I am running the Azure command-line interface (azure-cli) against an Azure key vault.
I do this:
$ az keyvault secret list --vault-name <name-of-my-vault> --maxresults 10
[Errno 22] Invalid argument
This command once worked, but a week or two ago it stopped working and started throwing this error ([Errno 22] Invalid argument). How can I debug this?
I am logged in with az login. My account has the following security roles (RBAC) for the key vault in question:
- Owner
- Contributor
- Key Vault Certificates Officer
- Key Vault Secrets Officer
I have version 2.30.0 of azure-cli installed. I got the same error in 2.27.0. I also see it on a Jenkins build server, running 2.27.0.
My key vault contains a bit over 200 secrets (a few of them have multiple versions). None of them are expired; in fact none of them have an expiration date.
Thanks in advance.
CodePudding user response:
As @WaitingForGuacamole suggested in the comment section, I have tested in my environment
I created secrets in the Key Vault with expiration dates as follows:
Now, I logged in to Azure CLI and ran the below command:
az keyvault secret list --vault-name <name-of-my-vault> --maxresults 10
I got the same error:
Now, I deleted the secret with expiration date: 1/1/3008 and ran the same command again
It ran without any error. It listed the secrets in my key vault
So, the best way to debug the issue is to check the expiration date of all the secrets in the key vault. Make sure to have the expiration date of secrets before 3000-01-01
CodePudding user response:
Inspired by the answer by @RamaraoAdapa-MT, I think I found the answer. There were no bad secrets in my vault, but there appears to have been a bad certificate. I deleted this certificate from my vault, and now I can get secrets again.
