Skip to content

Fixed Set-AzWebApp and Set-AZWebAppSlot to rethrow exception when Service Principal/User doesn't have permission to list web app configuration. [#19942] #20159

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 17, 2022
Merged

Fixed Set-AzWebApp and Set-AZWebAppSlot to rethrow exception when Service Principal/User doesn't have permission to list web app configuration. [#19942] #20159

merged 1 commit into from
Nov 17, 2022

Conversation

rachelxj-ms
Copy link
Contributor

Description

Fixed Set-AzWebApp and Set-AZWebAppSlot to rethrow exception when Service Principal/User doesn't have permission to list web app configuration. [#19942]

In order to update webapp configuration, there are 2 permissions that are required.
"Microsoft.Web/sites/config/write",
"Microsoft.Web/sites/config/list/Action"

When user doesn't have "Microsoft.Web/sites/config/list/Action", Set-AzWebApp and Set-AZWebAppSlot will wipe AppSettings without any error.

The fix will rethrow the exception when it's to update configuration. Get-AzWebApp is left as it being.

The error message will show as below:
image

Checklist

  • SHOULD select appropriate branch. Cmdlets from Autorest.PowerShell should go to generation branch.
  • SHOULD make the title of PR clear and informative, and in the present imperative tense.
  • SHOULD update ChangeLog.md file(s) appropriately
    • For any service, the ChangeLog.md file can be found at src/{{SERVICE}}/{{SERVICE}}/ChangeLog.md
    • A snippet outlining the change(s) made in the PR should be written under the ## Upcoming Release header in the past tense. Add changelog in description section if PR goes into generation branch.
    • Should not change ChangeLog.md if no new release is required, such as fixing test case only.
  • SHOULD have approved design review for the changes in this repository (Microsoft internal only) with following situations
    • Create new module from scratch
    • Create new resource types which are not easy to conform to Azure PowerShell Design Guidelines
    • Create new resource type which name doesn't use module name as prefix
    • Have design question before implementation
  • SHOULD regenerate markdown help files if there is cmdlet API change. Instruction
  • SHOULD have proper test coverage for changes in pull request.
  • SHOULD NOT introduce breaking changes in Az minor release except preview version.
  • SHOULD NOT adjust version of module manually in pull request

Fixed Set-AzWebApp and Set-AZWebAppSlot to rethrow exception when Ser…
e4bd108 
…vice Principal/User doesn't have permission to list web app configuration. [#19942]
BethanyZhou
BethanyZhou approved these changes Nov 17, 2022
View reviewed changes
Copy link
Contributor

@BethanyZhou BethanyZhou left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me

@BethanyZhou
Copy link
Contributor

/azp run azure-powershell - security-tools

@azure-pipelines
Copy link
Contributor

Azure Pipelines successfully started running 1 pipeline(s).

@Nickcandy Nickcandy merged commit ef80b26 into Azure:main Nov 17, 2022
@Ralms Ralms mentioned this pull request Nov 21, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BethanyZhou BethanyZhou BethanyZhou approved these changes

@Kotasudhakarreddy Kotasudhakarreddy Awaiting requested review from Kotasudhakarreddy

@VeryEarly VeryEarly Awaiting requested review from VeryEarly

Assignees
No one assigned
Labels
Waiting for CI :shipit:
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@rachelxj-ms @BethanyZhou @Nickcandy