auth

package
v0.29.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 14, 2025 License: MIT Imports: 5 Imported by: 0

Documentation

Overview

Package auth provides a small helper for creating an Azure Entra (azcore.TokenCredential) using well-known Azure/Terraform environment variables and conventions.

It wraps the Entra auth helper (aztfauth) with sensible defaults and environment-driven configuration so calling code can obtain a credential suitable for use with the Azure SDKs without duplicating environment parsing logic.

Usage 

import "github.com/Azure/alzlib/internal/auth"

cred, err := auth.NewToken()
if err != nil {
    // handle error
}
// use cred with Azure SDK clients that accept azcore.TokenCredential

Environment variables

NewToken reads a variety of environment variables to determine the right credential flow and configuration. Common variables include (but are not limited to):

- ARM_ENVIRONMENT, AZURE_ENVIRONMENT - ARM_CLIENT_ID, AZURE_CLIENT_ID - ARM_CLIENT_SECRET, AZURE_CLIENT_SECRET - ARM_TENANT_ID, AZURE_TENANT_ID - ARM_CLIENT_CERTIFICATE, ARM_CLIENT_CERTIFICATE_PASSWORD, ARM_CLIENT_CERTIFICATE_PATH - ARM_OIDC_TOKEN, ARM_OIDC_TOKEN_FILE_PATH, AZURE_FEDERATED_TOKEN_FILE - ARM_OIDC_REQUEST_TOKEN, ACTIONS_ID_TOKEN_REQUEST_TOKEN, SYSTEM_ACCESSTOKEN - ARM_OIDC_REQUEST_URL, ACTIONS_ID_TOKEN_REQUEST_URL, SYSTEM_OIDCREQUESTURI - ARM_USE_CLI, ARM_USE_MSI, ARM_USE_OIDC, ARM_USE_AKS_WORKLOAD_IDENTITY - ARM_ADO_PIPELINE_SERVICE_CONNECTION_ID, ARM_OIDC_AZURE_SERVICE_CONNECTION_ID, AZURESUBSCRIPTION_SERVICE_CONNECTION_ID

Notes

  • Some variables accept file paths (e.g. *_FILE_PATH) so secrets can be supplied via files.
  • The package maps environment names ("public", "usgovernment", "china") to the corresponding Azure cloud configuration.
  • The helper favors non-interactive credential flows appropriate for CI/CD and automated scenarios; it will enable use of the Azure CLI by default but respects ARM_USE_CLI for explicit control.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetCloudFromEnv added in v0.28.3 

func GetCloudFromEnv() cloud.Configuration

GetCloudFromEnv retrieves the Azure cloud configuration based on environment variables. It checks the ARM_ENVIRONMENT and AZURE_ENVIRONMENT variables to determine the appropriate cloud. If neither variable is set or recognized, it defaults to AzurePublic.

func NewToken 

func NewToken() (azcore.TokenCredential, error)

NewToken creates a new Entra token credential. It uses well-known Terraform ARM environment variables to configure the token acquisition.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.