Allow for authenticating to Azure using the Azure CLI

[marcin478]

This is already supported by the azurerm and azuread providers.
It's required to solve the problem with the 10 minutes idToken validity limitation when using Workload Identity to Federation for Azure DevOps Service Connection.

[ms-henglu]

Hi @marcin478 ,

Thank you for taking time to report this issue and apologize for late response.

The azapi provider does support this feature, more details could be found here: https://registry.terraform.io/providers/Azure/azapi/latest/docs/guides/azure_cli

[srvmsr]

We are facing the same issue , azure cli auth works well when auzure cli is authenticated via Service principal client secret, however we get below error when we use Workload Identity to Federation for Azure DevOps Service Connection.

"Error: reading "Resource: (ResourceId "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" / Api Version "2022-09-01")": ChainedTokenCredential authentication failed
│ GET http://169.254.169.254/metadata/identity/oauth2/token
│ --------------------------------------------------------------------------------
│ RESPONSE 400 Bad Request
│ --------------------------------------------------------------------------------
│ {
│ "error": "invalid_request",
│ "error_description": "Identity not found"
│ }

At the same config , azurerm provider works well.
Provider config as below:

`terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "> 3.63.0"
}
azapi = {
source = "Azure/azapi"
version = "> 1.8.0"
}
}
backend "azurerm" {
}
}

provider "azapi" {
use_cli = true
}

provider "azurerm" {
skip_provider_registration = true
features {}
}
`

[sikksakk]

+1 to @srvmsr
Using Workload Identity is not working.