id "{}"'.format(d['client_id'])) if output: d['principal_id'] = output.get('id') else: From 2a5fa0929cc4a4ed08e6ab56f0f39bf3f720ed82 Mon Sep 17 00:00:00 2001 From: Xiaofan Zhou Date: Wed, 28 Aug 2024 16:26:50 +0800 Subject: [PATCH 2/4] update version --- src/serviceconnector-passwordless/HISTORY.rst | 4 ++++ .../azext_serviceconnector_passwordless/config.py | 2 +- src/serviceconnector-passwordless/setup.py | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/src/serviceconnector-passwordless/HISTORY.rst b/src/serviceconnector-passwordless/HISTORY.rst index 3e090fae12e..172e32cd042 100644 --- a/src/serviceconnector-passwordless/HISTORY.rst +++ b/src/serviceconnector-passwordless/HISTORY.rst @@ -2,6 +2,10 @@ Release History =============== +3.0.1 +++++++ +* Some improvements and security issue fixes. + 3.0.0 ++++++ * Add new param --new to override the existing database user and deprecate Postgres single server diff --git a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/config.py b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/config.py index af4680a46ac..9026cbba734 100644 --- a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/config.py +++ b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/config.py @@ -4,5 +4,5 @@ # -------------------------------------------------------------------------------------------- -VERSION = '3.0.0' +VERSION = '3.0.1' NAME = 'serviceconnector-passwordless' diff --git a/src/serviceconnector-passwordless/setup.py b/src/serviceconnector-passwordless/setup.py index cdd73f9cfde..b063aa6b5dc 100644 --- a/src/serviceconnector-passwordless/setup.py +++ b/src/serviceconnector-passwordless/setup.py @@ -15,7 +15,7 @@ logger.warn("Wheel is not available, disabling bdist_wheel hook") -VERSION = '3.0.0' +VERSION = '3.0.1' try: from azext_serviceconnector_passwordless.config import VERSION except ImportError: From c0a870a92912d83d369bcaf85fb0f94c363ed6fa Mon Sep 17 00:00:00 2001 From: Xiaofan Zhou Date: Wed, 28 Aug 2024 17:22:11 +0800 Subject: [PATCH 3/4] update --- .../_credential_free.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py index 2f52c970e96..7e550e5b8c3 100644 --- a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py +++ b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py @@ -960,15 +960,15 @@ def get_create_query(self): ] -def getSourceHandler(cmd, source_id, source_type): +def getSourceHandler(source_id, source_type): if source_type in {RESOURCE.WebApp, RESOURCE.FunctionApp}: - return WebappHandler(cmd, source_id, source_type) + return WebappHandler(source_id, source_type) if source_type in {RESOURCE.ContainerApp}: - return ContainerappHandler(cmd, source_id, source_type) + return ContainerappHandler(source_id, source_type) if source_type in {RESOURCE.SpringCloud, RESOURCE.SpringCloudDeprecated}: - return SpringHandler(cmd, source_id, source_type) + return SpringHandler(source_id, source_type) if source_type in {RESOURCE.Local}: - return LocalHandler(cmd, source_id, source_type) + return LocalHandler(source_id, source_type) return None From 8059ec151d180aa00ed0438659e8ca43ed9080eb Mon Sep 17 00:00:00 2001 From: Xiaofan Zhou Date: Tue, 3 Sep 2024 11:10:19 +0800 Subject: [PATCH 4/4] remove msrestazure --- .../azext_serviceconnector_passwordless/_credential_free.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py index 7e550e5b8c3..5d37e0b809d 100644 --- a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py +++ b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py @@ -8,7 +8,7 @@ import sys import re from knack.log import get_logger -from msrestazure.tools import parse_resource_id +from azure.mgmt.core.tools import parse_resource_id from azure.cli.core import telemetry from azure.cli.core.azclierror import ( AzureConnectionError,