az login fails with NativeCommandError in Powershell ISE

[jatin318]

Describe the bug

when i try to do az login through my command it is showing like this az : WARNING: Select the account you want to log in with. For more information on login with Azure CLI, see https://go.microsoft.com/fwlink/?linkid=2271136
At line:29 char:1

• az login

•   + CategoryInfo          : NotSpecified: (WARNING: Select...?linkid=2271136:String) [], RemoteException
    + FullyQualifiedErrorId : NativeCommandError
  

but when i do az login it is working i am using powershell ise

Related command

this is my powershell script #------------------------------------------------------------USER INPUT PART-------------------------------------------------------------------------------------------

$ErrorActionPreference = "Stop"

Taking necessary credentials from User

do {
$tenantId = Read-Host 'Enter the Tenant Id'
if (!$tenantId) {
Write-Verbose -Message "Tenant Id is Mandatory, Please input Tenant Id" -Verbose
}
} while (!$tenantId)

do {
$subscriptionId = Read-Host 'Enter the Subscription Id'
if (!$subscriptionId) {
Write-Verbose -Message "SubscriptionId is Mandatory, Please input Subscription Id" -Verbose
}
} while (!$subscriptionId)

do {
$resourceGroupName = Read-Host 'Enter the Managed Resource Group Name'
if (!$resourceGroupName) {
Write-Verbose -Message "Managed Resource Group Name is Mandatory, Please input Resource Group Name" -Verbose
}
} while (!$resourceGroupName)

echo 'Login to Azure with your azure login Id and password'

az login
Connect-AzAccount -Subscription $subscriptionId -Tenant $tenantId
az account set --subscription $subscriptionId

Fetch All AKS Clusters in the Resource Group

$clusters = Get-AzResource -ResourceGroupName $resourceGroupName -ResourceType "Microsoft.ContainerService/managedClusters"

if (!$clusters) {
Write-Error "No AKS clusters found in resource group $resourceGroupName"
exit
}

Loop Through Each Cluster and Apply Operations

foreach ($cluster in $clusters) {
$clusterName = $cluster.Name
Write-Host "Processing Cluster: $clusterName"

# Fetch necessary resource names
$mc_resourceGroupName = "MC_" + $resourceGroupName + "_" + $clusterName + "_" + $cluster.Location

# Get Managed Identities
$userManagedIdentityName = $clusterName + "managedidentity"
$mc_managedIdentityName = $clusterName + "_AksCluster-agentpool"

$managedIdentities = Get-AzUserAssignedIdentity -ResourceGroupName $resourceGroupName -SubscriptionId $subscriptionId
$userManagedIdentity = $managedIdentities | Where-Object { $_.Name -eq $userManagedIdentityName }
$userManagedIdentityClientId = $userManagedIdentity.ClientId

# Assign Contributor Role for Managed Identity in MC Resource Group
$mc_identity = Get-AzUserAssignedIdentity -ResourceGroupName $mc_resourceGroupName -Name $mc_managedIdentityName
$mc_objectId = $mc_identity.PrincipalId

az role assignment create --role "Contributor" --assignee-object-id $mc_objectId --assignee-principal-type "ServicePrincipal" --scope "/subscriptions/$subscriptionId/resourceGroups/$mc_resourceGroupName"

# Assign Contributor Role for Managed Identity in AKS Cluster
$userManagedIdentityObjectId = $userManagedIdentity.PrincipalId
az role assignment create --role "Contributor" --assignee-object-id $userManagedIdentityObjectId --assignee-principal-type "ServicePrincipal" --scope "/subscriptions/$subscriptionId/resourceGroups/$resourceGroupName/providers/Microsoft.ContainerService/managedClusters/$clusterName"

# Assign Contributor Role for Service Principal in AKS Cluster
$appId = ($cluster.Properties | Where-Object { $_.Name -eq "clientId" }).Value
$servicePrincipal = Get-AzADServicePrincipal -ApplicationId $appId
$servicePrincipalObjectId = $servicePrincipal.Id

az role assignment create --role "Contributor" --assignee-object-id $servicePrincipalObjectId --assignee-principal-type "ServicePrincipal" --scope "/subscriptions/$subscriptionId/resourceGroups/$resourceGroupName/providers/Microsoft.ContainerService/managedClusters/$clusterName"

# Update VMSS with User-Assigned Managed Identity
$vmss = Get-AzVmss -ResourceGroupName $mc_resourceGroupName
$vmssName = $vmss.Name

Update-AzVmss -ResourceGroupName $mc_resourceGroupName -Name $vmssName -IdentityType UserAssigned -IdentityID $userManagedIdentity.Id

# Kubernetes YAML Deployment for Each Cluster
az aks get-credentials --resource-group $resourceGroupName --name $clusterName

# Kubernetes Managed Identity Definition
$definitionYaml = @"

apiVersion: "aadpodidentity.k8s.io/v1"
kind: AzureIdentity
metadata:
name: $userManagedIdentityName
spec:
type: 0
resourceID: /subscriptions/$subscriptionId/resourcegroups/$resourceGroupName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/$userManagedIdentityName
clientID: $userManagedIdentityClientId
"@

$bindingYaml = @"

apiVersion: "aadpodidentity.k8s.io/v1"
kind: AzureIdentityBinding
metadata:
name: ${userManagedIdentityName}-binding
spec:
azureIdentity: $userManagedIdentityName
selector: $userManagedIdentityName
"@

kubectl apply -f https://raw.githubusercontent.com/Azure/aad-pod-identity/v1.8.14/deploy/infra/deployment-rbac.yaml
$definitionYaml | kubectl.exe apply -f -
$bindingYaml | kubectl.exe apply -f -

# Custom Deployment for Each Cluster
$deploymentYaml = @"

apiVersion: apps/v1
kind: Deployment
metadata:
name: plt-deployment-$clusterName
spec:
replicas: 1
selector:
matchLabels:
app: my-value
template:
metadata:
labels:
app: my-value
aadpodidbinding: $userManagedIdentityName
spec:
containers:
- name: my-app-container
image: powerbiload.azurecr.io/internaltestjob:latest
env:
- name: SQLSERVER
value: "${serverName}.database.windows.net"
- name: DATABASE
value: $databaseName
- name: MANAGEDIDENTITY
value: $userManagedIdentityName
- name: NODECOUNT
value: "$kubeNodeCount"
- name: SUBSCRIPTIONID
value: $subscriptionId
- name: RESOURCEGROUP
value: $resourceGroupName
- name: CLUSTERNAME
value: $clusterName
"@
$deploymentYaml | kubectl.exe apply -f -

Write-Host "Cluster $clusterName processing completed."

}

Write-Host "All clusters have been processed."

Errors

az : WARNING: Select the account you want to log in with. For more information on login with Azure CLI, see https://go.microsoft.com/fwlink/?linkid=2271136
At line:29 char:1

• az login

•   + CategoryInfo          : NotSpecified: (WARNING: Select...?linkid=2271136:String) [], RemoteException
    + FullyQualifiedErrorId : NativeCommandError
  
  
  

Issue script & Debug output

it should login my account

Expected behavior

it should login after selecting the account

Environment Summary

Additional context

No response

[yonzhan]

az login

[jatin318]

i am trying az login but it is throwing this error

[jiasli]

With WAM enabled, az login prints warnings to stderr stream:

Select the account you want to log in with. For more information on login with Azure CLI, see https://go.microsoft.com/fwlink/?linkid=2271136

This is an expected behavior.

In Windows PowerShell ISE, setting $ErrorActionPreference = "Stop" will making PowerShell fail if anything is written to stderr.

> $ErrorActionPreference = "Stop"
> az login
az : WARNING: Select the account you want to log in with. For more information on login with Azure CLI, see https://go.microsoft.com/fwlink/?linkid=2271136
At line:1 char:1
+ az login
+ ~~~~~~~~
    + CategoryInfo          : NotSpecified: (WARNING: Select...?linkid=2271136:String) [], RemoteException
    + FullyQualifiedErrorId : NativeCommandError

However, this error doesn't happen in Windows Terminal's Windows PowerShell. I don't know why.

The correct way to detect if Azure CLI command succeeds is to check the exit code. For more info, see #18372 (comment).

[jatin318]

but it is running on someone else system but facing issue in mine is there any step i am missing for using azure cli