Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Log user-assigned managed identity IDs #24048

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Log user-assigned managed identity IDs #24048

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions sdk/azidentity/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
### Bugs Fixed

### Other Changes
* `NewManagedIdentityCredential` logs the configured user-assigned identity, if any

## 1.8.1 (2025-01-15)

Expand Down
13 changes: 12 additions & 1 deletion sdk/azidentity/managed_identity_client.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,18 @@ func newManagedIdentityClient(options *ManagedIdentityCredentialOptions) (*manag
c.azClient = client

if log.Should(EventAuthentication) {
log.Writef(EventAuthentication, "Managed Identity Credential will use %s managed identity", env)
msg := fmt.Sprintf("%s will use %s managed identity", credNameManagedIdentity, env)
if options.ID != nil {
kind := "client"
switch options.ID.(type) {
case ObjectID:
kind = "object"
case ResourceID:
kind = "resource"
}
msg += fmt.Sprintf(" with %s ID %q", kind, options.ID.String())
}
log.Write(EventAuthentication, msg)
}

return &c, nil
Expand Down
32 changes: 32 additions & 0 deletions sdk/azidentity/managed_identity_credential_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ import (
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
azruntime "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
"github.com/Azure/azure-sdk-for-go/sdk/internal/log"
"github.com/Azure/azure-sdk-for-go/sdk/internal/mock"
"github.com/Azure/azure-sdk-for-go/sdk/internal/recording"
"github.com/stretchr/testify/require"
Expand Down Expand Up @@ -660,6 +661,37 @@ func TestManagedIdentityCredential_IMDSRetries(t *testing.T) {
}
}

func TestManagedIdentityCredential_Logs(t *testing.T) {
logs := []string{}
log.SetListener(func(e log.Event, msg string) {
if e == EventAuthentication {
logs = append(logs, msg)
}
})
defer log.SetListener(nil)

for _, id := range []ManagedIDKind{ClientID(fakeClientID), ObjectID(fakeObjectID), ResourceID(fakeResourceID), nil} {
_, err := NewManagedIdentityCredential(&ManagedIdentityCredentialOptions{ID: id})
require.NoError(t, err)
require.Len(t, logs, 1)
require.Contains(t, logs[0], "IMDS")
if id != nil {
require.Contains(t, logs[0], id.String())
kind := ""
switch id.(type) {
case ClientID:
kind = "client"
case ObjectID:
kind = "object"
case ResourceID:
kind = "resource"
}
require.Contains(t, logs[0], kind+" ID")
}
logs = nil
}
}

func TestManagedIdentityCredential_UnexpectedIMDSResponse(t *testing.T) {
srv, close := mock.NewServer(mock.WithTransformAllRequestsToTestServerUrl())
defer close()
Expand Down