Skip to main content
Sign in Dashboard Get started
  1. Docs
  2. pulumi env provider azure-login oidc | CLI commands

pulumi env provider azure-login oidc | CLI commands

Generated for Pulumi CLI v3.244.0.

    Add an Azure OIDC login provider to an environment

    Synopsis

    [EXPERIMENTAL] Add an Azure OIDC login provider to an environment

    Writes an fn::open::azure-login block with oidc: true at the configured path under values. The Azure federated credential must be provisioned separately (e.g. with Pulumi). If a block already exists at the path it is replaced.

    See https://www.pulumi.com/docs/esc/providers/login/azure-login/ for the full provider reference.

    pulumi env provider azure-login oidc [<org>/][<project>/]<environment-name> <tenant-id> <subscription-id> <client-id> [flags]

    Options

          --create                          create the environment if it does not already exist
      --draft string[="new"]            set flag without a value (--draft) to create a draft rather than saving changes directly. --draft=<change-request-id> to update an existing change request.
  -h, --help                            help for oidc
      --path values                     property path under values where the provider block is written (default "azure.login")
      --subject-attribute stringArray   OIDC subject attribute to include in the federated token (repeatable)

    Options inherited from parent commands

          --color string                 Colorize output. Choices are: always, never, raw, auto (default "auto")
  -C, --cwd string                   Run pulumi as if it had been started in another directory
      --disable-integrity-checking   Disable integrity checking of checkpoint files
  -e, --emoji                        Enable emojis in the output
      --env string                   The name of the environment to operate on.
  -Q, --fully-qualify-stack-names    Show fully-qualified stack names
      --logflow                      Flow log settings to child processes (like plugins)
      --logtostderr                  Log to stderr instead of to files
      --memprofilerate int           Enable more precise (and expensive) memory allocation profiles by setting runtime.MemProfileRate
      --non-interactive              Disable interactive mode for all commands
      --otel-traces string           Export OpenTelemetry traces to the specified endpoint. Use file:// for local JSON files, grpc:// for remote collectors
      --profiling string             Emit CPU and memory profiles and an execution trace to '[filename].[pid].{cpu,mem,trace}', respectively
      --tracing file:                Emit tracing to the specified endpoint. Use the file: scheme to write tracing data to a local file
  -v, --verbose int                  Enable verbose logging (e.g., v=3); anything >3 is very verbose

    SEE ALSO