[FEATURE REQ] Passwordless for Azure Search Services

Azure / azure-sdk-for-java

This repository is for active development of the Azure SDK for Java. For consumers of the SDK we recommend visiting our public developer docs at https://docs.microsoft.com/java/azure/ or our versioned developer docs at https://azure.github.io/azure-sdk-for-java.

MIT License

2.25k stars 1.93k forks source link

[FEATURE REQ] Passwordless for Azure Search Services #40505

Open holyyyns opened 3 weeks ago

holyyyns commented 3 weeks ago

Is your feature request related to a problem? Please describe. Use of Azure Search Service with azure spring cloud requires use of admin and query keys which adds maintenance overhead.

Describe the solution you'd like Enable support for passwordless authentication with managed identities to Azure Search Services.

Describe alternatives you've considered At the moment our bicep template is handling the creation of keyvault secret which contains admin and query key which is passed into environment of the container.

Additional context N/A

Information Checklist Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report

[X] Description Added
[X] Expected solution specified

github-actions[bot] commented 3 weeks ago

@chenrujun @moarychan @netyyyy @saragluna

saragluna commented 3 weeks ago

Hi @holyyyns, which library/SDK are you using right now?

holyyyns commented 3 weeks ago

Hi @saragluna,


        <dependencies>
            <dependency>
                <groupId>com.azure.spring</groupId>
                <artifactId>spring-cloud-azure-dependencies</artifactId>
                <version>4.17.0</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
        </dependencies>
    </dependencyManagement>

saragluna commented 3 weeks ago

@holyyyns sorry for not clarifying, but I didn't mean the BOM file, which SDK for Azure Search Service are you using?

holyyyns commented 3 weeks ago

ah my bad, its com.azure.search.documents version 11.5.0

saragluna commented 3 weeks ago

But seems like the client already supports the TokenCredential https://github.com/Azure/azure-sdk-for-java/blob/0af5efca50ca31b7df42af37defbc2c7325d77ff/sdk/search/azure-search-documents/src/main/java/com/azure/search/documents/SearchClientBuilder.java#L368-L371, so you could use a TokenCredential coming from the Managed Identity to authenticate.

github-actions[bot] commented 2 weeks ago

Hi @holyyyns. Thank you for opening this issue and giving us the opportunity to assist. To help our team better understand your issue and the details of your scenario please provide a response to the question asked above or the information requested above. This will help us more accurately address your issue.

holyyyns commented 2 weeks ago

@saragluna thank you for the feedback, i'm following up on this, will let you know shortly if i'm just not that good at reading documentation. :)