Updated the code in the common_columns.go file to use the subscription_id returned by the List Subscriptions API Closes #947 (#948)

ParthaI · web-flow · commit 99d49a7e5e4e · 2025-09-19T20:09:31.000+05:30
diff --git a/azure/common_columns.go b/azure/common_columns.go
@@ -3,6 +3,7 @@ package azure
 import (
 	"context"
 
+	"github.com/Azure/azure-sdk-for-go/profiles/latest/resources/mgmt/subscriptions"
 	"github.com/turbot/steampipe-plugin-sdk/v5/grpc/proto"
 	"github.com/turbot/steampipe-plugin-sdk/v5/memoize"
 	"github.com/turbot/steampipe-plugin-sdk/v5/plugin"
@@ -54,7 +55,24 @@ func getSubscriptionIDUncached(ctx context.Context, d *plugin.QueryData, h *plug
 	if err != nil {
 		return nil, err
 	}
-	return session.SubscriptionID, nil
+
+	client := subscriptions.NewClientWithBaseURI(session.ResourceManagerEndpoint)
+	client.Authorizer = session.Authorizer
+	subscriptionID := session.SubscriptionID
+
+	// Always fetch the subscription ID via an API call instead of relying on session.SubscriptionID.
+	// The session value cannot be guaranteed to be consistent, particularly because `subscription_id`
+	// is used as a connection-level key qualifier. Subscription ID may differ in letter casing,
+	// which causes mismatches during query evaluation. To ensure consistency, we normalize the process
+	// by retrieving the subscription ID through the API and reusing that value across connection-level
+	// key quals and table-level columns.
+	op, err := client.Get(ctx, subscriptionID)
+	if err != nil {
+		plugin.Logger(ctx).Error("getSubscriptionIDUncached", "error", err)
+		return nil, err
+	}
+
+	return *op.SubscriptionID, nil
 }
 
 // if the caching is required other than per connection, build a cache key for the call and use it in Memoize.
diff --git a/azure/plugin.go b/azure/plugin.go
@@ -92,7 +92,7 @@ func Plugin(ctx context.Context) *plugin.Plugin {
 			// ~2,000 GET/10s per vault
 			{
 				Name:       "azure_key_vault_secret",
-				FillRate:   40, 
+				FillRate:   40,
 				BucketSize: 400,
 				Scope:      []string{"connection", "subscription", "vault"},
 				Where:      "service = 'Microsoft.KeyVault' and action = 'vaults/secrets/read'",
@@ -300,5 +300,11 @@ func getSubscriptionIdForConnection(ctx context.Context, d *plugin.QueryData, h
 	if err != nil {
 		return nil, err
 	}
-	return subscriptionID, nil
+	
+	// The value must be returned as a string because connection-level quals do not support transform functions.
+	// If the value is not returned as a string, queries that filter on subscription_id in the WHERE clause
+	// (e.g., "SELECT id, subscription_id FROM azure_resource WHERE subscription_id = 'd46d7416...'")
+	// will produce empty results due to a type mismatch during query evaluation.
+	subscriptionIDStr := subscriptionID.(string)
+	return subscriptionIDStr, nil
 }
