Skip to content

az keyvault update --default-action Deny specifies bypasses AzureServices by default. #26200

Description

@samueleresca

Describe the bug

Command Name
az keyvault update

Errors:
Executing the following command: az keyvault update --debug --resource-group {} --name {} --default-action Deny
Also specifies bypass=AzureServices by default. It sends a request body with:

"networkAcls": {"bypass": "AzureServices", "defaultAction": "Deny"},

To Reproduce:

  • Create a keyvault with public access
  • Run az keyvault update --debug --resource-group {} --name {} --default-action Deny to deny public access
  • In the portal, the key vault's network tab has the "Allow public access from specific virtual networks and IP addresses" and the "Allow trusted Microsoft services to bypass this firewall" is checked.

Expected Behavior

The bypass value should be none. az keyvault update

Environment Summary

Linux-5.15.90.1-microsoft-standard-WSL2-x86_64-with-glibc2.31, Ubuntu 20.04.5 LTS
Python 3.10.10
Installer: DEB

azure-cli 2.47.0

Extensions:
ssh 1.1.5

Dependencies:
msal 1.20.0
azure-mgmt-resource 22.0.0

Additional Context

Metadata

Metadata

Assignees

Labels

Auto-AssignAuto assign by botKeyVaultaz keyvaultService AttentionThis issue is responsible by Azure service team.act-identity-squadcustomer-reportedIssues that are reported by GitHub users external to the Azure organization.

Type

No type
No fields configured for issues without a type.

Projects

No projects

Relationships

None yet

Development

No branches or pull requests

Issue actions