Skip to content

Commit

Permalink
Make live managed identity tests independent of soft delete (#10879)
Browse files Browse the repository at this point in the history
  • Loading branch information
@chlowell
chlowell authored Apr 17, 2020
1 parent 796073c commit 379f829
Show file tree
Hide file tree
Showing 6 changed files with 11 additions and 11 deletions.
4 changes: 2 additions & 2 deletions sdk/identity/azure-identity/tests/azure-functions/readme.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ Allow the system-assigned identity to access the Key Vault:
```sh
az keyvault set-policy -n $KEY_VAULT_NAME \
--object-id $(az functionapp identity show -g $RESOURCE_GROUP -n $FUNCTION_APP_SYSTEM_ASSIGNED --query principalId -o tsv) \
--secret-permissions set delete
--secret-permissions list
```


Expand All @@ -108,7 +108,7 @@ Allow it to access the Key Vault:
```sh
az keyvault set-policy -n $KEY_VAULT_NAME \
--object-id $(az identity show -g $RESOURCE_GROUP -n $MANAGED_IDENTITY_NAME --query principalId -o tsv) \
--secret-permissions set delete
--secret-permissions list
```


Expand Down
4 changes: 2 additions & 2 deletions sdk/identity/azure-identity/tests/managed-identity-live/appservice.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@ Allow the system-assigned identity to access the Key Vault:
```sh
az keyvault set-policy -n $KEY_VAULT_NAME -g $RESOURCE_GROUP \
--object-id $(az webapp show -n $WEB_APP_SYSTEM_ASSIGNED -g $RESOURCE_GROUP --query identity.principalId -o tsv) \
--secret-permissions set delete
--secret-permissions list
```

### Managed identity
Expand All @@ -103,7 +103,7 @@ Allow it to access the Key Vault:
```sh
az keyvault set-policy -n $KEY_VAULT_NAME \
--object-id $(az identity show -g $RESOURCE_GROUP -n $MANAGED_IDENTITY_NAME --query principalId -o tsv) \
--secret-permissions set delete
--secret-permissions list
```

### Web app: user-assigned identity
Expand Down
4 changes: 2 additions & 2 deletions sdk/identity/azure-identity/tests/managed-identity-live/test_managed_identity_live.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,5 +16,5 @@ def test_managed_identity_live(live_managed_identity_config):

# do something with Key Vault to verify the credential can get a valid token
client = SecretClient(live_managed_identity_config["vault_url"], credential, logging_enable=True)
secret = client.set_secret("managed-identity-test-secret", "value")
client.begin_delete_secret(secret.name)
for _ in client.list_properties_of_secrets():
pass
4 changes: 2 additions & 2 deletions sdk/identity/azure-identity/tests/managed-identity-live/test_managed_identity_live_async.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,5 +20,5 @@ async def test_managed_identity_live(live_managed_identity_config):

# do something with Key Vault to verify the credential can get a valid token
client = SecretClient(live_managed_identity_config["vault_url"], credential, logging_enable=True)
secret = await client.set_secret("managed-identity-test-secret", "value")
await client.delete_secret(secret.name)
async for _ in client.list_properties_of_secrets():
pass
4 changes: 2 additions & 2 deletions sdk/identity/azure-identity/tests/managed-identity-live/vm.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,14 +82,14 @@ Allow the VM with system-assigned identity to access the Key Vault's secrets:
```sh
az keyvault set-policy -n $KEY_VAULT_NAME \
--object-id $(az vm show -n $VM_NAME_SYSTEM_ASSIGNED -g $RESOURCE_GROUP --query identity.principalId -o tsv) \
--secret-permissions set delete
--secret-permissions list
```

Do the same for the user-assigned identity:
```sh
az keyvault set-policy -n $KEY_VAULT_NAME \
--object-id $(az identity show -g $RESOURCE_GROUP -n $MANAGED_IDENTITY_NAME --query principalId -o tsv) \
--secret-permissions set delete
--secret-permissions list
```

# Install dependencies
Expand Down
2 changes: 1 addition & 1 deletion sdk/identity/azure-identity/tests/pod-identity/readme.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ az keyvault create -g $RESOURCE_GROUP -n $KEY_VAULT_NAME --sku standard

Add an access policy for the managed identity:
```sh
az keyvault set-policy -n $KEY_VAULT_NAME --object-id $MANAGED_IDENTITY_PRINCIPAL_ID --secret-permissions set delete
az keyvault set-policy -n $KEY_VAULT_NAME --object-id $MANAGED_IDENTITY_PRINCIPAL_ID --secret-permissions list
```

### container registry
Expand Down

0 comments on commit 379f829

Please sign in to comment.