SUMMARY Hi, After upgrading to 2.x I have this e

Same issue with latest ansible version <div class="snippet-clipboard-content notra

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

Hi, I installed all the requirements from your <code class="notransl

Return value for local execution： <div class="snippet-clipboard-content notranslat

We passed the parameter <div class="snippet-clipboard-content notranslate position

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

Upgrade from 1.19 to 2.x - "msg": "Find the key vault secret got exception, exception as The current credential is not configured to acquire tokens for tenant xxx. about azure HOT 15 OPEN

Poil commented on September 28, 2024

Upgrade from 1.19 to 2.x - "msg": "Find the key vault secret got exception, exception as The current credential is not configured to acquire tokens for tenant xxx.

from azure.

Comments (15)

Poil commented on September 28, 2024

Same issue with latest ansible version

ansible [core 2.16.6]
  config file = None
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.11/dist-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.11.2 (main, Mar 13 2023, 12:18:29) [GCC 12.2.0] (/usr/bin/python3)
  jinja version = 3.1.3
  libyaml = True

from azure.

Poil commented on September 28, 2024

If I patch site-packages/azure/identity/_internal/utils.py with self._additionally_allowed_tenants = additionally_allowed_tenants or ['*'] it works

It looks like that the tenant is not passed to the identity library, I don't find why

from azure.

Fred-sun commented on September 28, 2024

@Poil I switched the version test and did not encounter the problem you mentioned, but according to the error log, I encountered an error when obtaining authorization. Could you please provide the version of 'azure-identity'?

from azure.

Poil commented on September 28, 2024

Hi,

I installed all the requirements from your requirements-azure.txt of collection v2.3.0

$ pip freeze |grep identi
azure-identity==1.14.0

from azure.

Fred-sun commented on September 28, 2024

You use 'az login' or credential files?

from azure.

Fred-sun commented on September 28, 2024

Return value for local execution：

TASK [debug] ****************************************************************************************************
ok: [localhost] => {
    "facts": {
        "changed": false,
        "failed": false,
        "secrets": [
            {
                "attributes": {
                    "created": "2024-04-24T07:36:11+00:00",
                    "enabled": true,
                    "expires": "2030-03-04T04:05:06+00:00",
                    "not_before": "2000-01-02T01:02:03+00:00",
                    "recovery_level": "Recoverable+Purgeable",
                    "updated": "2024-04-24T07:36:11+00:00"
                },
                "content_type": "Content Type Secret",
                "secret": "mysecret",
                "sid": "xxxxxxxxxxxxxxxxxxx",
                "tags": {
                    "delete": "on-exit",
                    "testing": "test"
                },
                "version": "543a295656dd42d1b394fb174d32c2f4"
            }
        ]
    }
}

from azure.

Poil commented on September 28, 2024

We passed the parameter

    azure.azcollection.azure_rm_keyvaultsecret_info:
          client_id: "{{ AZURE_CLIENT_ID }}"
          secret: "{{ AZURE_SECRET }}"
          subscription_id: "{{ AZURE_SUBSCRIPTION_ID }}"
          tenant: "{{ AZURE_TENANT }}"
          vault_uri: "{{ AZURE_KEYVAULT_URI }}"
          name: "{{ item }}"

perhaps I'm wrong but it looks like keyvault module don't use the tenant_id passed if I grep in the python module, it looks like to be extracted from the kv url ? self.tenant_id = uri_path.split("/")[0] or None

from azure.

Poil commented on September 28, 2024

When using azure cli to auth it works

from azure.

Fred-sun commented on September 28, 2024

I can git the secret through the parameters! It works!

from azure.

Fred-sun commented on September 28, 2024

@Poil Are you use multi-tenant to authentication? is the tenant you configured in the parameters consistent with the tenant in you 'az account show'? According to the error, it is the case of tenant. Thank you !

from azure.

Fred-sun commented on September 28, 2024

kindly ping!

from azure.

Poil commented on September 28, 2024

Hi,

Sorry I'm in holidays :)

We use a service principal, so not multi tenant

Regards

from azure.

Fred-sun commented on September 28, 2024

@Poil I am testing locally, and only if you use the wrong tenant id will you encounter such an error, When you come back from your vacation, could you please check and confirm? Thank you!

from azure.

Fred-sun commented on September 28, 2024

@Poil In addition, Do you manage resources under different subscription ids?

from azure.

Fred-sun commented on September 28, 2024

@Poil What version of Azure. azcollection do you have installed? Thank you!

from azure.

Upgrade from 1.19 to 2.x - "msg": "Find the key vault secret got exception, exception as The current credential is not configured to acquire tokens for tenant xxx. about azure HOT 15 OPEN

Comments (15)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent