Get-AzResourceLock : NoRegisteredProviderFound #18691

hbuckle · 2022-06-23T08:08:36Z

Description

Running Get-AzResourceLock with the scope set to a role assignment ID returns an error

Get-AzResourceLock -Scope "/subscriptions/${subscription_id}/resourceGroups/${resource_group}/providers/Microsoft.ServiceBus/namespaces/${namespace}/providers/Microsoft.Authorization/roleAssignments/${id}"

Get-AzResourceLock: NoRegisteredProviderFound : No registered resource provider found for location 'uksouth' and API version '2015-01-01' for type 'namespaces'. The supported api-versions are '2014-09-01, 2015-08-01, 2017-04-01, 2018-01-01-preview, 2021-01-01-preview, 2021-06-01-preview, 2021-11-01, 2022-01-01-preview'. The supported locations are 'australiaeast, australiasoutheast, centralus, eastus, eastus2, westus2, westus, northcentralus, southcentralus, westcentralus, eastasia, southeastasia, brazilsouth, japaneast, japanwest, northeurope, westeurope, centralindia, southindia, westindia, canadacentral, canadaeast, ukwest, uksouth, koreacentral, koreasouth, francecentral, southafricanorth, uaenorth, australiacentral, switzerlandnorth, germanywestcentral, norwayeast, jioindiawest, westus3, swedencentral'.

Issue script & Debug output

DEBUG: 09:05:51 - GetAzureResourceLockCmdlet begin processing with ParameterSet 'BySpecifiedScope'.
DEBUG: 09:05:51 - using account id 'xxx'...
DEBUG: 09:05:51 - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: [Common.Authentication]: Authenticating using Account: 'xxx', environment: 'AzureCloud', tenant: 'xxx'
DEBUG: 09:05:51 - [SilentAuthenticator] Calling SharedTokenCacheCredential.GetTokenAsync - TenantId:'xxx', Scopes:'https://management.core.windows.net//.default', AuthorityHost:'https://login.microsoftonline.com/', UserId:'xxx'
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - 740ed65c-d5c5-4bc3-ad7c-8ebbd91c5edc] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - 740ed65c-d5c5-4bc3-ad7c-8ebbd91c5edc] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - 740ed65c-d5c5-4bc3-ad7c-8ebbd91c5edc] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - 740ed65c-d5c5-4bc3-ad7c-8ebbd91c5edc] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - 740ed65c-d5c5-4bc3-ad7c-8ebbd91c5edc] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11] Found 1 cache accounts and 0 broker accounts
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11] Returning 1 accounts
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - eaf22c4e-5f01-40eb-8229-6dea26259f82] MSAL MSAL.NetCore with assembly version '4.39.0.0'. CorrelationId(eaf22c4e-5f01-40eb-8229-6dea26259f82)
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - eaf22c4e-5f01-40eb-8229-6dea26259f82] === AcquireTokenSilent Parameters ===
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - eaf22c4e-5f01-40eb-8229-6dea26259f82] LoginHint provided: False
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - eaf22c4e-5f01-40eb-8229-6dea26259f82] Account provided: True
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - eaf22c4e-5f01-40eb-8229-6dea26259f82] ForceRefresh: False
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - eaf22c4e-5f01-40eb-8229-6dea26259f82]
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenSilent
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - False
HomeAccountId - False
CorrelationId - eaf22c4e-5f01-40eb-8229-6dea26259f82
UserAssertion set: False
LongRunningOboCacheKey set: False

DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - eaf22c4e-5f01-40eb-8229-6dea26259f82] === Token Acquisition (SilentRequest) started:
         Scopes: https://management.core.windows.net//.default
        Authority Host: login.microsoftonline.com
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - eaf22c4e-5f01-40eb-8229-6dea26259f82] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - eaf22c4e-5f01-40eb-8229-6dea26259f82] Access token is not expired. Returning the found cache entry. [Current time (06/23/2022 08:05:51) - Expiration Time (06/23/2022 09:24:41 +00:00) - Extended Expiration Time (06/23/2022 09:24:41 +00:00)]
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - eaf22c4e-5f01-40eb-8229-6dea26259f82] Returning access token found in cache. RefreshOn exists ? False
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - eaf22c4e-5f01-40eb-8229-6dea26259f82] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - eaf22c4e-5f01-40eb-8229-6dea26259f82] Fetched access token from host login.microsoftonline.com.
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - eaf22c4e-5f01-40eb-8229-6dea26259f82]
        === Token Acquisition finished successfully:
DEBUG: False MSAL 4.39.0.0 MSAL.NetCore .NET 6.0.5 Microsoft Windows 10.0.19044 [06/23 08:05:51.11 - eaf22c4e-5f01-40eb-8229-6dea26259f82]  AT expiration time: 23/06/2022 09:24:41 +00:00, scopes https://management.core.windows.net//user_impersonation https://management.core.windows.net//.default source Cache from login.microsoftonline.com appHashCode 14175094
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  ExpiresOn: 2022-06-23T09:24:41.0000000+00:00
DEBUG: [Common.Authentication]: Received token with LoginType 'User', Tenant: 'xxx', UserId: 'xxx'
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://management.azure.com/subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.ServiceBus/namespaces/xxx/providers/Microsoft.Authorization/roleAssignments/xxx/providers/Microsoft.Authorization/locks?api-version=2015-01-01

Headers:
User-Agent                    : AzurePowershell/v8.0.0,PSVersion/v7.2.4,Az.ServiceBus/1.9.0,Az.Accounts/2.8.0,Az.Resources/6.0.0
ParameterSetName              : BySpecifiedScope
CommandName                   : Get-AzResourceLock

Body:



DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
BadRequest

Headers:
Cache-Control                 : no-cache
Pragma                        : no-cache
x-ms-failure-cause            : gateway
x-ms-request-id               : 5802d29b-153f-4072-9747-b8224cd8959b
x-ms-correlation-request-id   : 5802d29b-153f-4072-9747-b8224cd8959b
x-ms-routing-request-id       : UKSOUTH:20220623T080551Z:5802d29b-153f-4072-9747-b8224cd8959b
Strict-Transport-Security     : max-age=31536000; includeSubDomains
X-Content-Type-Options        : nosniff
Date                          : Thu, 23 Jun 2022 08:05:50 GMT

Body:
{
  "error": {
    "code": "NoRegisteredProviderFound",
    "message": "No registered resource provider found for location 'uksouth' and API version '2015-01-01' for type 'namespaces'. The supported api-versions are '2014-09-01, 2015-08-01, 2017-04-01, 2018-01-01-preview, 2021-01-01-preview, 2021-06-01-preview, 2021-11-01, 2022-01-01-preview'. The supported locations are 'australiaeast, australiasoutheast, centralus, eastus, eastus2, westus2, westus, northcentralus, southcentralus, westcentralus, eastasia, southeastasia, brazilsouth, japaneast, japanwest, northeurope, westeurope, centralindia, southindia, westindia, canadacentral, canadaeast, ukwest, uksouth, koreacentral, koreasouth, francecentral, southafricanorth, uaenorth, australiacentral, switzerlandnorth, germanywestcentral, norwayeast, jioindiawest, westus3, swedencentral'."
  }
}


DEBUG: 09:05:51 - [ConfigManager] Got [True] from [EnableDataCollection], Module = [], Cmdlet = [].
Get-AzResourceLock: NoRegisteredProviderFound : No registered resource provider found for location 'uksouth' and API version '2015-01-01' for type 'namespaces'. The supported api-versions are '2014-09-01, 2015-08-01, 2017-04-01, 2018-01-01-preview, 2021-01-01-preview, 2021-06-01-preview, 2021-11-01, 2022-01-01-preview'. The supported locations are 'australiaeast, australiasoutheast, centralus, eastus, eastus2, westus2, westus, northcentralus, southcentralus, westcentralus, eastasia, southeastasia, brazilsouth, japaneast, japanwest, northeurope, westeurope, centralindia, southindia, westindia, canadacentral, canadaeast, ukwest, uksouth, koreacentral, koreasouth, francecentral, southafricanorth, uaenorth, australiacentral, switzerlandnorth, germanywestcentral, norwayeast, jioindiawest, westus3, swedencentral'.
CorrelationId: 5802d29b-153f-4072-9747-b8224cd8959b
DEBUG: 09:05:51 - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: AzureQoSEvent: Module: Az.Resources:6.0.0; CommandName: Get-AzResourceLock; PSVersion: 7.2.4; IsSuccess: False; Duration: 00:00:00.2330418; Exception: NoRegisteredProviderFound : No registered resource provider found for location 'uksouth' and API version '2015-01-01' for type 'namespaces'. The supported api-versions are '2014-09-01, 2015-08-01, 2017-04-01, 2018-01-01-preview, 2021-01-01-preview, 2021-06-01-preview, 2021-11-01, 2022-01-01-preview'. The supported locations are 'australiaeast, australiasoutheast, centralus, eastus, eastus2, westus2, westus, northcentralus, southcentralus, westcentralus, eastasia, southeastasia, brazilsouth, japaneast, japanwest, northeurope, westeurope, centralindia, southindia, westindia, canadacentral, canadaeast, ukwest, uksouth, koreacentral, koreasouth, francecentral, southafricanorth, uaenorth, australiacentral, switzerlandnorth, germanywestcentral, norwayeast, jioindiawest, westus3, swedencentral'.
CorrelationId: 5802d29b-153f-4072-9747-b8224cd8959b;
DEBUG: Finish sending metric.
DEBUG: 09:05:51 - GetAzureResourceLockCmdlet end processing.

Environment data

$PSVersionTable

Name                           Value
----                           -----
PSVersion                      7.2.4
PSEdition                      Core
GitCommitId                    7.2.4
OS                             Microsoft Windows 10.0.19044
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Module versions

Get-Module Az*

ModuleType Version    PreRelease Name                                ExportedCommands
---------- -------    ---------- ----                                ----------------
Script     2.8.0                 Az.Accounts                         {Add-AzEnvironment, Clear-AzConfig, Clear-AzContext, Clear-AzDefault…}
Script     4.5.0                 Az.KeyVault                         {Add-AzKeyVaultCertificate, Add-AzKeyVaultCertificateContact, Add-AzKeyVaultKey, Add-AzKeyVaultManagedStorageAccount…}
Script     6.0.0                 Az.Resources                        {Export-AzResourceGroup, Export-AzTemplateSpec, Get-AzDenyAssignment, Get-AzDeployment…}
Script     1.9.0                 Az.ServiceBus                       {Add-AzServiceBusIPRule, Add-AzServiceBusVirtualNetworkRule, Complete-AzServiceBusMigration, Get-AzServiceBusAuthorizationRule…}

Error output

Resolve-AzError

   HistoryId: 54

Message        : NoRegisteredProviderFound : No registered resource provider found for location 'uksouth' and API version '2015-01-01' for type 'namespaces'. The supported api-versions are '2014-09-01, 2015-08-01, 2017-04-01, 2018-01-01-preview,
                 2021-01-01-preview, 2021-06-01-preview, 2021-11-01, 2022-01-01-preview'. The supported locations are 'australiaeast, australiasoutheast, centralus, eastus, eastus2, westus2, westus, northcentralus, southcentralus, westcentralus, eastasia,
                 southeastasia, brazilsouth, japaneast, japanwest, northeurope, westeurope, centralindia, southindia, westindia, canadacentral, canadaeast, ukwest, uksouth, koreacentral, koreasouth, francecentral, southafricanorth, uaenorth, australiacentral,
                 switzerlandnorth, germanywestcentral, norwayeast, jioindiawest, westus3, swedencentral'.
                 CorrelationId: a6a1bc8f-ea38-4ffe-9173-c21ba717c127
StackTrace     :    at Microsoft.Azure.Commands.ResourceManager.Cmdlets.RestClients.ResourceManagerRestClientBase.SendRequestAsync(HttpRequestMessage request, CancellationToken cancellationToken)
                    at Microsoft.Azure.Commands.ResourceManager.Cmdlets.RestClients.ResourceManagerRestClientBase.SendRequestAsync(HttpMethod httpMethod, Uri requestUri, CancellationToken cancellationToken)
                    at Microsoft.Azure.Commands.ResourceManager.Cmdlets.RestClients.ResourceManagerRestClientBase.SendRequestAsync[TResponseType](HttpMethod httpMethod, Uri requestUri, CancellationToken cancellationToken)
                    at Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.GetAzureResourceLockCmdlet.ListResourcesTypeCollection()
                    at Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.GetAzureResourceLockCmdlet.GetResources()
Exception      : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Entities.ErrorResponses.ErrorResponseMessageException
InvocationInfo : {Get-AzResourceLock}
Line           : Get-AzResourceLock -Scope '/subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.ServiceBus/namespaces/xxx/providers/Microsoft.Auth
                 orization/roleAssignments/xxx'
Position       : At line:1 char:1
                 + Get-AzResourceLock -Scope '/subscriptions/xxx …
                 + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HistoryId      : 54

The text was updated successfully, but these errors were encountered:

ghost · 2022-06-26T15:14:36Z

Thank you for your feedback. This has been routed to the support team for assistance.

navba-MSFT · 2022-06-28T03:17:11Z

@hbuckle Apologies for the late reply. Thanks for reaching out to us and reporting this issue. We are looking into this issue and we will provide an update.

navba-MSFT · 2022-06-28T08:17:40Z

@hbuckle Could you please run the below command in order and check if that helps? Awaiting your reply.

$auth=Get-AzAccessToken
$authHeader= $auth.token
Invoke-WebRequest -UseBasicParsing https://management.azure.com/subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.ServiceBus/namespaces/xxx/providers/Microsoft.Authorization/roleAssignments/xxx/providers/Microsoft.Authorization/locks?api-version=2022-01-01-preview -Method GET -Headers @{"Authorization"="Bearer $authHeader"}

Fixes Azure#18691 LockApiVersion="2016-09-01" needs to be changed to "2017-04-01" More Info: https://github.com/Azure/azure-rest-api-specs/tree/main/specification/resources/resource-manager/Microsoft.Authorization/stable/2017-04-01

hbuckle · 2022-06-30T09:16:14Z

I've tried the following

$api_version = '2022-01-01-preview'
$uri = "https://management.azure.com/subscriptions/${subscription_id}/resourceGroups/${resource_group_name}/providers/Microsoft.ServiceBus/namespaces/${namespace_name}/providers/Microsoft.Authorization/roleAssignments/${role_assignment_id}/providers/Microsoft.Authorization/locks?api-version=${api_version}"
Invoke-RestMethod -Authentication Bearer -Token $token -Uri $uri

$api_version = '2017-04-01'
$uri = "https://management.azure.com/subscriptions/${subscription_id}/resourceGroups/${resource_group_name}/providers/Microsoft.ServiceBus/namespaces/${namespace_name}/providers/Microsoft.Authorization/roleAssignments/${role_assignment_id}/providers/Microsoft.Authorization/locks?api-version=${api_version}"
Invoke-RestMethod -Authentication Bearer -Token $token -Uri $uri

$api_version = '2017-04-01'
$uri = "https://management.azure.com/subscriptions/${subscription_id}/resourceGroups/${resource_group_name}/providers/Microsoft.ServiceBus/namespaces/${namespace_name}/providers/Microsoft.Authorization/locks?api-version=${api_version}"
Invoke-RestMethod -Authentication Bearer -Token $token -Uri $uri

The first 2 return an error

uuid:24053f78-6d20-4b32-aa3c-5b2705f597ab;id=1511182022-06-30T09:12:47ZNo HTTP resource was found that matches the request URI
     | 'https://sbgm.windows.net/subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.ServiceBus/namespaces/xxx/providers/Microsoft.Authorization/roleAssignments/xxx/providers/Microsoft.Authorization/locks?api-version=2022-01-01-preview'.

The third one (without the roleassignments) works correctly

navba-MSFT · 2022-06-30T09:23:35Z

@hbuckle Thanks for the update. The above PR is also merged now to use the version'2017-04-01' for the locks.
Did you also test using the az lock list CLI command or az lock show CLI command and check if that works ?

hbuckle added bug This issue requires a change to an existing behavior in the product in order to be resolved. needs-triage This is a new issue that needs to be triaged to the appropriate team. labels Jun 23, 2022

ghost added customer-reported and removed needs-triage This is a new issue that needs to be triaged to the appropriate team. labels Jun 23, 2022

dingmeng-xue added ARM - Core CXP Attention [Deprecated] The Azure CXP Support Team is responsible for this issue. labels Jun 26, 2022

navba-MSFT self-assigned this Jun 28, 2022

navba-MSFT added the needs-author-feedback More information is needed from author to address the issue. label Jun 28, 2022

navba-MSFT mentioned this issue Jun 28, 2022

{AzureCXP} fixes Azure/azure-powershell#18691 #18780

Merged

8 tasks

ghost added needs-team-attention This issue needs attention from Azure service team or SDK team and removed needs-author-feedback More information is needed from author to address the issue. labels Jun 30, 2022

navba-MSFT added needs-author-feedback More information is needed from author to address the issue. and removed needs-team-attention This issue needs attention from Azure service team or SDK team labels Jun 30, 2022

wyunchi-ms closed this as completed in fbf6905 Jul 2, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Get-AzResourceLock : NoRegisteredProviderFound #18691

Get-AzResourceLock : NoRegisteredProviderFound #18691

hbuckle commented Jun 23, 2022

ghost commented Jun 26, 2022

navba-MSFT commented Jun 28, 2022

navba-MSFT commented Jun 28, 2022

hbuckle commented Jun 30, 2022

navba-MSFT commented Jun 30, 2022

Get-AzResourceLock : NoRegisteredProviderFound #18691

Get-AzResourceLock : NoRegisteredProviderFound #18691

Comments

hbuckle commented Jun 23, 2022

Description

Issue script & Debug output

Environment data

Module versions

Error output

ghost commented Jun 26, 2022

navba-MSFT commented Jun 28, 2022

navba-MSFT commented Jun 28, 2022

hbuckle commented Jun 30, 2022

navba-MSFT commented Jun 30, 2022