Getting managedIdentityClientId from configmap support

[antoineozenne-at-leocare]

It should be great if we could get spec.auth.workloadIdentity.managedIdentityClientId from a configmap.

In my use case, I deploy the managed identity with Azure Service Operator. This operator allows putting and reading the clientId of the managed identity in a configmap. So if a resource needs to get the clientId, it can get it from the configmap.

I would like to do the same thing with AzureAppConfigurationProvider, in a GitOps way.

[RichardChen820]

Are you looking forward something like this?

spec:
  endpoint: <your-app-configuration-store-endpoint>
  target:
    configMapName: demo
  auth:
    workloadIdentity:
      configMapReference:
         configMapName: cm-contains-managed-identity-id
         key: key-of-managed-identity-id

[antoineozenne-at-leocare]

Exactly!

[RichardChen820]

It sounds like a reasonable case to me. We are working on the v1 stable version release now and will consider adding it in v1. Thanks for you feedback, please stay tuned

[RichardChen820]

Added the auth.workloadIdentity.managedIdentityClientIdReference property for workloadIdentity authentication in v1.1.0. It enables the retrieval of the client ID of a user-assigned managed identity from a ConfigMap

spec:
  endpoint: <your-app-configuration-store-endpoint>
  target:
    configMapName: demo
  auth:
    workloadIdentity:
      managedIdentityClientIdReference:
         configMap: cm-contains-managed-identity-id
         key: key-of-managed-identity-id