libcloud icon indicating copy to clipboard operation
libcloud copied to clipboard
verified publisher icon apache

Update US GovCloud AD endpoint for AZURE_ARM provider

Open CrCliff opened this issue 9 months ago • 0 comments

[AZURE_ARM] Update AD endpoint for Azure US GovCloud

Description

The AZURE_ARM provider was using the incorrect Active Directory endpoint for the Azure US Government environment.

I was seeing the following error when attempting to use the provider with the environment.

cls = get_driver(Provider.AZURE_ARM)
driver = cls(
    cloud_environment="AzureUSGovernment",
    tenant_id="...",
    subscription_id="....",
    key="...",
    secret="...",
)
# BaseHTTPError: Confidential Client is not supported in Cross Cloud request.

The az cloud list command provides the current AD endpoint.

$ az cloud list
  {
    "name": "AzureUSGovernment",
    "endpoints": {
      "activeDirectory": "https://login.microsoftonline.us",
     // ....
    },
    // ...
  },

After updating the endpoint the service principal authenticates as expected.

Status

  • done, ready for review

Checklist

  • [ ] Code linting (required, can be done after the PR checks)
  • [ ] Documentation
  • [ ] Tests
  • [ ] ICLA (required for bigger changes)

CrCliff avatar Mar 20 '25 23:03 CrCliff