Azure: add option to force use of CLI credential #4799
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR change? What problem does it solve?
In Azure, VMs can have multiple identities at the same time, for example a managed identity and an Azure CLI identity. Sometimes the managed identity is not under control of the user but the user can still login with the Azure CLI. In those cases, being able to use the Azure CLI identity with restic makes sense.
DefaultAzureCredential
first tries environment variables, managed identity, workload identity, and eventually Azure CLI identity. This PR introduces a new environment variable that forces use of the Azure CLI identity:Was the change previously discussed in an issue or on the forum?
Checklist
changelog/unreleased/
that describes the changes for our users (see template).gofmt
on the code in all commits.