azkv

package
v2.25.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 19, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DefaultTokenCredential 

func DefaultTokenCredential() (azcore.TokenCredential, error)

DefaultTokenCredential is a modification of azidentity.NewDefaultAzureCredential, specifically adapted to not shell out to the Azure CLI.

It attempts to return an azcore.TokenCredential based on the following order:

  • azidentity.NewEnvironmentCredential if environment variables AZURE_CLIENT_ID, AZURE_CLIENT_ID is set with either one of the following: (AZURE_CLIENT_SECRET) or (AZURE_CLIENT_CERTIFICATE_PATH and AZURE_CLIENT_CERTIFICATE_PATH) or (AZURE_USERNAME, AZURE_PASSWORD)
  • azidentity.WorkloadIdentityCredential if environment variable configuration (AZURE_AUTHORITY_HOST, AZURE_CLIENT_ID, AZURE_FEDERATED_TOKEN_FILE, AZURE_TENANT_ID) is set by the Azure workload identity webhook.
  • azidentity.ManagedIdentityCredential if only AZURE_CLIENT_ID env variable is set.

func LoadAADConfigFromBytes 

func LoadAADConfigFromBytes(b []byte, s *AADConfig) error

LoadAADConfigFromBytes attempts to load the given bytes into the given AADConfig. By first decoding it if UTF-16, and then unmarshalling it into the given struct. It returns an error for any failure.

func TokenCredentialFromAADConfig 

func TokenCredentialFromAADConfig(c AADConfig) (token azcore.TokenCredential, err error)

TokenCredentialFromAADConfig attempts to construct a Token using the AADConfig values. It detects credentials in the following order:

  • azidentity.ClientSecretCredential when `tenantId`, `clientId` and `clientSecret` fields are found.
  • azidentity.ClientCertificateCredential when `tenantId`, `clientCertificate` (and optionally `clientCertificatePassword`) fields are found.
  • azidentity.ClientSecretCredential when AZConfig fields are found.
  • azidentity.ManagedIdentityCredential for a User ID, when a `clientId` field but no `tenantId` is found.

If no set of credentials is found or the azcore.TokenCredential can not be created, an error is returned.

Types

type AADConfig 

type AADConfig struct {
	AZConfig
	TenantID                   string `json:"tenantId,omitempty"`
	ClientID                   string `json:"clientId,omitempty"`
	ClientSecret               string `json:"clientSecret,omitempty"`
	ClientCertificate          string `json:"clientCertificate,omitempty"`
	ClientCertificatePassword  string `json:"clientCertificatePassword,omitempty"`
	ClientCertificateSendChain bool   `json:"clientCertificateSendChain,omitempty"`
	AuthorityHost              string `json:"authorityHost,omitempty"`
}

AADConfig contains the selection of fields from an Azure authentication file required for Active Directory authentication.

func (AADConfig) GetCloudConfig 

func (s AADConfig) GetCloudConfig() cloud.Configuration

GetCloudConfig returns a cloud.Configuration with the AuthorityHost, or the Azure Public Cloud default.

type AZConfig 

type AZConfig struct {
	AppID    string `json:"appId,omitempty"`
	Tenant   string `json:"tenant,omitempty"`
	Password string `json:"password,omitempty"`
}

AZConfig contains the Service Principal fields as generated by `az`. Ref: https://docs.microsoft.com/en-us/azure/aks/kubernetes-service-principal?tabs=azure-cli#manually-create-a-service-principal

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.