Merge pull request #247 from aztfmod/msal

MSAL support in Terraform

Dockerfile

@@ -38,6 +38,7 @@ ENV SSH_PASSWD=${SSH_PASSWD} \
     TF_PLUGIN_CACHE_DIR="/home/${USERNAME}/.terraform.cache/plugin-cache" \
     TF_REGISTRY_DISCOVERY_RETRY=5 \
     TF_REGISTRY_CLIENT_TIMEOUT=15 \
+    ARM_USE_MSGRAPH=true \
     LANG=en_US.UTF-8 \
     LANGUAGE=en_US:en \
     LC_ALL=en_US.UTF-8 \

scripts/functions.sh

@@ -655,17 +655,10 @@ function get_logged_user_object_id {
                 ;;
             *)
                 # Service Principal
-                # Set the security context for Azure Terraform providers
-                session=$(az account show --sdk-auth -o json 2> /dev/null)
-                export ARM_CLIENT_ID=$(echo $session | jq -r .clientId)
-                export ARM_CLIENT_SECRET=$(echo $session | jq -r .clientSecret)
-                export ARM_TENANT_ID=$(echo $session | jq -r .tenantId)
-                export ARM_SUBSCRIPTION_ID=$(echo $session | jq -r .subscriptionId)
-
                 # When connected with a service account the name contains the objectId
-                export TF_VAR_logged_aad_app_objectId=$(az ad sp show --id ${clientId} --query objectId -o tsv) && echo " Logged in rover app object_id: ${TF_VAR_logged_aad_app_objectId}"
+                export TF_VAR_logged_aad_app_objectId=$(az ad sp show --id ${clientId} --query objectId -o tsv 2>/dev/null) && echo " Logged in rover app object_id: ${TF_VAR_logged_aad_app_objectId}"
                 export TF_VAR_logged_user_objectId=${TF_VAR_logged_aad_app_objectId}
-                echo " - logged in Azure AD application:  $(az ad sp show --id ${clientId} --query displayName -o tsv)"
+                echo " - logged in Azure AD application:  $(az ad sp show --id ${clientId} --query displayName -o tsv 2>/dev/null)"
                 ;;
         esac