Login via Federated Credentials for Managed Identities - Githubissues

ansible-collections / azure

Development area for Azure Collections

https://galaxy.ansible.com/azure/azcollection

GNU General Public License v3.0

238 stars 319 forks source link

Login via Federated Credentials for Managed Identities #1568

Open thriqon opened 1 month ago

thriqon commented 1 month ago

SUMMARY

It should be possible to authenticate with Azure using federated credentials with managed identities (s. https://azure.github.io/azure-workload-identity/docs/topics/federated-identity-credential.html )

This allows using Azure without transporting secret credentials.

ISSUE TYPE

Feature Idea

COMPONENT NAME

azure_rm_common

ADDITIONAL INFORMATION

If a federated credential mapping is present, the following ansible-playbook code should work:

# All UUIDs below are random.

- name: Get facts for current logged in user
  azure.azcollection.azure_rm_account_info:
    tenant: a26a3086-a0e6-46f7-9d05-45e1dafc392d
    subscription_id: c0a3630c-f7a9-4c16-911e-d4161768c68c
    client_id: 1a99877a-99dd-46fc-821f-293f9ae171ec

Fred-sun commented 1 month ago

@thriqon Thank you for submitting the question, we will investigate and resolve it!