描述
Is your feature request related to a problem? Please describe. I am frustrated when trying to run Azure CLI from PowerShell silently.
az login currently supports these non-interactive authentication modes:
- login with user credentials
- login with SP credentials
- login with SP certificate file (PEM only)
- login with system managed identity
- login with user assigned managed identity
I would like to see some more that are mostly applicable to Windows environments.
Describe the solution you'd like
- login with SP certificate coming from a certificate store (Windows only)
- login with an existing access token obtained for the appropriate audience, such as piping Azure PowerShell access token into Azure CLI.
- single sign-on with Windows identity from a domain environment connected to an AAD tenant with ADFS
I don't want to provide any credentials (user credentials or SP ID / Key) via CLI to login silently, because it's the least secure option. However, it's fine if I can't use single sign on if I am stopped by MFA.
Describe alternatives you've considered
We are now trialing login with user assigned managed identity case with preview managed identities.
Additional context
I am trying to call az acr build and az acr repository commands from PowerShell, because Azure PowerShell set of ACR commands is lacking.