terraform-provider-databricks
terraform-provider-databricks copied to clipboard
[FEATURE] Replace ADAL auth with MSAL auth (ADAL out of support december 2022)
Use-cases
For a client, I am evaluating Databricks and its surrounding tools, and the Databricks Terraform provider is raising concerns.
The provider authentication method used for Azure is currently ADAL.
As ADAL will be out of support in December 2022, continuing to use it poses a security risk, as no security fixes will no longer be released. (Ref.: https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-migration)
As for the Go module auto-rest/adal, it will go out of support 31. Mar. 2023.
Ref.: https://github.com/Azure/go-autorest/tree/main/autorest/adal https://docs.microsoft.com/en-us/azure/developer/go/azure-sdk-authorization
Attempted Solutions
None. ADAL support will end soon and security will be compromised.
Proposal
Update the provider to use the azidentity module instead. https://github.com/Azure/azure-sdk-for-go/tree/main/sdk/azidentity
Migration guide: https://github.com/Azure/azure-sdk-for-go/blob/b386adc15c2e60e3812956f68d244b608330c479/sdk/azidentity/MIGRATION.md