Open mkrieger2468 opened 2 months ago
@jaredfholgate is this releated to Workload Identity Federation?
@mkrieger2468 and @mericstam This appears to be related to usage of the https://registry.terraform.io/providers/PGSSoft/mssql/latest/docs provider. This provider is not supported by this task since it does not use the same authentication method as other Azure providers.
I'm unsure if we have a way to support this provider when using WIF (if that is the ask here?). For client secret, you can set the env vars. We don't currently support az cli login with this task.
You could speak to the provider owners about WIF support with env vars to match Azure providers. However given this provider has not been updated since December 2022, I would personally be looking for a supported option instead.
The provider does support this type of authentication; however, it goes in an order. If the environment variables are not set, then it will move through the list. When it gets to the last one AzureCLICredentials
it requires an access token that is generated with an azCLI command. Once that command is run in the task then the provider will manage the database.
The provider does support this type of authentication; however, it goes in an order. If the environment variables are not set, then it will move through the list. When it gets to the last one
AzureCLICredentials
it requires an access token that is generated with an azCLI command. Once that command is run in the task then the provider will manage the database.
Sorry, if I wasn't clear above, but we don't support az cli auth for any providers with this task. If you need to use that you'll need to go with an alternative such as the AzureCLI task per your example.
It is worth noting that although the providers support Azure CLI auth, the azurerm backend does not. See this issue for more details: https://github.com/hashicorp/terraform/issues/34322
I am unable to manage a database using provider pgssoft/mssql with the Terraform task. I get the following error message when I use that provider. Everything else works when you set the environment variable
ARM_USE_AZUREAD
. I found if you follow Microsoft documentation and run the azureCLI commandaz account get-access-token
, it will work.Error message:
Terraform Task:
AzureCLI Task: