Serviceconnector-passwordless Don't change the entra admin if I am already in a group assigned to the entra admin

[shaunpearsondev]

Describe the bug

When running

az webapp connection create sql

My specific user is always assigned to the entra admin for the resource targeted although I already have permissions to perform all the steps due to being in the group assigned

Related command

az webapp connection create sql

Errors

NA

Issue script & Debug output

Setting current user as database server AAD admin: user=xxx object id=yyy

Expected behavior

As I already have permissions the AAD/Entra admin shouldn't need to be changed

Environment Summary

azure-cli 2.54.0

core 2.54.0
telemetry 1.1.0

Extensions:
ai-examples 0.2.5
ml 2.21.1
serviceconnector-passwordless 0.3.12
ssh 2.0.2

Dependencies:
msal 1.24.0b2
azure-mgmt-resource 23.1.0b2

Python location '/usr/bin/python3.9'
Extensions directory '/home/xxx/.azure/cliextensions'
Extensions system directory '/usr/lib/python3.9/site-packages/azure-cli-extensions'

Python (Linux) 3.9.14 (main, Oct 12 2023, 19:48:32)
[GCC 11.2.0]

Legal docs and information: aka.ms/AzureCliLegal

Your CLI is up-to-date.

Additional context

No response

[yonzhan]

Thank you for opening this issue, we will look into it.

[microsoft-github-policy-service]

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @AzureAppServiceCLI, @antcp.

[houk-ms]

@xfz11 please take a look.

[microsoft-github-policy-service]

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @AzureAppServiceCLI, @antcp.

[xfz11]

Hi @shaunpearsondev , thanks for your feedback. Please update the CLI extension to 0.3.13 with az extension add --name serviceconnector-passwordless --upgrade. It will ask for user confirmation before updating Microsoft Entra admin of SQL server.

[houk-ms]

hi @shaunpearsondev, may have a try and free feel to reopen the issue if there're more questions.