You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I read the post "https://www.hashicorp.com/blog/version-2-packer-azure-plugin-now-available". I use Packer with the latest Azure plugin and use the OIDC connection. When using a deployment that takes for example 38 minutes everything runs ok. But when i've use an larger deployment the following error occurs
==> azure-arm.windows11-avd: autorest/Client#Do: Preparing request failed: StatusCode=0 -- Original Error: clientCredentialsToken: received HTTP status 401 with response: {"error":"invalid_client","error_description":"AADSTS700024: Client assertion is not within its valid time range. Current time: 2024-02-27T14:01:33.3967841Z, assertion valid from 2024-02-27T12:47:05.0000000Z, expiry time of assertion 2024-02-27T12:52:05.0000000Z. Review the documentation at https://docs.microsoft.com/azure/active-directory/develop/active-directory-certificate-credentials . Trace ID: b4e5b623-f000-4983-876c-85b424ac8e00 Correlation ID: 1b880267-c308-4c21-a6f6-085e62971c0d Timestamp: 2024-02-27 14:01:33Z","error_codes":[700024],"timestamp":"2024-02-27 14:01:33Z","trace_id":"b4e5b623-f000-4983-876c-85b424ac8e00","correlation_id":"1b880267-c308-4c21-a6f6-085e62971c0d","error_uri":"[https://login.microsoftonline.com/error?code=700024"}](https://login.microsoftonline.com/error?code=700024%22%7D)
It looks like a token expiration problem. Do you know how you can solve this?
The text was updated successfully, but these errors were encountered:
Hey @ibeerens in the current version of the plugin no, I chatted with the folks on the Terraform AzureRM Provider as we share an uptsream SDK, here are the Terraform AzureRM Provider authentication docs we only implemented the OIDC token field, these tokens can not be extended from the SDK, however if we implement the oidc request token and URL keys, which is supported using GitHub Actions and many other OIDC providers, these tokens should refresh properly.
I will add this for to our team's backlog for planning and address this when we are able
JenGoldstrich
changed the title
OIDC token expiration problem
OIDC token expiration problem - Add support for OIDC Request Token/url
May 6, 2024
I read the post "https://www.hashicorp.com/blog/version-2-packer-azure-plugin-now-available". I use Packer with the latest Azure plugin and use the OIDC connection. When using a deployment that takes for example 38 minutes everything runs ok. But when i've use an larger deployment the following error occurs
It looks like a token expiration problem. Do you know how you can solve this?
The text was updated successfully, but these errors were encountered: