https://pulumi.com logo
#azure
Title
# azure
s

swift-apple-26877

08/23/2022, 10:31 AM
Is there a way to have Pulumi yml interact with Azure using Azure-Login? It works now by specifically adding each property of Azure credentials (Tenant ID, Sub ID, App ID, Cleint Secret) but to save space and time I wonder if this would work with Azure Login (with one GitHub secret for AZURE_CREDENTIALS) instead?
d

damp-honey-93158

08/29/2022, 11:52 AM
Hi - we use the current az cli credentials during dev, and split out the AZURE_SUBSCRIPTION parts during pipeline runs. The key is that our pulumi config never specifies any client/secret/tenant credentials. This in turn means all our devs require an az cli login, which makes sense for us - YMMV. Is that what you meant? Happy to provide more details should you need it.
s

swift-apple-26877

09/06/2022, 10:40 AM
Thanks for the response John Usually when I do GitHib Action deploys to Azure I can use the "Azure/Login" step to verifiy access
This uses a secret stored in GitHub Actions called "AZURE_CREDENTIALS" which contains the values of the "clientId", "clientSecret", "subscriptionId" and "tenantId" It is saved this like: { "clientId": "xxx", "clientSecret": "xxx", "subscriptionId": "xxx", "tenantId": "xxx" } I was just wondering if we could use the same approach in our pulumi yml for GitHub Actions Right now I see it works by individually setting variables/secrets for those, but it might save time and space to have one "AZURE_CREDENTIALS" variable that uses the "Azure/Login" instead
So effectively this:
Would become this:
@happy-parrot-60128 FYI
h

happy-parrot-60128

09/30/2022, 4:54 PM
10 Views