We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
This is already supported by the azurerm and azuread providers. It's required to solve the problem with the 10 minutes idToken validity limitation when using Workload Identity to Federation for Azure DevOps Service Connection.
The text was updated successfully, but these errors were encountered:
Hi @marcin478 ,
Thank you for taking time to report this issue and apologize for late response.
The azapi provider does support this feature, more details could be found here: https://registry.terraform.io/providers/Azure/azapi/latest/docs/guides/azure_cli
azapi
Sorry, something went wrong.
We are facing the same issue , azure cli auth works well when auzure cli is authenticated via Service principal client secret, however we get below error when we use Workload Identity to Federation for Azure DevOps Service Connection.
"Error: reading "Resource: (ResourceId "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" / Api Version "2022-09-01")": ChainedTokenCredential authentication failed │ GET http://169.254.169.254/metadata/identity/oauth2/token │ -------------------------------------------------------------------------------- │ RESPONSE 400 Bad Request │ -------------------------------------------------------------------------------- │ { │ "error": "invalid_request", │ "error_description": "Identity not found" │ }
At the same config , azurerm provider works well. Provider config as below:
`terraform { required_providers { azurerm = { source = "hashicorp/azurerm" version = "> 3.63.0" } azapi = { source = "Azure/azapi" version = "> 1.8.0" } } backend "azurerm" { } }
provider "azapi" { use_cli = true }
provider "azurerm" { skip_provider_registration = true features {} } `
+1 to @srvmsr Using Workload Identity is not working.
No branches or pull requests
This is already supported by the azurerm and azuread providers.
It's required to solve the problem with the 10 minutes idToken validity limitation when using Workload Identity to Federation for Azure DevOps Service Connection.
The text was updated successfully, but these errors were encountered: