Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type WorkloadIdentityFederationCredential ¶
type WorkloadIdentityFederationCredential struct {
// contains filtered or unexported fields
}
WorkloadIdentityFederationCredential supports any OIDC-compliant identity provider that supplies a JWT token.
func NewWorkloadIdentityFederationCredential ¶
func NewWorkloadIdentityFederationCredential(options *WorkloadIdentityFederationCredentialOptions) (*WorkloadIdentityFederationCredential, error)
NewWorkloadIdentityFederationCredential constructs a WorkloadIdentityFederationCredential. Service principal configuration is read from environment variables as set by the Azure workload identity webhook. Set options to override those values.
func (*WorkloadIdentityFederationCredential) GetToken ¶
func (w *WorkloadIdentityFederationCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)
GetToken requests an access token from Azure Active Directory. Azure SDK clients call this method automatically.
type WorkloadIdentityFederationCredentialOptions ¶
type WorkloadIdentityFederationCredentialOptions struct { azcore.ClientOptions // AdditionallyAllowedTenants specifies additional tenants for which the credential may acquire tokens. // Add the wildcard value "*" to allow the credential to acquire tokens for any tenant in which the // application is registered. AdditionallyAllowedTenants []string // ClientID of the service principal. Defaults to the value of the environment variable AZURE_CLIENT_ID. ClientID string // DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or // private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata // from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making // the application responsible for ensuring the configured authority is valid and trustworthy. DisableInstanceDiscovery bool // TenantID of the service principal. Defaults to the value of the environment variable AZURE_TENANT_ID. TenantID string // FederatedToken is the federated token to use for authentication. Defaults to the value of the environment variable AZURE_FEDERATED_TOKEN. FederatedToken oauth2.Token }
WorkloadIdentityFederationCredentialOptions contains optional parameters for WorkloadIdentityFederationCredential.
Click to show internal directories.
Click to hide internal directories.