https://github.com/bartvanbenthem/azauth
Go module with token package to request Azure Resource Manager and Azure Graph tokens.
https://github.com/bartvanbenthem/azauth
Last synced: 5 months ago
JSON representation
Go module with token package to request Azure Resource Manager and Azure Graph tokens.
- Host: GitHub
- URL: https://github.com/bartvanbenthem/azauth
- Owner: bartvanbenthem
- License: mit
- Created: 2021-12-01T14:31:23.000Z (over 4 years ago)
- Default Branch: main
- Last Pushed: 2023-03-22T11:25:44.000Z (about 3 years ago)
- Last Synced: 2024-06-20T08:03:01.181Z (almost 2 years ago)
- Language: Go
- Size: 3.36 MB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# azAUTH
Go module with token package to request Azure Resource Manager and Azure Graph tokens.
## prerequisites
Install azure cli: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest
## create azure spn
#### set variables for creating app registration
``` shell
$ spname='<>'
$ tenantId=$(az account show --query tenantId -o tsv)
$ subscriptions=('<>')
```
#### Create the Azure AD application
``` shell
$ applicationId=$(az ad app create \
--display-name "$spname" \
--identifier-uris "https://$spname" \
--query appId -o tsv)
```
#### Update the application group memebership claims
``` shell
$ az ad app update --id $applicationId --set groupMembershipClaims=All
```
#### Create a service principal for the Azure AD application
``` shell
$ az ad sp create --id $applicationId
```
#### Get the service principal secret
``` shell
$ applicationSecret=$(az ad sp credential reset \
--name $applicationId \
--credential-description "passwrd" \
--query password -o tsv)
```
#### Add SPN to the subscriptions as an reader
``` shell
for s in "${subscriptions[@]}"; do {
az role assignment create --assignee $applicationId --subscription $s --role 'Reader'
}; done
```
## set environment variables for auth
Once the Azure App registration is created set the following environment variables:
``` shell
$ export AZURE_CLIENT_ID='$applicationId'
$ export AZURE_TENANT_ID=$tenantId
$ export AZURE_CLIENT_SECRET='$applicationSecret'
```
## Install and run the example Access Token Printer
```shell
$ go get github.com/bartvanbenthem/azauth
$ cd azauth
$ sudo cp bin/aztokenprinter /usr/bin
$ aztokenprinter
```