Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Task] Update Azure OIDC guide #10125

Closed
Tracked by #10058
toriancrane opened this issue Oct 25, 2023 · 2 comments
Closed
Tracked by #10058

[Task] Update Azure OIDC guide #10125

toriancrane opened this issue Oct 25, 2023 · 2 comments
Assignees
@toriancrane
Labels
area/docs Improvements or additions to documentation docs/content docs/guides kind/task Work that's part of an ongoing epic
Milestone
0.96

Comments

@toriancrane
Copy link
Contributor

toriancrane commented Oct 25, 2023
edited
Loading

Draft PR
@toriancrane toriancrane mentioned this issue Oct 25, 2023
Closed
@toriancrane toriancrane self-assigned this Oct 25, 2023
@github-actions github-actions bot added the needs-triage Needs attention from the triage team label Oct 25, 2023
@github-project-automation github-project-automation bot moved this to 🤔 Triage in Docs 📚 Oct 25, 2023
@toriancrane toriancrane moved this from 🤔 Triage to 🎬 Ready in Docs 📚 Oct 25, 2023
@toriancrane toriancrane added area/blog Content issues on blog posts. and removed needs-triage Needs attention from the triage team labels Oct 25, 2023
@toriancrane toriancrane added this to the 0.96 milestone Oct 25, 2023
@toriancrane toriancrane changed the title [Task] Write "From Zero to ESC - Azure" blog post [Task] Write Esc Run for Azure Doc Oct 26, 2023
@toriancrane toriancrane moved this from 🎬 Ready to 🔧 In Progress in Docs 📚 Oct 30, 2023
@toriancrane
Copy link
Contributor Author

Unlike AWS, there does not currently appear to be a way to seamlessly run Azure CLI commands by exposing credential environment variables from a Pulumi ESC environment file. From this thread:

image

image

This conversation took place a few weeks ago, so I sent a message to the esc slack channel to see if there are any updates with this functionality.

@toriancrane toriancrane added area/docs Improvements or additions to documentation docs/guides blocked The issue cannot be resolved without 3rd party action. kind/task Work that's part of an ongoing epic docs/content and removed area/blog Content issues on blog posts. labels Oct 30, 2023
@toriancrane
Copy link
Contributor Author

Still blocked on this activity until I hear back from Engineering.

The way that I currently understand how this works is that users must first run:

esc run pulumi/my-dev-env-2 -- az login \
--service-principal -u '${azure.login.clientId}' \
--tenant '${azure.login.tenantId}' \
--federated-token '${azure.login.oidc.token}'

Before being able to run other az cli commands like this:

az vm list

There doesn't seem to be a way to specify credentials flags for a command like az vm list.

Further, any time the OIDC token expires, users would have to re-run the first command shown above, and quite frankly that is way more convoluted than just running az login.

@toriancrane toriancrane mentioned this issue Oct 31, 2023
Closed
@toriancrane toriancrane removed the blocked The issue cannot be resolved without 3rd party action. label Oct 31, 2023
@toriancrane toriancrane changed the title [Task] Write Esc Run for Azure Doc [Task] Update Azure OIDC guide Nov 1, 2023
@toriancrane toriancrane moved this from 🔧 In Progress to 💜 Review in Docs 📚 Nov 2, 2023
@toriancrane toriancrane mentioned this issue Nov 2, 2023
Merged
8 tasks
@github-project-automation github-project-automation bot moved this from 💜 Review to 🏁 Done in Docs 📚 Nov 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@toriancrane toriancrane

Labels
area/docs Improvements or additions to documentation docs/content docs/guides kind/task Work that's part of an ongoing epic
Projects
Docs 📚
Archived in project
Milestone
0.96
Development

No branches or pull requests
1 participant
@toriancrane