-
Notifications
You must be signed in to change notification settings - Fork 124
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Do not pass a client ID into the request body for MICredential within a Cloud Shell environment, but rather throw, as not supported. #5837
Conversation
environment, but rather throw, as not supported.
/azp run cpp - identity |
Azure Pipelines successfully started running 1 pipeline(s). |
Pushing this out to September, since August is a GA release, and I want to wait until more language SDKs have made similar changes. Folks, please review and approve, or share any other feedback you might have. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The PR does what is says and I see no problems in it, I do not know enough to be certain if that is the right thing to do, but from what I can see it is the right thing to do. I am also not sure if throwing is better than ignoring - from what I've seen some languages (Go, Python) seem to effectively ignore it rather than to fail with error, leaving that up to you to decide.
The issue has links to all other languages that are going to make the same change as .NET/C++ to throw and fail-fast rather than silently ignore. |
…o CloudShellFail ally if it merges an updated upstream into a topic branch.
…0955) ### Packages impacted by this PR @azure/identity ### Issues associated with this PR Resolves #30380 ### Describe the problem that is addressed by this PR If the Cloud Shell ManagedIdentitySource is detected via MSAL and a user-assigned managed identity clientID or resourceID is supplied, the ManagedIdentityCredential should throw. The rationale for taking this minor breaking change is that CloudShell does not support specifying a clientID or ResourceID and the current behavior of silently falling back to attempting to use a system-assigned identity could be unexpected. ### Provide a list of related PRs _(if any)_ Azure/azure-sdk-for-cpp#5837
Fixes #5783
cc @christothes, @chlowell