Azure Dynamic Provider Credentials

PreviousAWS Dynamic Provider Credentials NextGCP Dynamic Provider Credentials

Last updated 11 months ago

Was this helpful?

Azure Dynamic Provider Credentials

Requirements

The dynamic provider credential setup in Azure can be done with the Terrraform code available in the following link:

The code will also create a sample workspace with all the require environment variables that can be used to test the functionality using the CLI driven workflow.

Make sure to mount your public and private key to the API container as explained

Mare sure the private key is in "pkcs8" format

Validate the following terrakube api endpoints are working:

Set terraform variables using: "variables.auto.tfvars"

terrakube_token                          = "TERRAKUBE_PERSONAL_ACCESS_TOKEN"
terrakube_api_hostname                   = "TERRAKUBE-API.MYCLUSTER.COM"
terrakube_federated_credentials_audience = "api://AzureADTokenExchange"
terrakube_organization_name              = "simple"
terrakube_workspace_name                 = "dynamic-azure"

To generate the API token check

Run Terraform apply to create all the federated credential setup in AWS and a sample workspace in terrakube for testing

To test the following terraform code can be used:

terraform {

  cloud {
    organization = "terrakube_organization_name"
    hostname = "terrakube-api.mydomain.com"

    workspaces {
      name = "terrakube_workspace_name"
    }
  }
}

provider "azurerm" {
  features {}
}

 resource "azurerm_resource_group" "example" {
  name     = "randomstring-aejthtyu"
  location = "East US 2"
}

Running Example:

When running a job Terrakube will correctly authenticate to Azure without any credentials inside the workspace

PreviousAWS Dynamic Provider Credentials NextGCP Dynamic Provider Credentials

Last updated 11 months ago

Was this helpful?