azure: az resource list missing tags - azure-cloud-shell

It tells me I have null tags if I list my resources with az resource list --tag Departement=Finance
az resource list --tag Departement=Finance
[
{
"id": "/subscriptions/28b7bf82-0a7d-4ca7-9827-811c620d6d52/resourceGroups/msftlearn-core-infrastructure-rg/providers/Microsoft.Network/virtualNetworks/msftlearn-vnet1",
"identity": null,
"kind": null,
"location": "switzerlandnorth",
"managedBy": null,
"name": "msftlearn-vnet1",
"plan": null,
"properties": null,
"resourceGroup": "msftlearn-core-infrastructure-rg",
"sku": null,
"tags": null,
"type": "Microsoft.Network/virtualNetworks"
}
]
But with az resource list --resource-group msftlearn-core-infrastructure-rg it shows me all the tags.
az resource list --resource-group msftlearn-core-infrastructure-rg
[
{
"id": "/subscriptions/28b7bf82-0a7d-4ca7-9827-811c620d6d52/resourceGroups/msftlearn-core-infrastructure-rg/providers/Microsoft.Network/virtualNetworks/msftlearn-vnet1",
"identity": null,
"kind": null,
"location": "switzerlandnorth",
"managedBy": null,
"name": "msftlearn-vnet1",
"plan": null,
"properties": null,
"resourceGroup": "msftlearn-core-infrastructure-rg",
"sku": null,
"tags": {
"Departement": "Finance",
"Environment": "learn"
},
"type": "Microsoft.Network/virtualNetworks"
},
{
"id": "/subscriptions/28b7bf82-0a7d-4ca7-9827-811c620d6d52/resourceGroups/msftlearn-core-infrastructure-rg/providers/Microsoft.Network/virtualNetworks/msftlearn-vnet2",
"identity": null,
"kind": null,
"location": "switzerlandnorth",
"managedBy": null,
"name": "msftlearn-vnet2",
"plan": null,
"properties": null,
"resourceGroup": "msftlearn-core-infrastructure-rg",
"sku": null,
"tags": {
"Departement": "Marketing",
"Environment": "learn"
},
"type": "Microsoft.Network/virtualNetworks"
}
]
Is this a bug or does it have to be like this?


It is not a bug.
The command az resource list --tag Departement=Finance essentially calls this REST API Resources - List with the $filter, you could use --debug in the command to check.
az resource list --tag Departement=Finance --debug
The response will not include the tags property, so the tags will be null of the command result. You can also click the Try it button in this link, login to test with $filter directly.
GET https://management.azure.com/subscriptions/xxxxxx/resources?api-version=2019-10-01&%24filter=tagName%20eq%20%27Departement%27%20and%20tagValue%20eq%20%27Finance%27
When running az resource list --resource-group msftlearn-core-infrastructure-rg, it calls Resources - List By Resource Group, the tags will be included in the result.

Related

Graph API - Security eDiscovery API Export Questions

We have an application that uses the Security eDiscovery Graph API URLs to create exports based on a Case/Review Set that already exists within the Microsoft Compliance solution. The solution is correctly exporting to the Storage Account container we select, but we do not have a way to determine which folder in the container the export was sent to. See below for example flow/output.
Create Export call (https://learn.microsoft.com/en-us/graph/api/security-ediscoveryreviewset-export?view=graph-rest-beta&tabs=http):
https://graph.microsoft.com/beta/security/cases/ediscoveryCases/{CASE_ID}/reviewSets/{REVIEW_SET}/export
Payload sent:
{
"outputName": "{OUTPUT}",
"description": "",
"exportOptions": "originalFiles",
"exportStructure": "directory",
"azureBlobContainer": "{REDACTED}",
"azureBlobToken": "{REDACTED}"
}
First Response from URL in Location Header:
https://graph.microsoft.com/beta/security/cases/ediscoverycases({CASE_ID})/operations({OPERATION_ID})
{
"#odata.context": "https://graph.microsoft.com/beta/$metadata#security/cases/ediscoveryCases({CASE_ID})/operations/$entity",
"#odata.type": "#microsoft.graph.security.ediscoveryExportOperation",
"createdDateTime": "2023-02-16T15:16:12.2704755Z",
"completedDateTime": "0001-01-01T00:00:00Z",
"percentProgress": 0,
"status": "running",
"action": "contentExport",
"id": "86b2309224dd42ccb79271245ea542b6",
"outputName": "{REDACTED}",
"description": "",
"outputFolderId": null,
"azureBlobContainer": null,
"azureBlobToken": null,
"exportOptions": null,
"exportStructure": "none",
"createdBy": {
"application": null,
"user": {
"id": null,
"displayName": null,
"userPrincipalName": "{REDACTED}"
}
}
}
Response when progress hits 100%
{
"#odata.context": "https://graph.microsoft.com/beta/$metadata#security/cases/ediscoveryCases({CASE_ID})/operations/$entity",
"#odata.type": "#microsoft.graph.security.ediscoveryExportOperation",
"createdDateTime": "2023-02-16T15:16:12.2704755Z",
"completedDateTime": "2023-02-16T15:28:16.438Z",
"percentProgress": 100,
"status": "succeeded",
"action": "contentExport",
"id": "86b2309224dd42ccb79271245ea542b6",
"outputName": "{REDACTED}",
"description": "",
"outputFolderId": null,
"azureBlobContainer": null,
"azureBlobToken": null,
"exportOptions": null,
"exportStructure": "none",
"createdBy": {
"application": null,
"user": {
"id": null,
"displayName": null,
"userPrincipalName": "{REDACTED}"
}
}
}
Notice that several fields from the Operations call (https://learn.microsoft.com/en-us/graph/api/resources/security-ediscoveryexportoperation?view=graph-rest-beta) are set to null including exportOptions, azureBlobContainer, azureBlobToken, and exportOptions. Then exportStructure is set incorrectly to none.
The exported folder looks like below in the Azure Storage account. That GUID is not surfaced anywhere in the API calls we are getting and makes it very difficult to download the exported files programatically. Is this possible currently?

Retrieve homePhone, mobilePhone and faxPhone from Delve Profile using Graph API

I am trying to retrieve the information in the red box via the graph api resource:
https://graph.microsoft.com/beta/me/profile
Here is the return:
"phones": [
{
"displayName": null,
"type": "business",
"number": "xxxxxxxxxx",
"allowedAudiences": "organization",
"createdDateTime": "2021-06-21T23:36:38.0912984Z",
"inference": null,
"lastModifiedDateTime": "2021-06-21T23:36:38.0912984Z",
"id": "a28e87ba-25xx-45xx-8fxx-5f340b597fxx",
"isSearchable": false,
"createdBy": {
"device": null,
"user": null,
"application": {
"displayName": "AAD",
"id": null
}
},
"lastModifiedBy": {
"device": null,
"user": null,
"application": {
"displayName": "AAD",
"id": null
}
},
"source": {
"type": [
"AAD"
]
}
}
],
It looks to only be returning the info from AAD, not the fields in the Delve profile. Upon further research I found these fields are actually linked to the SharePoint online profile. Is there a way to grab this information using the Graph API?

MS Teams Graph API: Get all teams user(s) are apart of

I want to use the graph api to get the teams a list of users is a member/owner of. I am using this endpoint to pass the list of users, then select the properties of the group that I am interested in:
/beta/users/$filter=id+in+('user-1','user-2','user-15')$expand=transitiveMemberOf($select=id,resourceProvisioningOptions,displayName,mailNickname)&$select=id,resourceProvisioningOptions,displayName
This will return a list of groups the member is apart of, including the Teams the member is apart of (up to 15 users). It will filter the groups to only return id,resourceProvisioningOption,displayName and mailNickname.
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#users(id,resourceProvisioningOptions,displayName,transitiveMemberOf(id,resourceProvisioningOptions,displayName,mailNickname))",
"value": [
{
"id": "user-1",
"displayName": "Jeff Smith",
"transitiveMemberOf": [
{
"#odata.type": "#microsoft.graph.directoryRole",
"id": "directoryRole-1",
"displayName": null
},
{
"#odata.type": "#microsoft.graph.directoryRole",
"id": "directoryRole-2",
"displayName": null
},
{
"#odata.type": "#microsoft.graph.group",
"id": "team-id-1",
"resourceProvisioningOptions": [
"Team"
],
"displayName": "My Team 1",
"mailNickname": "MyTeam1"
},
{
"#odata.type": "#microsoft.graph.directoryRole",
"id": "directoryRole-3",
"displayName": null
},
{
"#odata.type": "#microsoft.graph.group",
"id": "team-id-2",
"resourceProvisioningOptions": [
"Team"
],
"displayName": "My Team 2",
"mailNickname": "MyTeam2"
}
]
}
]
}
Since the user is apart of Azure directory groups, those are returned, but the resourceProvisioningOptions identifies if the user is on a team. In this case - 2 teams.
Problem
When looking in the Teams App, we see that the user is actually apart of the 10 different teams.
When calling this endpoint: https://graph.microsoft.com/v1.0/users/user-1/joinedTeams we see that the user is apart of 10 teams
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#teams",
"#odata.count": 10,
"value": [
{
"id": "team-id-1",
"createdDateTime": null,
"displayName": "Team 1",
"description": "Team1",
"internalId": null,
"classification": null,
"specialization": null,
"visibility": null,
"webUrl": null,
"isArchived": false,
"isMembershipLimitedToOwners": null,
"memberSettings": null,
"guestSettings": null,
"messagingSettings": null,
"funSettings": null,
"discoverySettings": null,
"summary": null
},
{
"id": "team-id-2",
"createdDateTime": null,
"displayName": "Team 2",
"description": "Team2",
"internalId": null,
"classification": null,
"specialization": null,
"visibility": null,
"webUrl": null,
"isArchived": false,
"isMembershipLimitedToOwners": null,
"memberSettings": null,
"guestSettings": null,
"messagingSettings": null,
"funSettings": null,
"discoverySettings": null,
"summary": null
},
...
{
"id": "team-id-10",
"createdDateTime": null,
"displayName": "Team 3",
"description": "Team3",
"internalId": null,
"classification": null,
"specialization": null,
"visibility": null,
"webUrl": null,
"isArchived": false,
"isMembershipLimitedToOwners": null,
"memberSettings": null,
"guestSettings": null,
"messagingSettings": null,
"funSettings": null,
"discoverySettings": null,
"summary": null
}
]
}
Questions:
Is there another endpoint that I can use to pass a list of users and get the teams they are owner/member of?
Why is the data different between endpoints
I am trying to avoid calling the /joinedTeams endpoint due to number of users and rate limiting.

You could use the /joinedTeams endpoint, but also put those calls in a batch to MS Graph.
See: https://learn.microsoft.com/en-us/graph/json-batching
This would allow you to send a batch of 20 (i think) requests in one call to the graph making it much faster and less likely to be throttled.

spring-data-elasticsearcher :How can i use route to delete document in spring data elasticsearcher

my child document mapping is:
{
"_index": "test-index",
"_type": "test_type",
"_id": "AVznf5cOTLguhbQOC8aV",
"_version": 1,
"_score": null,
"_routing": "1b973ddd-0aa9-4578-9bf9-74125a3c7r4d",
"_parent": "1b973ddd-0aa9-4578-9bf9-74125a3c7r4d",
"_source": {
"id": null,
"email": "test#hempel.com",
"actionDate": "2017-06-20T08:43:52.000Z",
"actionStatus": "SENT_SUCCESS",
"description": "",
"ip": "0.0.0.0",
"address": "",
"browser": null,
"os": "",
"taskId": "1b973ddd-0aa9-4578-9bf9-74125a3c7f4d",
"taskName": "007",
"actionStatusName": "SENT_SUCCESS",
"new": true
},
"sort": [
"test#hempel.com"
]
}
you can see, it's child document, so every time i query the document like this:
test_index/test_type/AVznWID-TLguhbQOC2Zt?routing=89293986-7d08-4e73-be1e-1ec9e136b440 /Get
well , so delete will like this:
test_index/test_type/AVznWID-TLguhbQOC2Zt?routing=89293986-7d08-4e73-be1e-1ec9e136b440 /delete
but the problem is ,how can i query and delete the document with routing value do this job by using spring data elasticsearcher:
ElasticsearchTemplate

well,i have found a way to resolve this problem,just using:
org.elasticsearch.action.delete # "DeleteRequest"
in some cases,we have come to rely too much on the tool

Filter contacts in outlook API using startswith()

I am trying to get a list of contacts that are filtered by email address from Microsoft Outlook API (Contact API). The url I am using for the request is:
https://outlook.office.com/api/v2.0/me/contacts/?$filter=EmailAddresses/any(email: startswith(email/Address,'ab'))
The filter property $filter=EmailAddresses/any(email: email/Address eq 'ab') is working fine.
Here EmailAddresses field is a list containing name, address fields.
UPDATE
Original response :
{
"#odata.context": "https://outlook.office.com/api/v2.0/$metadata#Me/Contacts",
"value": [
{
..................................
..................................
"DisplayName": "Abhishek R",
"GivenName": "Abhishek",
"Initials": null,
"MiddleName": null,
"NickName": null,
"Surname": "R",
"Title": null,
"YomiGivenName": null,
"YomiSurname": null,
"YomiCompanyName": null,
"Generation": null,
"ImAddresses": [],
"JobTitle": null,
"CompanyName": null,
"Department": null,
"OfficeLocation": null,
"Profession": null,
"BusinessHomePage": null,
"AssistantName": null,
"Manager": null,
"HomePhones": [],
"MobilePhone1": null,
"BusinessPhones": [],
"SpouseName": null,
"PersonalNotes": null,
"Children": [],
"EmailAddresses": [
{
"Name": "abhishek#gmail.com",
"Address": "abhishek#gmail.com"
},
{
"Name": "abcdef#gmail.com",
"Address": "abcdef#gmail.com"
}
],
"HomeAddress": {},
"BusinessAddress": {},
"OtherAddress": {}
}
]
}
The response I got is:
{
"error": {
"code": "ErrorInvalidUrlQueryFilter",
"message": "The query filter contains one or more invalid nodes."
}
}
Looking for a solution to this.

Resources