Manual client secrets on azure

internal/config/config_doc.go

@@ -199,7 +199,7 @@ func init() {
 			FieldName: "azure",
 		},
 	}
-	AzureConfigDoc.Fields = make([]encoder.Doc, 10)
+	AzureConfigDoc.Fields = make([]encoder.Doc, 12)
 	AzureConfigDoc.Fields[0].Name = "subscription"
 	AzureConfigDoc.Fields[0].Type = "string"
 	AzureConfigDoc.Fields[0].Note = ""
@@ -225,31 +225,41 @@ func init() {
 	AzureConfigDoc.Fields[4].Note = ""
 	AzureConfigDoc.Fields[4].Description = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://docs.microsoft.com/en-us/azure/virtual-machines/disks-types#disk-type-comparison"
 	AzureConfigDoc.Fields[4].Comments[encoder.LineComment] = "Type of a node's state disk. The type influences boot time and I/O performance. See: https://docs.microsoft.com/en-us/azure/virtual-machines/disks-types#disk-type-comparison"
-	AzureConfigDoc.Fields[5].Name = "measurements"
-	AzureConfigDoc.Fields[5].Type = "Measurements"
+	AzureConfigDoc.Fields[5].Name = "userAssignedIdentity"
+	AzureConfigDoc.Fields[5].Type = "string"
 	AzureConfigDoc.Fields[5].Note = ""
-	AzureConfigDoc.Fields[5].Description = "Expected confidential VM measurements."
-	AzureConfigDoc.Fields[5].Comments[encoder.LineComment] = "Expected confidential VM measurements."
-	AzureConfigDoc.Fields[6].Name = "enforcedMeasurements"
-	AzureConfigDoc.Fields[6].Type = "[]uint32"
+	AzureConfigDoc.Fields[5].Description = "Authorize spawned VMs to access Azure API. See: https://docs.edgeless.systems/constellation/latest/#/getting-started/install?id=azure"
+	AzureConfigDoc.Fields[5].Comments[encoder.LineComment] = "Authorize spawned VMs to access Azure API. See: https://docs.edgeless.systems/constellation/latest/#/getting-started/install?id=azure"
+	AzureConfigDoc.Fields[6].Name = "resourceGroup"
+	AzureConfigDoc.Fields[6].Type = "string"
 	AzureConfigDoc.Fields[6].Note = ""
-	AzureConfigDoc.Fields[6].Description = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
-	AzureConfigDoc.Fields[6].Comments[encoder.LineComment] = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
-	AzureConfigDoc.Fields[7].Name = "userAssignedIdentity"
+	AzureConfigDoc.Fields[6].Description = "Resource group to use."
+	AzureConfigDoc.Fields[6].Comments[encoder.LineComment] = "Resource group to use."
+	AzureConfigDoc.Fields[7].Name = "appClientID"
 	AzureConfigDoc.Fields[7].Type = "string"
 	AzureConfigDoc.Fields[7].Note = ""
-	AzureConfigDoc.Fields[7].Description = "Authorize spawned VMs to access Azure API. See: https://docs.edgeless.systems/constellation/latest/#/getting-started/install?id=azure"
-	AzureConfigDoc.Fields[7].Comments[encoder.LineComment] = "Authorize spawned VMs to access Azure API. See: https://docs.edgeless.systems/constellation/latest/#/getting-started/install?id=azure"
-	AzureConfigDoc.Fields[8].Name = "resourceGroup"
+	AzureConfigDoc.Fields[7].Description = "Application client ID of the Active Directory app registration."
+	AzureConfigDoc.Fields[7].Comments[encoder.LineComment] = "Application client ID of the Active Directory app registration."
+	AzureConfigDoc.Fields[8].Name = "clientSecretValue"
 	AzureConfigDoc.Fields[8].Type = "string"
 	AzureConfigDoc.Fields[8].Note = ""
-	AzureConfigDoc.Fields[8].Description = "Resource group to use."
-	AzureConfigDoc.Fields[8].Comments[encoder.LineComment] = "Resource group to use."
-	AzureConfigDoc.Fields[8].Name = "confidentialVM"
-	AzureConfigDoc.Fields[8].Type = "bool"
-	AzureConfigDoc.Fields[8].Note = ""
-	AzureConfigDoc.Fields[8].Description = "Use VMs with security type Confidential VM. If set to false, Trusted Launch VMs will be used instead. See: https://docs.microsoft.com/en-us/azure/confidential-computing/confidential-vm-overview"
-	AzureConfigDoc.Fields[8].Comments[encoder.LineComment] = "Use VMs with security type Confidential VM. If set to false, Trusted Launch VMs will be used instead. See: https://docs.microsoft.com/en-us/azure/confidential-computing/confidential-vm-overview"
+	AzureConfigDoc.Fields[8].Description = "Client secret value of the Active Directory app registration credentials."
+	AzureConfigDoc.Fields[8].Comments[encoder.LineComment] = "Client secret value of the Active Directory app registration credentials."
+	AzureConfigDoc.Fields[9].Name = "measurements"
+	AzureConfigDoc.Fields[9].Type = "Measurements"
+	AzureConfigDoc.Fields[9].Note = ""
+	AzureConfigDoc.Fields[9].Description = "Expected confidential VM measurements."
+	AzureConfigDoc.Fields[9].Comments[encoder.LineComment] = "Expected confidential VM measurements."
+	AzureConfigDoc.Fields[10].Name = "enforcedMeasurements"
+	AzureConfigDoc.Fields[10].Type = "[]uint32"
+	AzureConfigDoc.Fields[10].Note = ""
+	AzureConfigDoc.Fields[10].Description = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
+	AzureConfigDoc.Fields[10].Comments[encoder.LineComment] = "List of values that should be enforced to be equal to the ones from the measurement list. Any non-equal values not in this list will only result in a warning."
+	AzureConfigDoc.Fields[11].Name = "confidentialVM"
+	AzureConfigDoc.Fields[11].Type = "bool"
+	AzureConfigDoc.Fields[11].Note = ""
+	AzureConfigDoc.Fields[11].Description = "Use VMs with security type Confidential VM. If set to false, Trusted Launch VMs will be used instead. See: https://docs.microsoft.com/en-us/azure/confidential-computing/confidential-vm-overview"
+	AzureConfigDoc.Fields[11].Comments[encoder.LineComment] = "Use VMs with security type Confidential VM. If set to false, Trusted Launch VMs will be used instead. See: https://docs.microsoft.com/en-us/azure/confidential-computing/confidential-vm-overview"
 
 	GCPConfigDoc.Type = "GCPConfig"
 	GCPConfigDoc.Comments[encoder.LineComment] = "GCPConfig are GCP specific configuration values used by the CLI."