Disable role assignment check for vnet for Azure Spring Cloud

src/spring-cloud/azext_spring_cloud/_validators.py

@@ -189,7 +189,6 @@ def validate_vnet(cmd, namespace):
         namespace.reserved_cidr_range = _set_default_cidr_range(vnet_obj.address_space.address_prefixes) if \
             vnet_obj and vnet_obj.address_space and vnet_obj.address_space.address_prefixes \
             else '10.234.0.0/16,10.244.0.0/16,172.17.0.1/16'
-    _check_spring_cloud_rp_permission(cmd, vnet_id)
 
 
 def _validate_subnet(namespace, subnet):
@@ -212,32 +211,6 @@ def _validate_subnet(namespace, subnet):
         raise CLIError('--{0} should contain at least /{1} address, got /{2}'.format(name, limit, address.prefixlen))
 
 
-def _check_spring_cloud_rp_permission(cmd, vnet_id):
-    vnet = parse_resource_id(vnet_id)
-    auth_client = _get_authorization_client(cmd.cli_ctx, subscription_id=vnet['subscription'])
-    assignments = auth_client.role_assignments.list_for_scope(vnet_id)
-    objectIds = [x.principal_id for x in assignments if x.principal_type == 'ServicePrincipal' and
-                 '8e3af657-a8ff-443c-a75c-2fe8c4bcb635' in x.role_definition_id]
-    objectId = _look_up_spring_cloud_rp(cmd, objectIds, subscription_id=vnet['subscription'])
-    if not objectId:
-        logger.warning("Please make sure to grant Azure Spring Cloud service permission to the virtual network. Refer "
-                       "to https://aka.ms/asc/vnet-permission-help for more details.")
-
-
-def _look_up_spring_cloud_rp(cmd, objectIds, subscription_id=None):
-    if not objectIds:
-        return None
-    graph_client = _get_graph_rbac_management_client(cmd.cli_ctx, subscription_id=subscription_id)
-    from azure.graphrbac.models import GetObjectsParameters
-    for i in range(0, len(objectIds), 1000):
-        params = GetObjectsParameters(include_directory_object_references=True, object_ids=objectIds[i:i + 1000])
-        result = list(graph_client.objects.get_objects_by_object_ids(params))
-        app = next((x for x in result if x.app_id and x.app_id == 'e8de9221-a19c-4c81-b814-fd37c6caf9d2'), None)
-        if app:
-            return app
-    return None
-
-
 def _get_vnet(cmd, vnet_id):
     vnet = parse_resource_id(vnet_id)
     network_client = _get_network_client(cmd.cli_ctx, subscription_id=vnet['subscription'])

src/spring-cloud/azext_spring_cloud/tests/latest/test_asc_validator.py

@@ -197,20 +197,6 @@ def test_subnet_with_route_table(self):
             validate_vnet(_get_test_cmd(), ns)
             self.assertTrue('subnet should not associate with any route tables.' in str(context.exception))
 
-    @mock.patch('azext_spring_cloud._validators._get_vnet', _mock_get_vnet)
-    @mock.patch('azext_spring_cloud._validators._get_authorization_client', _mock_get_authorization_client)
-    @mock.patch('azext_spring_cloud._validators._get_graph_rbac_management_client',
-                _mock_get_graph_rbac_management_client)
-    def test_vnet_without_permission(self):
-        ns = Namespace(reserved_cidr_range='10.0.0.0/8,20.0.0.0/16,30.0.0.0/16', resource_group='test', vnet=None, sku=None,
-                       app_subnet='/subscriptions/33333333-0000-0000-0000-000000000000/resourceGroups/test/providers/Microsoft.Network/VirtualNetworks/test-vnet/subnets/app',
-                       service_runtime_subnet='/subscriptions/33333333-0000-0000-0000-000000000000/resourceGroups/test/providers/Microsoft.Network/VirtualNetworks/test-vnet/subnets/svc')
-        with self.assertLogs('cli.azext_spring_cloud._validators', level='WARNING') as cm:
-            validate_vnet(_get_test_cmd(), ns)
-            self.assertTrue(
-                'Please make sure to grant Azure Spring Cloud service permission to the virtual network.' in str(
-                    cm.output))
-
     def test_subnets_same(self):
         ns = Namespace(reserved_cidr_range='10.0.0.0/8,20.0.0.0/16,30.0.0.0/16', resource_group='test', vnet=None, sku=None,
                        app_subnet='/subscriptions/11111111-0000-0000-0000-000000000000/resourceGroups/test/providers/Microsoft.Network/virtualnetworks/test-Vnet/subnets/app',