azure-rest-api-specs icon indicating copy to clipboard operation
azure-rest-api-specs copied to clipboard

Published 20 hours ago verified publisher icon Azure

[Bug] VM extension `settings` property returned by `VirtualMachines.Get` is not Json Object

Open XiaofeiCao opened this issue 1 year ago • 1 comments

Originated from IcM: https://portal.microsofticm.com/imp/v3/incidents/incident/449703041/summary

API: https://github.com/Azure/azure-rest-api-specs/blob/main/specification/compute/resource-manager/Microsoft.Compute/ComputeRP/stable/2020-12-01/compute.json#L3226

Response:

{
  "name": "KeyVaultForLinux",
  "id": "/subscriptions/REDACTED/resourceGroups/rg-xiaofei5/providers/Microsoft.Compute/virtualMachines/test2023122005/extensions/KeyVaultForLinux",
  "type": "Microsoft.Compute/virtualMachines/extensions",
  "location": "eastus",
  "properties": {
    "autoUpgradeMinorVersion": true,
    "provisioningState": "Updating",
    "publisher": "Microsoft.Azure.KeyVault",
    "type": "KeyVaultForLinux",
    "typeHandlerVersion": "1.0",
    "settings": "secretsManagementSettings" // this is not Json
  }
}

This seems to contradict with the swagger definition: https://github.com/Azure/azure-rest-api-specs/blob/main/specification/compute/resource-manager/Microsoft.Compute/ComputeRP/stable/2020-12-01/compute.json#L7774

"settings": {
  "type": "object",
  "description": "Json formatted public settings for the extension."
}

This issue exists on latest 2023-07-01 as well.

XiaofeiCao avatar Dec 20 '23 10:12 XiaofeiCao

Hi Xiaofei, to clarify - your issue is that this returns the 'secretsmanagementsettings' and not the JSON value of those setttings?

TravisCragg-MSFT avatar Jan 18 '24 20:01 TravisCragg-MSFT

Hi Xiaofei, to clarify - your issue is that this returns the 'secretsmanagementsettings' and not the JSON value of those setttings?

Exactly.

XiaofeiCao avatar Jan 19 '24 02:01 XiaofeiCao

@XiaofeiCao Does this happen on other extensions outside of KeyVault? This seems like an encrypted version of the settings so keys are not in plaintext, which makes sense to me.

TravisCragg-MSFT avatar Jul 23 '24 16:07 TravisCragg-MSFT

@XiaofeiCao Does this happen on other extensions outside of KeyVault? This seems like an encrypted version of the settings so keys are not in plaintext, which makes sense to me.

Yeah, I've only see this happening for KeyVault extension. The setting value is just "secretsManagementSettings"..

XiaofeiCao avatar Jul 24 '24 02:07 XiaofeiCao

@XiaofeiCao we are working on deploying a fix for this, will update this issue once the fix is rolled out.

GabstaMSFT avatar Aug 06 '24 14:08 GabstaMSFT