Skip to content

CLI Steps Not working | For enabling CMK on your existing Azure Cosmos DB account with Continuous backup or Analytical store account #28511

Description

@archanchoudhury-uptycs

Describe the bug

Following the document, https://learn.microsoft.com/en-us/azure/cosmos-db/how-to-setup-customer-managed-keys-existing-accounts#steps-to-enable-cmk-on-your-existing-azure-cosmos-db-account-with-continuous-backup-or-analytical-store-account I am trying to update the CMK to a system managed identify which is not working.

Also, in System Managed Identity, how to get the full resource ID? I am expecting the subscription and resource group would be same of the cosmos db account? If anything else, please route me to that process.

Related command

az cosmosdb update --name "archan-cassandra" --default-identity "SystemAssignedIdentity=subscriptions/XXXXXXX/resourcegroups/archan-RG/providers/Microsoft.ManagedIdentity/systemAssignedIdentities/Object-ID" --resource-group "archan-RG"

Errors

(BadRequest) The given default identity for archan-cassandra is not valid. The format for the default identity is not valid, please use 'FirstPartyIdentity'/'SystemAssignedIdentity'/'UserAssignedIdentity=<UA_resource_id>'
ActivityId: 74501aea-db9c-11ee-8991-00155d7e02ec, Microsoft.Azure.Documents.Common/2.14.0
Code: BadRequest
Message: The given default identity for archan-mongo is not valid. The format for the default identity is not valid, please use 'FirstPartyIdentity'/'SystemAssignedIdentity'/'UserAssignedIdentity=<UA_resource_id>'
ActivityId: 74501aea-db9c-11ee-8991-00155d7e02ec, Microsoft.Azure.Documents.Common/2.14.0

Issue script & Debug output

debug output has account specific information, which can't be shared openly.

Expected behavior

The CMK should be updated with azure system managed identify.

Environment Summary

azure-cli                         2.58.0

core                              2.58.0
telemetry                          1.1.0

Extensions:
ai-examples                        0.2.5
cosmosdb-preview                  0.26.0
ml                                2.23.0
ssh                                2.0.2

Dependencies:
msal                              1.26.0
azure-mgmt-resource             23.1.0b2

Python location '/usr/bin/python3.9'
Extensions directory '/home/archan/.azure/cliextensions'
Extensions system directory '/usr/lib/python3.9/site-packages/azure-cli-extensions'

Python (Linux) 3.9.14 (main, Oct 12 2023, 19:48:32) 
[GCC 11.2.0]

Legal docs and information: aka.ms/AzureCliLegal


Your CLI is up-to-date.

Additional context

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    Auto-AssignAuto assign by botCosmosDBaz cosmosdbService AttentionThis issue is responsible by Azure service team.act-codegen-extensibility-squadbugThis issue requires a change to an existing behavior in the product in order to be resolved.customer-reportedIssues that are reported by GitHub users external to the Azure organization.

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions