No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Is this with the azure provider (not azure-native)?
Can you try running `az account get-access-token` ?

oh wait no this is azure-native I can't read! Still try that command out, might give some pointers

it shows me stuff :slightly_smiling_face:

the token expires in about 10 minutes from now, the subscription matches the one I set using az account --subscription and it's tokenType "Bearer"

`az ad signed-in-user show -o=json` is one of the other credential fetching commands

lotsa stuff, obviously in json - seems to work.  No errors at least.  It did print the same warning but that's an az cli API thing I'm guessing.

the code expects the command output to be pure json

if I can force it somehow to --only-show-errors then it'd work.  is the underlying pulumi code really using a shell out?

yeh it's actually using some terraform auth helper code from <https://github.com/hashicorp/go-azure-helpers>

or, for now I'm happy to go *any* other path to get it working.  My next step would be to create an SP by hand

I don't know az auth methods enough to help out more here. I'd suggest raising an issue about this at <https://github.com/pulumi/pulumi-azure-native/issues> our providers team might have an answer for now and they'll need to fix this issue properly at some point

downgrading az command line to 2.32.0 solves this problem.