auth: support service principal sn+issuer auth#7609
Conversation
|
@tjprescott @williexu, can one of you help take a look? |
src/azure-cli-core/HISTORY.rst
Outdated
There was a problem hiding this comment.
This is duplicated. Should only be in 2.0.50.
There was a problem hiding this comment.
It means certificate subject name :). This abbreviation is used in the auth flow doc across, so i just use it. I know there is a risk it could be taken as serial number, so I used the full term in the command help.
There was a problem hiding this comment.
let me rename to --use-cert-sn-issuer to make it a bit more clear
yugangw-msft
force-pushed
the
sn
branch
2 times, most recently
from
1291127 to
69f00ae
Compare
| if use_cert_sn_issuer and not service_principal: | ||
| raise CLIError("usage error: '--use-sn-issuer' is only applicable with a service principal") | ||
| if service_principal and not username: | ||
| raise CLIError('usage error: --service-principal --username NAME --password SECRET -t TENANT') |
There was a problem hiding this comment.
should we use the full option --tenant here?
| 2.0.50 | ||
| ++++++ | ||
| * Fix issue where update commands using `--remove` and `--ids` fail after first update is applied to first resource in ids list. | ||
| * auth: support service principal sn+issuer auth |
There was a problem hiding this comment.
Was the previous history change unnecessary to include in History.rst
There was a problem hiding this comment.
The deleted history entry was part of 2.0.49.
3 participants
The goal is to support automatic certificate rolls. The tenant must be pre-configured with only accepting certain issuers such as AME.
Mark it as
do not mergeas we are waiting for a new release of adal to have the capacity. Once it happens, i will update the PR with test coverage.The PR has modified HISTORY.rst describing any customer-facing, functional changes. Note that this does not include changes only to help content. (see Modifying change log).
I adhere to the Command Guidelines.