Describe the bug
Managed Run Command parameters only work when the script is run as the root user on Linux. --parameters and --protected-parameters are not respected when the --run-as-user CLI parameter is also present.
Related command
az vm run-command create \
--resource-group <group> \
--location <region> \
--vm-name <vm> \
--name <name> \
--script 'echo $FOO $BAR' \
--run-as-user <user> \
--parameters FOO=foo \
--protected-parameters BAR=bar
Errors
The above command properly prints foo bar when run without --run-as-user, but prints a blank line when run with --run-as-user
Issue script & Debug output
I can provide full debug output if needed, but I can see from the response that the variables are being passed properly. The issue seems to be with how the target VM processes the request.
{
"asyncExecution": false,
"errorBlobUri": null,
"id": "/subscriptions/<subscription>/resourceGroups/<group>/providers/Microsoft.Compute/virtualMachines/<vm>/runCommands/<name>",
"instanceView": null,
"location": "<region>",
"name": "<name>",
"outputBlobUri": null,
"parameters": [
{
"name": "FOO",
"value": "foo"
}
],
"protectedParameters": null,
"provisioningState": "Succeeded",
"resourceGroup": "<group>",
"runAsPassword": null,
"runAsUser":"<user>",
"source": {
"commandId": null,
"script": "echo $FOO $BAR",
"scriptUri": null
},
"tags": null,
"timeoutInSeconds": 0,
"type": "Microsoft.Compute/virtualMachines/runCommands"
}
Expected behavior
--parameters and --protected-parameters should still work when --run-as-user is present.
Environment Summary
$ az --version
azure-cli 2.53.1
core 2.53.1
telemetry 1.1.0
Extensions:
bastion 0.2.5
ssh 2.0.2
Dependencies:
msal 1.24.0b2
azure-mgmt-resource 23.1.0b2
Python location '/usr/local/Cellar/azure-cli/2.53.1/libexec/bin/python'
Extensions directory '/Users/mhac/.azure/cliextensions'
Python (Darwin) 3.10.13 (main, Aug 24 2023, 22:48:59) [Clang 14.0.3 (clang-1403.0.22.14.1)]
Legal docs and information: aka.ms/AzureCliLegal
Your CLI is up-to-date.
Additional context
No response
Describe the bug
Managed Run Command parameters only work when the script is run as the root user on Linux.
--parametersand--protected-parametersare not respected when the--run-as-userCLI parameter is also present.Related command
az vm run-command create \ --resource-group <group> \ --location <region> \ --vm-name <vm> \ --name <name> \ --script 'echo $FOO $BAR' \ --run-as-user <user> \ --parameters FOO=foo \ --protected-parameters BAR=barErrors
The above command properly prints
foo barwhen run without--run-as-user, but prints a blank line when run with--run-as-userIssue script & Debug output
I can provide full debug output if needed, but I can see from the response that the variables are being passed properly. The issue seems to be with how the target VM processes the request.
{ "asyncExecution": false, "errorBlobUri": null, "id": "/subscriptions/<subscription>/resourceGroups/<group>/providers/Microsoft.Compute/virtualMachines/<vm>/runCommands/<name>", "instanceView": null, "location": "<region>", "name": "<name>", "outputBlobUri": null, "parameters": [ { "name": "FOO", "value": "foo" } ], "protectedParameters": null, "provisioningState": "Succeeded", "resourceGroup": "<group>", "runAsPassword": null, "runAsUser":"<user>", "source": { "commandId": null, "script": "echo $FOO $BAR", "scriptUri": null }, "tags": null, "timeoutInSeconds": 0, "type": "Microsoft.Compute/virtualMachines/runCommands" }Expected behavior
--parametersand--protected-parametersshould still work when--run-as-useris present.Environment Summary
Additional context
No response