azure-cli-extensions icon indicating copy to clipboard operation
azure-cli-extensions copied to clipboard

Published 20 hours ago verified publisher icon Azure

[FR] `az network bastion ssh --auth-type ssh-key` Ability to point to Key Vault secret

Open o-l-a-v opened this issue 11 months ago • 2 comments

Describe the bug

Would be great if az network bastion ssh --auth-type ssh-key could be pointed to a Key Vault secret containing the SSH private key, in addition to current ability to point to a local file.

How I'd like it to work:

az network bastion ssh --subscription '<bastion_subsciption_id>' `
  --resource-group '<bastion_resource_group>' `
  --name '<bastion_name>' `
  --target-resource-id '/subscriptions/<target_subscription_id>/resourceGroups/<target_resource_group>/providers/Microsoft.Compute/virtualMachines/<target_vm_name>' `
  --auth-type 'ssh-key' --username '<target_vm_username>' --ssh-key 'https://<key_vault_name>.vault.azure.net/secrets/<secret_name>'

Related command

az network bastion ssh --auth-type ssh-key

Errors

Warning: Identity file https://<key_vault_name>.vault.azure.net/secrets/<secret_name> not accessible: No such file or directory.

Issue script & Debug output

None

Expected behavior

Point to Key Vault secret using Azure CLI authenticated context should also work.

Environment Summary

Not relevant.

Additional context

No response

o-l-a-v avatar Feb 29 '24 09:02 o-l-a-v

Thank you for opening this issue, we will look into it.

yonzhan avatar Feb 29 '24 09:02 yonzhan

@necusjz, please help assign this issue to bastion team.

jsntcy avatar Mar 05 '24 10:03 jsntcy