Closed Fizcko closed 5 years ago
rameshsagar
commented
5 years ago Hi @Fizcko , How do I configure the extension to support client credential grant flow ? https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-oauth2-client-creds-grant-flow
1.First I would like the pipline to authenticate to Azure IDP and obtain JWT token
can you please advice?
Fizcko
commented
5 years ago Hi @rameshsagar,
Hashicorp Vault is just supporting Azure Managed Service Identity (MSI). https://www.vaultproject.io/docs/auth/azure.html
1.First I would like the pipline to authenticate to Azure IDP and obtain JWT token
You have to use an other Azure DevOps task to do that (curl, powershell, or something else).
- Then use that token to communicate with vault to obtain vault token
- Then use the vault token to obtain secret (KV)
This is already available in this extension.
Or you can use OIDC auth.
https://www.vaultproject.io/docs/auth/jwt_oidc_providers.html
I can try to add this authentification method. Create an issue if you want.
The task now can recursively load secrets from a folders and his subfolders. Or just load secrets from a specific path as ask in issue #3