Azure Provider: Authenticating using the Azure CLI #2300
Conversation
|
hey @v-mavick Thanks for this PR :)
Nope - taking a look at this these are a reference to the binaries Thanks! |
|
Thanks! That’s what I suspected, but I wasn’t sure.
|
There was a problem hiding this comment.
hey @v-mavick
Thanks for this PR :)
On the whole this is looking pretty good - if we can fix up the minor issues (and sort out the indentation) this should otherwise be good to merge 👍
Thanks!
|
|
||
| When `terraform` and `az` are run on hosts / containers with different timezones, the variable $TZ should be set on the host. | ||
| When `terraform` and `az` are run on hosts/containers with different timezones, the variable $TZ should be set on the host. |
There was a problem hiding this comment.
I feel like line 20 / 22 are saying the same thing; so perhaps we could combine them? 🤔
What do you think of:
When the timezones in which
azandterraformdiffer, such as when these binaries are run from within Docker (which defaults to UTC) and the system timezone (which may not) - Terraform may incorrectly detect these access tokens as expired. It's possible to work around this by ensuring the Environment Variable$TZis configured the same on both.
There was a problem hiding this comment.
Modified as suggested.
| ``` | ||
| ```shell | ||
| $ az login | ||
| ``` |
There was a problem hiding this comment.
can we remove this indentation?
There was a problem hiding this comment.
Removed indentation.
| ``` | ||
| ```shell | ||
| To sign in, use a web browser to open the page https://aka.ms/devicelogin and enter the code XXXXXXXX to authenticate. | ||
| ``` |
There was a problem hiding this comment.
this behaviours changed slightly since then, so it could be worth updating the output from this block?
There was a problem hiding this comment.
Is this something I need to address in this document?
|
|
||
| Also, if you have been authenticating with a service principal and you switch to Azure CLI, you must null out the ARM_* environment variables. Failure to do so causes errors to be thrown. | ||
| Also, if you have been authenticating with a service principal and you switch to Azure CLI, you must null out the ARM_* environment variables. Failure to do so causes errors to be thrown. |
There was a problem hiding this comment.
can we remove this indentation? this'll mean it's not rendered correctly, unfortunately
There was a problem hiding this comment.
Indentation removed.
|
|
||
| This will prompt you to open a web browser, as shown below: | ||
| 1. You are prompted to open a web browser: |
There was a problem hiding this comment.
does this want to be 2.?
There was a problem hiding this comment.
Yes. It should be corrected in the next commit.
|
|
||
| Once logged in - it's possible to list the Subscriptions associated with the account via: | ||
| 1. Once logged in, it's possible to list the Subscriptions associated with the account via: |
There was a problem hiding this comment.
does this want to be 3.?
There was a problem hiding this comment.
Yes. I "hard-coded" the numbers, which should all display correctly now.
|
Great. I’ll get back on this first thing in the morning.
|
Co-Authored-By: v-mavick <33636473+v-mavick@users.noreply.github.com>
|
hey @v-mavick Thanks for pushing those changes - there's some changes coming to Azure CLI authentication in the form of #2387 such that this document changes somewhat. Since #2387 changes the document slightly (insofar as we no longer parse the Azure CLI access tokens) I've incorporated the changes made in this document into that PR - I hope you don't mind! Thanks! |
|
Tom,
Thanks for the update. That may explain why I was having issues pushing to #2300!
|
* dependencies: upgrading to 0.2.0 of github.com/hashicorp/go-azure-helpers * authentication: switching to use Azure CLI Token authentication * documenting that only az 2.0 is supported * Incorporating the changes from #2300
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks! |
ghost
locked and limited conversation to collaborators
First editorial pass. Feedback greatly welcome!
@tombuildsstuff: Should the references to
terraformandazon line 22 instead be Terraform and Azure?