azkv

package
v1.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 27, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DefaultTokenCredential added in v1.2.0 

func DefaultTokenCredential() (azcore.TokenCredential, error)

DefaultTokenCredential is a modification of azidentity.NewDefaultAzureCredential, specifically adapted to not shell out to the Azure CLI.

It attempts to return an azcore.TokenCredential based on the following order:

  • azidentity.NewEnvironmentCredential if environment variables AZURE_CLIENT_ID, AZURE_CLIENT_ID is set with either one of the following: (AZURE_CLIENT_SECRET) or (AZURE_CLIENT_CERTIFICATE_PATH and AZURE_CLIENT_CERTIFICATE_PATH) or (AZURE_USERNAME, AZURE_PASSWORD)
  • azidentity.WorkloadIdentityCredential if environment variable configuration (AZURE_AUTHORITY_HOST, AZURE_CLIENT_ID, AZURE_FEDERATED_TOKEN_FILE, AZURE_TENANT_ID) is set by the Azure workload identity webhook.
  • azidentity.ManagedIdentityCredential if only AZURE_CLIENT_ID env variable is set.

func LoadAADConfigFromBytes 

func LoadAADConfigFromBytes(b []byte, s *AADConfig) error

LoadAADConfigFromBytes attempts to load the given bytes into the given AADConfig. By first decoding it if UTF-16, and then unmarshalling it into the given struct. It returns an error for any failure.

func TokenCredentialFromAADConfig added in v1.2.0 

func TokenCredentialFromAADConfig(c AADConfig) (token azcore.TokenCredential, err error)

TokenCredentialFromAADConfig attempts to construct a Token using the AADConfig values. It detects credentials in the following order:

  • azidentity.ClientSecretCredential when `tenantId`, `clientId` and `clientSecret` fields are found.
  • azidentity.ClientCertificateCredential when `tenantId`, `clientCertificate` (and optionally `clientCertificatePassword`) fields are found.
  • azidentity.ClientSecretCredential when AZConfig fields are found.
  • azidentity.ManagedIdentityCredential for a User ID, when a `clientId` field but no `tenantId` is found.

If no set of credentials is found or the azcore.TokenCredential can not be created, an error is returned.

Types

type AADConfig 

type AADConfig struct {
	AZConfig
	TenantID                   string `json:"tenantId,omitempty"`
	ClientID                   string `json:"clientId,omitempty"`
	ClientSecret               string `json:"clientSecret,omitempty"`
	ClientCertificate          string `json:"clientCertificate,omitempty"`
	ClientCertificatePassword  string `json:"clientCertificatePassword,omitempty"`
	ClientCertificateSendChain bool   `json:"clientCertificateSendChain,omitempty"`
	AuthorityHost              string `json:"authorityHost,omitempty"`
}

AADConfig contains the selection of fields from an Azure authentication file required for Active Directory authentication.

func (AADConfig) GetCloudConfig added in v0.31.0 

func (s AADConfig) GetCloudConfig() cloud.Configuration

GetCloudConfig returns a cloud.Configuration with the AuthorityHost, or the Azure Public Cloud default.

type AZConfig 

type AZConfig struct {
	AppID    string `json:"appId,omitempty"`
	Tenant   string `json:"tenant,omitempty"`
	Password string `json:"password,omitempty"`
}

AZConfig contains the Service Principal fields as generated by `az`. Ref: https://docs.microsoft.com/en-us/azure/aks/kubernetes-service-principal?tabs=azure-cli#manually-create-a-service-principal

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.