diff --git a/pkg/metadata/labels_annotations.go b/pkg/metadata/labels_annotations.go index 5dae9b6..cf6ec56 100644 --- a/pkg/metadata/labels_annotations.go +++ b/pkg/metadata/labels_annotations.go @@ -5,11 +5,11 @@ const MetadataNamespace = "barmancloud.cnpg.io" const ( // UseDefaultAzureCredentialsAnnotationName is an annotation that can be set - // on an ObjectStore resource to enable the use DefaultAzureCredentials - // to authenticate to Azure. This is meant to be used with inheritFromAzureAD enabled. + // on an ObjectStore resource to enable the authentication to Azure via DefaultAzureCredentials. + // This is meant to be used with inheritFromAzureAD enabled. UseDefaultAzureCredentialsAnnotationName = MetadataNamespace + "/useDefaultAzureCredentials" // UseDefaultAzureCredentialsTrueValue is the value for the annotation - // barmancloud.cnpg.io/useDefaultAzureCredentials to enable the use of DefaultAzureCredentials + // barmancloud.cnpg.io/useDefaultAzureCredentials to enable the DefaultAzureCredentials auth mechanism. UseDefaultAzureCredentialsTrueValue = "true" ) diff --git a/web/docs/object_stores.md b/web/docs/object_stores.md index ed5d203..ea4f942 100644 --- a/web/docs/object_stores.md +++ b/web/docs/object_stores.md @@ -233,7 +233,7 @@ Barman Cloud supports the following authentication methods: - Storage Account Name + [Access Key](https://learn.microsoft.com/en-us/azure/storage/common/storage-account-keys-manage) - Storage Account Name + [SAS Token](https://learn.microsoft.com/en-us/azure/storage/blobs/sas-service-create) - [Azure AD Workload Identity](https://azure.github.io/azure-workload-identity/docs/introduction.html) -- [Azure Default Credentials](https://learn.microsoft.com/en-us/azure/developer/go/sdk/authentication/credential-chains#defaultazurecredential-overview) +- [DefaultAzureCredential](https://learn.microsoft.com/en-us/azure/developer/go/sdk/authentication/credential-chains#defaultazurecredential-overview) ### Azure AD Workload Identity @@ -253,10 +253,11 @@ spec: [...] ``` -### Azure Default Credentials +### DefaultAzureCredential -To authenticate using Azure Default Credentials, set the annotation -`barmancloud.cnpg.io/useDefaultAzureCredentials="true"` on the ObjectStore: +To authenticate using `DefaultAzureCredential`, set the annotation +`barmancloud.cnpg.io/useDefaultAzureCredential="true"` on the ObjectStore in +conjunction with the `.spec.configuration.inheritFromAzureAD` option: ```yaml apiVersion: barmancloud.cnpg.io/v1 @@ -264,7 +265,7 @@ kind: ObjectStore metadata: name: azure-store annotations: - barmancloud.cnpg.io/useDefaultAzureCredentials: "true" + barmancloud.cnpg.io/useDefaultAzureCredential: "true" spec: configuration: destinationPath: ""