Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Interface JitNetworkAccessPolicyInitiatePort is missing the property allowedSourceAddressPrefixes #32353

Open
Yvand opened this issue Dec 24, 2024 · 1 comment
Assignees
Labels
customer-reported Issues that are reported by GitHub users external to the Azure organization. Mgmt This issue is related to a management-plane library. needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team question The issue doesn't require a change to the product in order to be resolved. Most issues start as that Service Attention Workflow: This issue is responsible by Azure service team.

Comments

@Yvand
Copy link

Yvand commented Dec 24, 2024

Is your feature request related to a problem? Please describe.
The interface JitNetworkAccessPolicyInitiatePort is missing the property allowedSourceAddressPrefixes.
Currently, it only includes property allowedSourceAddressPrefix.

Property allowedSourceAddressPrefixes definitely exists: Below is the payload when I initiate the JIT policy request from the portal:

{
    "requests": [
        {
            "content": {
                "virtualMachines": [
                    {
                        "id": "/subscriptions/SUBID/resourceGroups/RGNAME/providers/Microsoft.Compute/virtualMachines/VMNAME",
                        "ports": [
                            {
                                "number": 3389,
                                "duration": "PT10H",
                                "allowedSourceAddressPrefixes": [
                                    "IP1",
                                    "IP2",
                                    "IP3"
                                ]
                            }
                        ]
                    }
                ]
            },
            "httpMethod": "POST",
            "name": "a0bd94fd-7b7c-498d-8f0f-5f474b55b018",
            "requestHeaderDetails": {
                "commandName": "Microsoft_Azure_Compute.ASCArmClient.postInitiateJitRequest"
            },
            "url": "https://management.azure.com/subscriptions/SUBID/resourceGroups/RGNAME/providers/Microsoft.Security/locations/francecentral/jitNetworkAccessPolicies/default/initiate?api-version=2015-06-01-preview"
        }
    ]
}

Describe the solution you'd like
Can you implement the property allowedSourceAddressPrefixes in the interface JitNetworkAccessPolicyInitiatePort?

Describe alternatives you've considered
Current property allowedSourceAddressPrefix does not allow to allow multiple IPs on the same port, while it is perfectly possible from the portal.

Additional context
Below is a screenshot when initiating the request from the Azure portal: It will set the property allowedSourceAddressPrefixes in the payload.
My ask is to allow the same in the SDK

Image

@github-actions github-actions bot added customer-reported Issues that are reported by GitHub users external to the Azure organization. needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels Dec 24, 2024
@jeremymeng jeremymeng added Client This issue points to a problem in the data-plane of the library. Mgmt This issue is related to a management-plane library. labels Dec 30, 2024
@github-actions github-actions bot removed the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Dec 30, 2024
@kazrael2119
Copy link
Contributor

kazrael2119 commented Jan 6, 2025

@Yvand ,Thank you for reaching out to us.
SDK is generated from swagger, and in swagger
https://github.com/Azure/azure-rest-api-specs/blob/main/specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/jitNetworkAccessPolicies.json#L704-L724

JitNetworkAccessPolicyInitiatePort only supports allowedSourceAddressPrefix, I think this should be a service issue, not a sdk issue,
So add Service Attention for awareness to service team

@kazrael2119 kazrael2119 added Service Attention Workflow: This issue is responsible by Azure service team. and removed Client This issue points to a problem in the data-plane of the library. labels Jan 6, 2025
@github-actions github-actions bot added the needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team label Jan 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
customer-reported Issues that are reported by GitHub users external to the Azure organization. Mgmt This issue is related to a management-plane library. needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team question The issue doesn't require a change to the product in order to be resolved. Most issues start as that Service Attention Workflow: This issue is responsible by Azure service team.
Projects
None yet
Development

No branches or pull requests

4 participants