Azure
(InvalidPolicyAssignmentName) az policy assignment create --name should be consistent with portal and back-end service
Describe the bug
It appears that Azure policy assignments can have names which are longer than 64 characters. The portal workflow allows this, and the resulting assignments seem to work just fine. Even so, az policy assignment create enforces a 64 character limit on --name, failing with InvalidPolicyAssignmentName when the constraint is not satisfied.
If the Azure Policy service really wants this restriction, it should be applied across all admin surfaces (portal, REST, etc.), not specific to Azure CLI. If the Azure Policy service does not really need this restriction (which appears to be the case), then the spurious constraint should be removed from Azure CLI. Either way, it should be consistent across admin surfaces.
Related command
az policy assignment create
Errors
(InvalidPolicyAssignmentName) The policy assignment name 'My demo assignment of [Preview]: Azure security baseline for Linux (powered by OSConfig)' is invalid. The policy assignment name length must not exceed '64' characters. Code: InvalidPolicyAssignmentName Message: The policy assignment name 'My demo assignment of [Preview]: Azure security baseline for Linux (powered by OSConfig)' is invalid. The policy assignment name length must not exceed '64' characters.
Issue script & Debug output
N/A. Seems to be a mismatched or obsolete funcitonal requirement rather than a debugging situation.
Expected behavior
Azure policy assignments can have a name which is longer than 64 characters. The portal workflow allows this, and the resulting assignments seem to work just fine. Even so, az policy assignment create enforces a 64 character limit on --name.
If the back end service really wants this restriction it should be applied across all admin surfaces, not specific to CLI. If the back-end service does not really need this restriction, it should be removed from CLI. Either way, it should be consistent.
Environment Summary
azure-cli 2.61.0 *
core 2.61.0 * telemetry 1.1.0
Dependencies: msal 1.28.0 azure-mgmt-resource 23.1.1
Python location 'C:\Program Files\Microsoft SDKs\Azure\CLI2\python.exe' Extensions directory 'C:\Users\mreyn.azure\cliextensions'
Python (Windows) 3.11.8 (tags/v3.11.8:db85d51, Feb 6 2024, 22:03:32) [MSC v.1937 64 bit (AMD64)]
Legal docs and information: aka.ms/AzureCliLegal
Additional context
No response
Hi @MatthewMWR,
2.61.0 is not the latest Azure CLI(2.62.0).
If you haven't already attempted to do so, please upgrade to the latest Azure CLI version by following https://learn.microsoft.com/en-us/cli/azure/update-azure-cli.
![azure-client-tools-bot-prd[bot] avatar](https://avatars.githubusercontent.com/u/37600188?v=4 "Published by a pub.dev verified publisher"){kind=small}
Hi @MatthewMWR Find similar issue https://github.com/Azure/azure-cli/issues/9177.
| Issue title | Default name for policy assignment exceeds '24' characters. |
| Create time | 2019-04-23 |
| Comment number | 1 |
Please confirm if this resolves your issue.
Do you guys have any idea how the 24 chars value is crafted by the portal??
We're trying to create a policy exemption in bicep but we'd like to have names similar than those created through the portal (which look like 24 chars hash id).
771e3c34728341c3bda5b9a9
Links: https://learn.microsoft.com/en-us/rest/api/policy/policy-exemptions/create-or-update?view=rest-policy-2022-07-01-preview&tabs=HTTP https://github.com/Azure/azure-cli/blob/dev/src/azure-cli/azure/cli/command_modules/resource/custom.py
Bicep closest functions are: uniqueString or guid but not the same result
