Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for private/air gapped cloud environments #16

Closed
amirschw opened this issue Jul 19, 2022 · 8 comments
Closed

Support for private/air gapped cloud environments #16

amirschw opened this issue Jul 19, 2022 · 8 comments

Comments

@amirschw
Copy link
Contributor

It would be great if the exporter could support private/airgapped clouds.

To do that, we can introduce a new AZURE_RESOURCE_MANAGER_ENDPOINT flag (and AZURE_GRAPH_ENDPOINT, if graph is also used). Looking at the codebase, it seems that the change is not that straightforward given the dependency on the armclient package.
@mblaschke
Copy link
Member

let me think about a general way for overwriting cloud endpoints.
This might be easier for the new armclient and in the old SDK.

@mblaschke
Copy link
Member

in worst case it could mean to pass an environment variable eg AZURE_CLOUD_CONFIG with a json configuration for all services.

mblaschke added a commit to webdevops/go-common that referenced this issue Aug 3, 2022
@mblaschke
add azureprivate cloud support
148c0e7 
webdevops/azure-resourcemanager-exporter#16
Signed-off-by: Markus Blaschke <mblaschke82@gmail.com>
@mblaschke
Copy link
Member

mblaschke commented Aug 3, 2022
edited

please try docker image webdevops/azure-resourcemanager-exporter:main (when/if build is finished)
with following env vars:

AZURE_ENVIRONMENT=AzurePrivate
AZURE_CLOUD_CONFIG='{"activeDirectoryAuthorityHost":"https://login.microsoftonline.com/","services":{"resourceManager":{"audience":"https://management.core.windows.net/","endpoint":"https://management.azure.com"}}}'

and adapt accordingly

documented here: https://github.com/webdevops/go-common/tree/main/azuresdk

thinking also about AZURE_CLOUD_CONFIG_FILE so the cloudconfig could be passed as path 🤔

@amirschw
Copy link
Contributor Author

amirschw commented Aug 4, 2022

Thanks a lot, I'll give it a try!

+1 for passing a path to the config file

@mblaschke
Copy link
Member

Are you having the AzureAD also on-premise or are you using public AzureAD?

@amirschw
Copy link
Contributor Author

amirschw commented Aug 6, 2022

Yes, I am using a different instance of Azure AD, not the public one.

@mblaschke
Copy link
Member

mblaschke commented Aug 7, 2022
edited

with newest :main version you have two options:

specify the cloud config via AZURE_CLOUD_CONFIG as string or AZURE_CLOUD_CONFIG_FILE as file path

content should be:

{
    "activeDirectoryAuthorityHost": "https://login.microsoftonline.com/",
    "services": {
        "resourceManager": {
            "audience": "https://management.core.windows.net/",
            "endpoint": "https://management.azure.com"
        },
        "microsoftGraph": {
            "audience": "https://graph.microsoft.com",
            "endpoint": "https://graph.microsoft.com"
        }
    }
}

adapt endpoints accordingly

this solution will be build in every azure exporter as soon they are migrated to the new azure-sdk-for-go version.

@mblaschke
Copy link
Member

Please reopen if there are still issues

@Inrixia Inrixia mentioned this issue Mar 13, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mblaschke @amirschw