🧹 Use DefaultAzureCredential for token resolving in the Azure provide…

…r. This extends the connection capabilities of the azure provider from just CLI creds to env var, workload identity, managed identity and CLI creds. (#3071) Signed-off-by: Preslav <[email protected]>
mondoohq · Jan 25, 2024 · b130500 · b130500
1 parent 83023b4
commit b130500
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/providers/azure/connection/auth/auth.go b/providers/azure/connection/auth/auth.go
@@ -16,10 +16,10 @@ import (
 func GetTokenCredential(credential *vault.Credential, tenantId, clientId string) (azcore.TokenCredential, error) {
 	var azCred azcore.TokenCredential
 	var err error
-	// fallback to CLI authorizer if no credentials are specified
+	// fallback to default authorizer if no credentials are specified
 	if credential == nil {
-		log.Debug().Msg("using azure cli to get a token")
-		azCred, err = azidentity.NewAzureCLICredential(&azidentity.AzureCLICredentialOptions{})
+		log.Debug().Msg("using default azure token resolver")
+		azCred, err = azidentity.NewDefaultAzureCredential(&azidentity.DefaultAzureCredentialOptions{})
 		if err != nil {
 			return nil, errors.Wrap(err, "error creating CLI credentials")
 		}