azure icon indicating copy to clipboard operation
azure copied to clipboard

Published 20 hours ago verified publisher icon ansible-collections

ad_serviceprincipal_info does not properly list all service principals

Open kent007 opened this issue 11 months ago • 0 comments

SUMMARY

ad_serviceprincipal_info does not properly list all service principals when neither object_id nor app_id are specified. This is due to the filter incorrectly including the app_id for every invocation. When app_id is None, the results are always blank.

ISSUE TYPE
  • Bug Report
COMPONENT NAME

azure_rm_adserviceprincipal_info

ANSIBLE VERSION
ansible [core 2.11.12]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/kmcdonough/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = <redacted>
  ansible collection location = /home/kmcdonough/.ansible/collections:/usr/share/ansible/collections
  executable location = <redacted>
  python version = 3.8.10 (default, Nov 22 2023, 10:22:35) [GCC 9.4.0]
  jinja version = 3.1.2
  libyaml = True
COLLECTION VERSION
2.1.1
CONFIGURATION
n/a
OS / ENVIRONMENT
$ cat /etc/os-release
NAME="Ubuntu"
VERSION="20.04.6 LTS (Focal Fossa)"
STEPS TO REPRODUCE

Invoke the module with no arguments

        - name: get all application service principals
          azure.azcollection.azure_rm_adserviceprincipal_info:
          register: all_service_principals
EXPECTED RESULTS

The registered variable should contain a list of all service principals in the tenant

ACTUAL RESULTS

The module always returns an empty list, as the filter is misconfigured by default

ok: [abbpsd-dev-strawman] => {
    "changed": false,
    "invocation": {
        "module_args": {
            "ad_user": null,
            "adfs_authority_url": null,
            "api_profile": "latest",
            "app_id": null,
            "auth_source": "auto",
            "cert_validation_mode": null,
            "client_id": null,
            "cloud_environment": "AzureCloud",
            "log_mode": null,
            "log_path": null,
            "object_id": null,
            "password": null,
            "profile": null,
            "secret": null,
            "subscription_id": null,
            "tenant": null,
            "thumbprint": null,
            "x509_certificate_path": null
        }
    },
    "service_principals": [] <-- this is incorrect, the tenant has many service principals
}

kent007 avatar Mar 05 '24 17:03 kent007