Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deleting Azure Network Manager right after deleting ANM Connection resource will ruin the subscription #23188

Open
teowa opened this issue Mar 21, 2023 · 2 comments
Open

Deleting Azure Network Manager right after deleting ANM Connection resource will ruin the subscription #23188

teowa opened this issue Mar 21, 2023 · 2 comments
Labels
Network Service Attention Workflow: This issue is responsible by Azure service team.

Comments

@teowa
Copy link
Contributor

teowa commented Mar 21, 2023
edited
Loading

Swagger:

azure-rest-api-specs/specification/network/resource-manager/Microsoft.Network/stable/2022-07-01/networkManagerScopeConnection.json

Line 128 in 85fb4ac

"operationId": "ScopeConnections_Delete",

azure-rest-api-specs/specification/network/resource-manager/Microsoft.Network/stable/2022-07-01/networkManagerConnection.json

Line 122 in 85fb4ac

"operationId": "SubscriptionNetworkManagerConnections_Delete",

azure-rest-api-specs/specification/network/resource-manager/Microsoft.Network/stable/2022-07-01/networkManagerConnection.json

Line 275 in 85fb4ac

"operationId": "ManagementGroupNetworkManagerConnections_Delete",

azure-rest-api-specs/specification/network/resource-manager/Microsoft.Network/stable/2022-07-01/networkManager.json

Line 125 in 85fb4ac

"operationId": "NetworkManagers_Delete",

Reproduce Step:

  1. Create the NetworkManager and ScopeConnection or SubscriptionNetworkManagerConnections or ManagementGroupNetworkManagerConnections resource.
  2. Call the ScopeConnections_Delete, SubscriptionNetworkManagerConnections_Delete or NetworkManagers_Delete, and then immediately (within one sec) calling the NetworkManagers_Delete method.
  3. Cannot create new Network Manager same in test subscription any more. Creating a new Network Manager using the same subscription as scope will fail and returns error like: "Cannot have two Network Managers applied to the same object overlapping scope accesses. Scope id: /subscriptions/xxx. Network Manager Id: /subscriptions/xxx/resourceGroups/wt-media-resources/providers/Microsoft.Network/networkManagers/wtest. Overlapping accesses: SecurityAdmin", but step2 has successfully deleted the ANM, and there should be no ANM covering the subscription.
@ghost ghost added the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Mar 21, 2023
@teowa teowa changed the title Deleting Azure Network Manager right after deleting ANM Connection resource will break the subscription used as ANM scope Deleting Azure Network Manager right after deleting ANM Connection resource will ruin the subscription Mar 21, 2023
teowa added a commit to teowa/terraform-provider-azurerm that referenced this issue Mar 21, 2023
@teowa
link to Azure/azure-rest-api-specs#23188
5ff260a
This was referenced Mar 21, 2023
Merged
Closed
@JackTn JackTn added Network Service Attention Workflow: This issue is responsible by Azure service team. labels Mar 21, 2023
@ghost ghost removed the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Mar 21, 2023
@ghost
Copy link

ghost commented Mar 21, 2023

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @aznetsuppgithub.

Issue Details

Swagger:

azure-rest-api-specs/specification/network/resource-manager/Microsoft.Network/stable/2022-07-01/networkManagerScopeConnection.json

Line 128 in 85fb4ac

"operationId": "ScopeConnections_Delete",

azure-rest-api-specs/specification/network/resource-manager/Microsoft.Network/stable/2022-07-01/networkManagerConnection.json

Line 122 in 85fb4ac

"operationId": "SubscriptionNetworkManagerConnections_Delete",

azure-rest-api-specs/specification/network/resource-manager/Microsoft.Network/stable/2022-07-01/networkManagerConnection.json

Line 275 in 85fb4ac

"operationId": "ManagementGroupNetworkManagerConnections_Delete",

azure-rest-api-specs/specification/network/resource-manager/Microsoft.Network/stable/2022-07-01/networkManager.json

Line 125 in 85fb4ac

"operationId": "NetworkManagers_Delete",

Reproduce Step:

  1. Create the NetworkManager and ScopeConnection or SubscriptionNetworkManagerConnections or ManagementGroupNetworkManagerConnections resource.
  2. Call the ScopeConnections_Delete, SubscriptionNetworkManagerConnections_Delete or NetworkManagers_Delete, and then immediately (within one sec) calling the NetworkManagers_Delete method.
  3. Cannot create new Network Manager same in test subscription any more. Creating a new Network Manager using the same subscription as scope will fail and returns error like: "Cannot have two Network Managers applied to the same object overlapping scope accesses. Scope id: /subscriptions/xxx. Network Manager Id: /subscriptions/xxx/resourceGroups/wt-media-resources/providers/Microsoft.Network/networkManagers/wtest. Overlapping accesses: SecurityAdmin", but step2 has successfully deleted the ANM, and there should be no ANM covering the subscription.
Author: teowa
Assignees: -
Labels:

Network, Service Attention, needs-triage
Milestone: -

@tombuildsstuff
Copy link
Contributor

ping @aznetsuppgithub any update here?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Network Service Attention Workflow: This issue is responsible by Azure service team.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tombuildsstuff @JackTn @teowa