Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Azure AD (AAD) Service Principal Support for GHEC EMUs (Preview) #360

Closed
github-product-roadmap opened this issue Dec 15, 2021 · 2 comments
Labels
cloud Available on Cloud Enterprise Product SKU: GitHub Enterprise identity Feature: Github identity preview Feature phase: Preview

Comments

@github-product-roadmap
Copy link
Collaborator

github-product-roadmap commented Dec 15, 2021

Summary

Many large GitHub Enterprise customers use Service Principals to serve their automation needs in a centralised, auditable and secure fashion. Service Principals support the full identity and credential lifecycle for automation scenarios.

Intended Outcome

In this initiative, we will enable support for Azure AD Service Principles for GHEC EMUs as credentials on GitHub apps. We will later bring this capability to GHAE and GHES.

How will it work?

To begin, enterprise customers will first need to configure a GHEC EMU Enterprise utilizing Azure AD OpenID Connect (OIDC). Next, an Azure AD admin will create the application and service principal objects in the application's AAD tenant. Finally, an organization owner will register the Service Principal as a credential on a GitHub Application within their GHEC EMU Enterprise, installed to one or more organizations.

@github github locked and limited conversation to collaborators Dec 15, 2021
@github-product-roadmap github-product-roadmap added admin-cloud preview Feature phase: Preview cloud Available on Cloud Enterprise Product SKU: GitHub Enterprise labels Dec 15, 2021
@Sid-ah Sid-ah moved this to Q2 2022 – Apr-Jun in GitHub Public Roadmap Dec 15, 2021
@alexcnichols alexcnichols moved this from Q2 2022 – Apr-Jun to Future in GitHub Public Roadmap Apr 13, 2022
@natalierjackson natalierjackson moved this from Future to Q4 2022 – Oct-Dec in GitHub Public Roadmap Jun 15, 2022
@ankneis ankneis moved this from Q4 2022 – Oct-Dec to Q1 2023 – Jan-Mar in GitHub Public Roadmap Sep 14, 2022
@ankneis ankneis moved this from Q1 2023 – Jan-Mar to Future in GitHub Public Roadmap Oct 19, 2022
@ankneis ankneis added identity Feature: Github identity and removed admin-cloud labels Jan 6, 2023
@blakebrunson blakebrunson changed the title Azure AD (AAD) Service Principal Support for GHEC EMUs (Beta) Azure AD (AAD) Service Principal Support for GHEC EMUs (Preview) Oct 18, 2024
@ankneis
Copy link
Collaborator

ankneis commented Nov 20, 2024

This issue is being closed as outdated. For more information, please check out this Discussion post. Stay tuned for new additions to our refreshed public roadmap!

@ankneis ankneis closed this as not planned Won't fix, can't repro, duplicate, stale Nov 20, 2024
@ankneis
Copy link
Collaborator

ankneis commented Dec 17, 2024

We wanted to provide more details on why we removed this from the roadmap. Building and maintaining a strong platform-centric approach to integrations and automations is a key part of GitHub's product strategy going forward. Currently we are improving the custom RBAC and least privilege permissions structures in GitHub Enterprise that are available to human and machine actors. As we have added support for more identity providers with the "Bring Your Own Identity Provider to GitHub" update, we will be evaluating how to apply the service principal platform goals more broadly to the GitHub service.

Feel free to upvote and share your thoughts in this dedicated thread —your feedback really helps us prioritize!

If this thread doesn’t quite cover what you had in mind, feel free to start a new discussion.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
cloud Available on Cloud Enterprise Product SKU: GitHub Enterprise identity Feature: Github identity preview Feature phase: Preview
Projects
Status: Future
Development

No branches or pull requests

2 participants