-
Notifications
You must be signed in to change notification settings - Fork 69
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support credentials objects for user-assigned Managed Identities #156
Comments
Currently, Credentials are not supported by |
Hi are there any updates on this? do we know when DataFactory module will include credentials and userAssignedIdentites? |
Hi. Same issue here. Can I help to fix it? Trying to understand... Should we only add 'credential' to $AllowedTypes in private\AdfObject.class.ps1 file to make it work or is there something else to change? |
No, |
We have added the following line in the code to skip credentials objets : -and $node.PSobject.Properties.Name -contains 'type')
{
[string] $type = $node.type
if ($type.Equals('CredentialReference')) { $script:ind--; return }
if ($type.EndsWith('Reference')) {
$type = $type.Substring(0, $type.Length-9)
#Write-Verbose "$type.$($node.referenceName)" So that the module won't stop anymore on ADFT0029: Unknown object type: Credential error. |
Hi @Viguro79, can you share some insights on how you manage credentials with Terraform? There doesn't seem to be a TF resource for the credentials object yet either. We are in a similar situation but unfortunately not in a position where we can make changes to the Powershell module, so this issue is currently blocking us from deploying ADF objects. If it were possible to do it with Terraform I could work with the |
Sorry guys for the delay. This gonna be implemented today. |
…files), but the deployment is skipped and not supported yet. #156
Currently deployed on preview version: |
We are using an ARM template to deploy it : This is the arm template we use : {
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"factoryName": {
"type": "string",
"metadata": "Data Factory name"
},
"identId": {
"type": "string",
"metadata": "the managed identiry id"
},
"credName": {
"type": "string",
"metadata": "Credential name"
}
},
"variables": {
"factoryId": "[concat('Microsoft.DataFactory/factories/', parameters('factoryName'))]"
},
"resources": [
{
"name": "[concat(parameters('factoryName'), '/',parameters('credName'))]",
"type": "Microsoft.DataFactory/factories/credentials",
"apiVersion": "2018-06-01",
"properties": {
"type": "ManagedIdentity",
"typeProperties": {
"resourceId": "[parameters('identId')]"
}
},
"dependsOn": []
}
]
} And the terraform we use to deploy it in live mode : resource "azurerm_resource_group_template_deployment" "rgp_cred" {
name = "Credential_RGP"
resource_group_name = var.rgp_name
deployment_mode = "Incremental"
template_content = file("${var.MODULE_FACTORY_DIR}/modules/datafactory/cred_arm-template/arm_template.json")
# template_content = file("../datafactory/cred_arm-template/arm_template.json")
parameters_content = jsonencode ({
factoryName = {value = azurerm_data_factory.current.name}
identId = {value = var.mgd_id_rgp}
credName = {value = "cred-prod"}
})
depends_on = [azurerm_data_factory.current]
} |
Better. But still an issue there :
|
#156 Added new type into 2 other places
This one is working as excepted. |
The module accepts **Credentials** type of object (when loading from files), but the deployment is skipped and not supported yet. #156
Released in ver.0.99 |
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
We were trying to use the new support that was added recently by microsoft to allow to use user-assigned managed identities for credentials for some data factory objects such as linked services for example, but when we tried to deploy that version that contained an autogenerated credential folder containing the related user assigned identity, the cmdlet threw an error inside the AdfObject.class.ps1 ADFT0029: Unknown object type: Credential.
Basically our linked service had a credential property inside its TypeProperties using a type CredentialReference
Describe the solution you'd like
A clear and concise description of what you want to happen.
It would be nice if that could be supported somehow.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
For now because of this restriction we were planning on still using plain connection strings with user and password for now, which we already handle through the csv substitution.
Additional context
Add any other context or screenshots about the feature request here.
The text was updated successfully, but these errors were encountered: