New Storage Account Access Analysis feature make workflow with OIDC time out

JulianHayward / Azure-MG-Sub-Governance-Reporting

Azure Governance Visualizer aka AzGovViz is a PowerShell script that captures Azure Governance related information such as Azure Policy, RBAC (a lot more) by polling Azure ARM, Storage and Microsoft Graph APIs.

MIT License

850 stars 305 forks source link

New Storage Account Access Analysis feature make workflow with OIDC time out #135

Closed extmaper closed 2 years ago

extmaper commented 2 years ago

After updating to latest version with Storage Account Access Analysis pipeline with OIDC authentication breaks due to timeout.

JulianHayward commented 2 years ago

hmm, I don´t see how the OIDC authentication is related to the script update. In my test GitHub it is working fine. Can you try again please?

extmaper commented 2 years ago

It fails after running AzGovViz step for about 33 minutes. Below is error message.

Running the same configuration against a small environment works fine.

errormsg

JulianHayward commented 2 years ago

ok, got it. ref: https://github.com/Azure/azure-powershell/issues/17346

JulianHayward commented 2 years ago

ok, seems we can good work around:
https://goodworkaround.com/2021/12/21/another-deep-dive-into-azure-ad-workload-identity-federation-using-github-actions/

may take some time, though..

JulianHayward commented 2 years ago

@extmaper can you please try the latest release (see release notes)

extmaper commented 2 years ago

Works fine after latest update. Thanks for quick fix and really nice work with the storage account analysis feature.