Skip to content

Commit

Permalink
Support managed identity auth in azuremonitor receiver
Browse files Browse the repository at this point in the history
  • Loading branch information
@sriniketh923
sriniketh923 committed Jun 14, 2024
1 parent e89af1a commit 6693fb3
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 1 deletion.
8 changes: 7 additions & 1 deletion receiver/azuremonitorreceiver/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -249,6 +249,7 @@ type Config struct {
const (
servicePrincipal = "service_principal"
workloadIdentity = "workload_identity"
managedIdentity = "managed_identity"
)

// Validate validates the configuration by checking for missing or invalid fields
Expand Down Expand Up @@ -282,8 +283,13 @@ func (c Config) Validate() (err error) {
if c.FederatedTokenFile == "" {
err = multierr.Append(err, errMissingFedTokenFile)
}

case managedIdentity:
if c.ClientID == "" {
err = multierr.Append(err, errMissingClientID)
}
default:
return fmt.Errorf("authentication %v is not supported. supported authentications include [%v,%v]", c.Authentication, servicePrincipal, workloadIdentity)
return fmt.Errorf("authentication %v is not supported. supported authentications include [%v,%v,%v]", c.Authentication, servicePrincipal, workloadIdentity, managedIdentity)
}

if c.Cloud != azureCloud && c.Cloud != azureGovernmentCloud {
Expand Down
7 changes: 7 additions & 0 deletions receiver/azuremonitorreceiver/scraper.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,7 @@ type azureScraper struct {
mb *metadata.MetricsBuilder
azIDCredentialsFunc func(string, string, string, *azidentity.ClientSecretCredentialOptions) (*azidentity.ClientSecretCredential, error)
azIDWorkloadFunc func(options *azidentity.WorkloadIdentityCredentialOptions) (*azidentity.WorkloadIdentityCredential, error)
azIDManagedIdentityFunc func(options *azidentity.ManagedIdentityCredentialOptions) (*azidentity.ManagedIdentityCredential, error)
armClientOptions *arm.ClientOptions
armClientFunc func(string, azcore.TokenCredential, *arm.ClientOptions) (*armresources.Client, error)
armMonitorDefinitionsClientFunc func(string, azcore.TokenCredential, *arm.ClientOptions) (*armmonitor.MetricDefinitionsClient, error)
Expand Down Expand Up @@ -184,6 +185,12 @@ func (s *azureScraper) loadCredentials() (err error) {
if s.cred, err = s.azIDWorkloadFunc(nil); err != nil {
return err
}
case managedIdentity:
if s.cred, err = s.azIDManagedIdentityFunc(&azidentity.ManagedIdentityCredentialOptions{
ID: azidentity.ClientID(s.cfg.ClientID),
}); err != nil {
return err
}
default:
return fmt.Errorf("unknown authentication %v", s.cfg.Authentication)
}
Expand Down

0 comments on commit 6693fb3

Please sign in to comment.