use the Azure Instance Metadata Service to get the vm's name and resource group name. feed those into az vm identity show (the REST equivalent) to get the principalId.
This principalId is (we think) the same as the object-id acquired by az ad signed-in-user show. Which is required for various api calls in rovergo.
If
az account show
reveals that the user is a managed identity:"user": { "assignedIdentityInfo": "MSI", "name": "systemAssignedIdentity", "type": "servicePrincipal" }
use the Azure Instance Metadata Service to get the vm's name and resource group name. feed those into
az vm identity show
(the REST equivalent) to get the principalId.This principalId is (we think) the same as the object-id acquired by
az ad signed-in-user show
. Which is required for various api calls in rovergo.