-
Notifications
You must be signed in to change notification settings - Fork 193
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Managed identity support #1942
Managed identity support #1942
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some minor comments, but nothing substantial - great stuff.
To use Service Principal authentication, specify an `aso-controller-settings` secret with `AZURE_CLIENT_SECRET` set. | ||
`AZURE_CLIENT_ID` must be set to the Service Principal client ID. | ||
`AZURE_CLIENT_SECRET` must be set to the Service Principal client secret. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To use Service Principal authentication, specify an `aso-controller-settings` secret with `AZURE_CLIENT_SECRET` set. | |
`AZURE_CLIENT_ID` must be set to the Service Principal client ID. | |
`AZURE_CLIENT_SECRET` must be set to the Service Principal client secret. | |
To use Service Principal authentication, specify an `aso-controller-settings` secret with `AZURE_CLIENT_ID` and `AZURE_CLIENT_SECRET` set. | |
* `AZURE_CLIENT_ID` must be set to the Service Principal client ID. | |
* `AZURE_CLIENT_SECRET` must be set to the Service Principal client secret. |
Maybe give an example of each, so that people can recognize when they've found the right value to include?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Giving an example here is a bit awkward because both fields are pretty inscrutable (CLIENT_ID is a GUID and the password is some black-box base64'ed string that Azure gives to them when they create the SP). What I've done is call out that client ID is a GUID and also link to the documentation in the Azure CLI that shows how to create an SP (which will return these values).
6da2dd7
to
061cacb
Compare
061cacb
to
e1abcd1
Compare
Closes #1869
Closes #1854
What this PR does / why we need it:
Adds Managed Identity support and documents how to use it. Testing is still an outstanding issue which we need to solve.
See #1941. I will be following up with a separate PR for this.
If applicable: