Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FR] az network bastion ssh --auth-type ssh-key Ability to point to Key Vault secret #7328

Open
o-l-a-v opened this issue Feb 29, 2024 · 2 comments
Open

[FR] az network bastion ssh --auth-type ssh-key Ability to point to Key Vault secret #7328

o-l-a-v opened this issue Feb 29, 2024 · 2 comments
Assignees
@charwen
Labels
Auto-Assign Auto assign by bot bug This issue requires a change to an existing behavior in the product in order to be resolved. customer-reported Issues that are reported by GitHub users external to the Azure organization. Network - Bastion Network Service Attention This issue is responsible by Azure service team.

Comments

@o-l-a-v
Copy link

o-l-a-v commented Feb 29, 2024
edited

Describe the bug

Would be great if az network bastion ssh --auth-type ssh-key could be pointed to a Key Vault secret containing the SSH private key, in addition to current ability to point to a local file.

How I'd like it to work:

az network bastion ssh --subscription '<bastion_subsciption_id>' `
  --resource-group '<bastion_resource_group>' `
  --name '<bastion_name>' `
  --target-resource-id '/subscriptions/<target_subscription_id>/resourceGroups/<target_resource_group>/providers/Microsoft.Compute/virtualMachines/<target_vm_name>' `
  --auth-type 'ssh-key' --username '<target_vm_username>' --ssh-key 'https://<key_vault_name>.vault.azure.net/secrets/<secret_name>'

Related command

az network bastion ssh --auth-type ssh-key

Errors

Warning: Identity file https://<key_vault_name>.vault.azure.net/secrets/<secret_name> not accessible: No such file or directory.

Issue script & Debug output

None

Expected behavior

Point to Key Vault secret using Azure CLI authenticated context should also work.

Environment Summary

Not relevant.

Additional context

No response
@o-l-a-v o-l-a-v added the bug This issue requires a change to an existing behavior in the product in order to be resolved. label Feb 29, 2024
@microsoft-github-policy-service microsoft-github-policy-service bot added question The issue doesn't require a change to the product in order to be resolved. Most issues start as that customer-reported Issues that are reported by GitHub users external to the Azure organization. Network labels Feb 29, 2024
@yonzhan
Copy link
Collaborator

yonzhan commented Feb 29, 2024

Thank you for opening this issue, we will look into it.

@microsoft-github-policy-service microsoft-github-policy-service bot added Auto-Assign Auto assign by bot Azure CLI Team The command of the issue is owned by Azure CLI team Service Attention This issue is responsible by Azure service team. Network - Bastion labels Feb 29, 2024
@yonzhan yonzhan removed Azure CLI Team The command of the issue is owned by Azure CLI team question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels Feb 29, 2024
@jsntcy
Copy link
Member

jsntcy commented Mar 5, 2024

@necusjz, please help assign this issue to bastion team.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@charwen charwen

Labels
Auto-Assign Auto assign by bot bug This issue requires a change to an existing behavior in the product in order to be resolved. customer-reported Issues that are reported by GitHub users external to the Azure organization. Network - Bastion Network Service Attention This issue is responsible by Azure service team.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@o-l-a-v @charwen @necusjz @jsntcy @yonzhan