This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: secrets-store.csi.x-k8s.io/v1 | |
kind: SecretProviderClass | |
metadata: | |
name: azure-kv-password-provider | |
namespace: blog-post | |
spec: | |
provider: azure | |
secretObjects: | |
- secretName: secret-blog-post |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kind: Pod | |
apiVersion: v1 | |
metadata: | |
name: busybox-secrets-store-inline | |
namespace: blog-post | |
spec: | |
serviceAccountName: kv-access-account | |
containers: | |
- name: busybox | |
image: registry.k8s.io/e2e-test-images/busybox:1.29-4 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: secrets-store.csi.x-k8s.io/v1 | |
kind: SecretProviderClass | |
metadata: | |
name: azure-kv-password-provider | |
namespace: blog-post | |
spec: | |
provider: azure | |
parameters: | |
keyvaultName: kv-blogpost-jx01 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
az identity federated-credential create | |
--name "kubernetes-federated-credential" | |
--identity-name $USER_ASSIGNED_IDENTITY_NAME | |
--resource-group $RESOURCE_GROUP | |
--issuer $AKS_OIDC_URL | |
--subject "system:serviceaccount:${SERVICE_ACCOUNT_NAMESPACE}:${SERVICE_ACCOUNT_NAME}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: v1 | |
kind: Namespace | |
metadata: | |
name: blog-post | |
--- | |
apiVersion: v1 | |
kind: ServiceAccount | |
metadata: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// See https://aka.ms/new-console-template for more information | |
using Microsoft.Identity.Client; | |
var app = ConfidentialClientApplicationBuilder | |
.Create("a43255e1-24df-4b22-94e9-4e583e6301c3") | |
.WithClientSecret("RKP8Q~LKTGJKwzsItxnpIfIVG2XMAyPG1IhvIcpk") | |
.WithAuthority(new Uri("https://login.microsoftonline.com/81699cc3-1e16-40c8-afb9-5b4e2aac2dca")) | |
.Build(); | |
var token = await app.AcquireTokenForClient(new[] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#r "Newtonsoft.Json" | |
using System.Net; | |
using Microsoft.AspNetCore.Mvc; | |
using Microsoft.Extensions.Primitives; | |
using Newtonsoft.Json; | |
public static IActionResult Run(HttpRequest req, ILogger log) | |
{ | |
return new OkObjectResult("ping"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"snow_identifier": string, | |
"app_id": string, | |
"role_assignments": [ | |
{ | |
"backend_application_id": string, | |
"roles": [ string ] | |
} | |
] | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"snow_identifier": string, | |
"app_id": string (Guid), | |
"application_roles": [ | |
{ | |
"displayName": string, | |
"description": string, | |
"roleName": string | |
} | |
], |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
terraform { | |
} | |
variable storage_account_resource_group_name { | |
type = string | |
} | |
variable storage_account_name { | |
type = string | |
} |