4d94ba8e14
* agent/azure: adds ability to use specific user assigned managed identity for auto auth * add changelog * change wording in error and docs * Update website/content/docs/agent/autoauth/methods/azure.mdx Co-authored-by: Theron Voran <tvoran@users.noreply.github.com> * Update website/content/docs/agent/autoauth/methods/azure.mdx Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com> * docs formatting Co-authored-by: Theron Voran <tvoran@users.noreply.github.com> Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
30 lines
1.2 KiB
Plaintext
30 lines
1.2 KiB
Plaintext
---
|
|
layout: docs
|
|
page_title: Vault Agent Auto-Auth Azure Method
|
|
description: Azure Method for Vault Agent Auto-Auth
|
|
---
|
|
|
|
# Vault Agent Auto-Auth Azure Method
|
|
|
|
The `azure` method reads in Azure instance credentials and uses them to
|
|
authenticate with the [Azure Auth
|
|
method](/docs/auth/azure). It reads most
|
|
parameters needed for authentication directly from instance information based
|
|
on the value of the `resource` parameter.
|
|
|
|
## Configuration
|
|
|
|
- `role` `(string: required)` - The role to authenticate against on Vault
|
|
|
|
- `resource` `(string: required)` - The resource name to use when getting instance information
|
|
|
|
- `object_id` `(string: optional)` - The object ID of the user-assigned managed identity to use
|
|
when acquiring an [access token][azure-access-token]. Only one of `object_id` or `client_id`
|
|
may be provided.
|
|
|
|
- `client_id` `(string: optional)` - The client ID of the user-assigned managed identity to use
|
|
when acquiring an [access token][azure-access-token]. Only one of `object_id` or `client_id`
|
|
may be provided.
|
|
|
|
[azure-access-token]: https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-use-vm-token#get-a-token-using-http
|