[CORS-2611] [Spike] Investigate how to supply terraform with SubscriptionID and TenantID - Red Hat Issue Tracker

Type: Spike
Resolution: Done
Priority: Undefined
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Work Type:
Strategic Product Work
Blocked:
False
Blocked Reason:
None
Ready:
False
Epic Link:
Support for Azure Managed Identities for new OpenShift deployments
Intelligence Requested:
Market:

Sprint:
Sprint 237, Sprint 236

SFDC Cases Links:
SFDC Cases Open:
SFDC Cases Counter:

When using Managed Identities with terraform-azure-provider, the provider needs

In addition to a properly-configured management identity, Terraform needs to know the subscription ID and tenant ID to identify the full context for the Azure provider.

However, customers use Managed Identities to avoid having to specify such values. It's possible the terraform provider requires them because it is using the old SDK clients. So we need to investigate:

1) Are the any plans from the tf provider to move to the new SDK and not require SubscriptionID and TenantID?

2) If 1) is not happening any time soon, can we find that information out using the Azure SDK and supply the values to terraform? We want to avoid having the customers specify them in osServicePrincipal.json

Resources:

https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/managed_service_identity

Assignee:: Rafael Fonseca dos Santos

Reporter:: Rafael Fonseca dos Santos

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2023/04/19 4:33 PM

Updated:: 2024/09/04 8:02 PM

Resolved:: 2023/05/31 11:10 AM

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates