terraform-provider-databricks icon indicating copy to clipboard operation
terraform-provider-databricks copied to clipboard

Published 20 hours ago verified publisher icon databricks

[FEATURE] Replace ADAL auth with MSAL auth (ADAL out of support december 2022)

Open janlunddk opened this issue 3 years ago • 0 comments

Use-cases

For a client, I am evaluating Databricks and its surrounding tools, and the Databricks Terraform provider is raising concerns.

The provider authentication method used for Azure is currently ADAL.

As ADAL will be out of support in December 2022, continuing to use it poses a security risk, as no security fixes will no longer be released. (Ref.: https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-migration)

As for the Go module auto-rest/adal, it will go out of support 31. Mar. 2023.

Ref.: https://github.com/Azure/go-autorest/tree/main/autorest/adal https://docs.microsoft.com/en-us/azure/developer/go/azure-sdk-authorization

Attempted Solutions

None. ADAL support will end soon and security will be compromised.

Proposal

Update the provider to use the azidentity module instead. https://github.com/Azure/azure-sdk-for-go/tree/main/sdk/azidentity

Migration guide: https://github.com/Azure/azure-sdk-for-go/blob/b386adc15c2e60e3812956f68d244b608330c479/sdk/azidentity/MIGRATION.md

janlunddk avatar Sep 09 '22 08:09 janlunddk