Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deprecation Notice - Service Principle identity was moved to runtime configuration #1582

Open
tomkerkhove opened this issue Apr 5, 2021 · 1 comment
Open

Deprecation Notice - Service Principle identity was moved to runtime configuration #1582

tomkerkhove opened this issue Apr 5, 2021 · 1 comment
Labels
agents:discovery-agent All issues related to the resource discovery agent agents:scraper All issues related to the scraping agent deprecation-notice All issues announcing a deprecation security All issues related to security

Comments

@tomkerkhove
Copy link
Owner

Promitor has been using service principle authentication from its inception where the identity inforation was configured through the following environment variables:

  • PROMITOR_AUTH_APPKEY
  • PROMITOR_AUTH_APPID

However, as of Promitor Scraper v2.2.0 & Resource Discovery v0.3.0, users can choose how agents authenticate to Microsoft
Azure by declaring the authentication mode in the server configuration:

authentication:
  # Options are ServicePrincipal, SystemAssigedManagedIdentity, UserAssigedManagedIdentity.
  mode: ServicePrincipal
  identityId: xxxx-xxxx-xxxx

With this new approach, users can use Managed Identity authentication leveraging no-secret authentication or keep on
using Service Principle authentication.

Deprecated as of:
Promitor Scraper v2.2.0 & Promitor Resource Discovery v0.3.0

Will be removed on:
Promitor Scraper v3.0 & Promitor Resource Discovery v1.0

Impact:
Migration is required - Use the authentication configuration
to specify Service Principle authentication and configure the identity id in the server configuration.

How to migrate:

  1. Configure service principle authentication in server configuration:
authentication:
  mode: ServicePrincipal
  identityId: xxxx-xxxx-xxxx
  1. Remove PROMITOR_AUTH_APPID environment variable

Alternative:
None.
@tomkerkhove tomkerkhove added security All issues related to security deprecation-notice All issues announcing a deprecation agents:scraper All issues related to the scraping agent agents:discovery-agent All issues related to the resource discovery agent labels Apr 5, 2021
@tomkerkhove tomkerkhove pinned this issue Apr 5, 2021
@tomkerkhove tomkerkhove changed the title Deprecation Notice - Service Principle identity is moved to runtime configuration Deprecation Notice - Service Principle identity was moved to runtime configuration Apr 5, 2021
@tomkerkhove
Copy link
Owner Author

We will continue the conversation on GitHub Discussions - #1583

Repository owner locked as resolved and limited conversation to collaborators Jul 4, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
agents:discovery-agent All issues related to the resource discovery agent agents:scraper All issues related to the scraping agent deprecation-notice All issues announcing a deprecation security All issues related to security
Projects
Promitor Roadmap
Status: Proposed
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tomkerkhove