Azure

AZ Cli unable to find Azure DevOps groups

AZ Cli unable to find Azure DevOps groups

I came across a strange issue today while trying to automate working with groups in Azure DevOps. I needed to get their security descriptor to add some members and permissions. Three of the four groups could be resolved fine, but for some reason I couldn’t find the fourth. I could see it in the portal, but the az cli couldn’t return it. When i looked in the portal, the groups wer the same apart from their names.

$groupName = "[test-project]\frontEnd Devs"

az.cmd devops security group list `
                    --org "https://dev.azure.com/cgfootman/" `
                    --scope organization `
                    --subject-types vssgp `
                    --query "graphGroups[?@.principalName == '$groupName'].descriptor | [0]"

Initially I thought it might be that I was trying to select the security descriptor. So I tried the command without specifically selecting the property. Again it could only find 3 out of the 4 groups.

$groupName = "[test-project]\frontEnd Devs"

az.cmd devops security group list `
                    --org "https://dev.azure.com/cgfootman/" `
                    --scope organization `
                    --subject-types vssgp `
                    --query "graphGroups[?@.principalName == '$groupName']"

I read the docs and it talked about the –project or -p switch that allowed you to scope your command to the specific project you were dealing with. This seemed like a sensible thing to do anyway, so I added it.

$groupName = "[test-project]\frontEnd Devs"
$projectName = "timeApplication"

az.cmd devops security group list `
                    --org "https://dev.azure.com/cgfootman/" `
                    --scope organization `
                    --subject-types vssgp `
                    --project  $projectName `
                    --query "graphGroups[?@.principalName == '$groupName']"

When I ran the command, it brought back the 4th group. This must be a bug of some description, but I still couldn’t see what was different with my 4th group to make it unsearchable. Very odd