Skip to content

Az.StorageSync | Added TenantId of ARC Server and checked with StorageSyncService tenant to prevent unsupported configuration #28355

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 10 commits into
base: main
Choose a base branch
from
Open

Az.StorageSync | Added TenantId of ARC Server and checked with StorageSyncService tenant to prevent unsupported configuration #28355

wants to merge 10 commits into from
+574 −5,367

Conversation

ankushbindlish2
Copy link
Member

@ankushbindlish2 ankushbindlish2 commented Aug 8, 2025
edited
Loading

Description

Mandatory Checklist

  • SHOULD update ChangeLog.md file(s) appropriately
    • Update src/{{SERVICE}}/{{SERVICE}}/ChangeLog.md.
      • A snippet outlining the change(s) made in the PR should be written under the ## Upcoming Release header in the past tense.
    • Should not change ChangeLog.md if no new release is required, such as fixing test case only.
  • SHOULD regenerate markdown help files if there is cmdlet API change. Instruction
  • SHOULD have proper test coverage for changes in pull request.
  • SHOULD NOT adjust version of module manually in pull request

@Copilot Copilot AI review requested due to automatic review settings August 8, 2025 05:17
@azure-client-tools-bot-prd azure-client-tools-bot-prd
Copy link

Thanks for your contribution! The pull request validation has started. Please revisit this comment for updated status.

Copilot
Copilot AI reviewed Aug 8, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR enhances the Azure Storage Sync server registration functionality to validate tenant alignment between ARC servers and Storage Sync Services, preventing unsupported cross-tenant configurations.

  • Extracts tenant ID from server managed identity tokens and compares with Storage Sync Service tenant
  • Refactors server application identity handling to return both application ID and tenant ID asynchronously
  • Adds validation to prevent cross-tenant server registrations with appropriate error messaging

Reviewed Changes

Copilot reviewed 13 out of 16 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
SetRegisteredServerCommand.cs Updated to use new async method for getting server application identity
RegisterServerCommand.cs Added tenant ID validation and passes tenant to registration client
StorageSyncResources.resx Added error message resource for missing Azure context tenant ID
ServerManagedIdentityTokenHelper.cs Added method to extract tenant ID from tokens and updated documentation
ServerManagedIdentityProvider.cs Refactored to return ServerApplicationIdentity with both app ID and tenant ID
ServerApplicationIdentity.cs New class to encapsulate server application identity information
ISyncServerRegistration.cs Updated interface to accept tenant ID parameter
IServerManagedIdentityProvider.cs Updated interface for async operation returning ServerApplicationIdentity
SyncServerRegistrationClientBase.cs Added tenant validation logic in registration process
SyncServerRegistrationClient.cs Updated to use new async identity retrieval method
MockSyncServerRegistrationClientBase.cs Updated mock implementation for new interface
MockSyncServerRegistrationClient.cs Updated mock to return ServerApplicationIdentity objects
MockServerManagedIdentityProvider.cs Updated mock provider for new async interface
Files not reviewed (1)
  • src/StorageSync/StorageSync/Properties/StorageSyncResources.Designer.cs: Language not supported

@ankushbindlish2 ankushbindlish2 added this to the Az 14.4.0 (09/02/2025) milestone Aug 8, 2025
@NoriZC
Copy link
Contributor

NoriZC commented Aug 11, 2025

/azp run

@azure-pipelines Azure Pipelines
Copy link
Contributor

Azure Pipelines successfully started running 3 pipeline(s).

@github-actions GitHub Actions
Copy link

This PR was labeled "needs-revision" because it has unresolved review comments or CI failures.
Please resolve all open review comments and make sure all CI checks are green. Refer to our guide to troubleshoot common CI failures.

@ankushbindlish2
Copy link
Member Author

/azp run

@azure-pipelines Azure Pipelines
Copy link
Contributor

Commenter does not have sufficient privileges for PR 28355 in repo Azure/azure-powershell

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@Manishd79 Manishd79 Manishd79 approved these changes

At least 1 approving review is required to merge this pull request.

Assignees

@NoriZC NoriZC

Labels
None yet
Projects
None yet
Milestone
Az 14.4.0 (09/02/2025)
Development

Successfully merging this pull request may close these issues.
3 participants
@ankushbindlish2 @NoriZC @Manishd79