You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently it is impossible to specify a subscription_id when using managed identity authentication, as when only subscription_id is provided packer assumes an interactive login is desired.
In our case we need the base images to be stored in a different subscription to on running our CI/CD pipeline build agents. A single managed identity can have access to many Azure subscriptions.
Reproduction Steps
Create a user assigned managed identity
Grant the identity Azure RBAC permissions to multiple subscriptions
Assign the managed identity to a vm
On the vm execute az login --identity and you should see output for multiple subscriptions
Provide a subscription_id to the azure-arm builder in packer and you will be stuck on an interactive login
The text was updated successfully, but these errors were encountered:
This issue was originally opened by @dougbw as hashicorp/packer#9140. It was migrated here as a result of the Packer plugin split. The original body of the issue is below.
Overview of the Issue
Currently it is impossible to specify a subscription_id when using managed identity authentication, as when only subscription_id is provided packer assumes an interactive login is desired.
In our case we need the base images to be stored in a different subscription to on running our CI/CD pipeline build agents. A single managed identity can have access to many Azure subscriptions.
Reproduction Steps
az login --identity
and you should see output for multiple subscriptionsThe text was updated successfully, but these errors were encountered: