Skip to content

Commit

Permalink
Update README.md
Browse files Browse the repository at this point in the history
With added app registration details for OIDC
  • Loading branch information
BALAGA-GAYATRI authored Dec 13, 2021
1 parent 66d2e78 commit 94c2e15
Showing 1 changed file with 9 additions and 7 deletions.
16 changes: 9 additions & 7 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -226,13 +226,15 @@ Follow the steps to configure Azure Service Principal with a secret:
You can add federated credentials in the Azure portal or with the Microsoft Graph REST API.

#### Azure portal
1. Go to **Certificates and secrets**. In the **Federated credentials** tab, select **Add credential**.
1. The **Add a credential** blade opens.
1. In the **Federated credential scenario** box select **GitHub actions deploying Azure resources**.
1. Specify the **Organization** and **Repository** for your GitHub Actions workflow which needs to access the Azure resources scoped by this App (Service Principal)
1. For **Entity type**, select **Environment**, **Branch**, **Pull request**, or **Tag** and specify the value, based on how you have configured the trigger for your GitHub workflow. For a more detailed overview, see [GitHub OIDC guidance]( https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#defining-[…]dc-claims).
1. Add a **Name** for the federated credential.
1. Click **Add** to configure the federated credential.
1. [Register an application](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app) in Azure Portal
2. Within the registered application, Go to **Certificates & secrets**.
3. In the **Federated credentials** tab, select **Add credential**.
4. The **Add a credential** blade opens.
5. In the **Federated credential scenario** box select **GitHub actions deploying Azure resources**.
6. Specify the **Organization** and **Repository** for your GitHub Actions workflow which needs to access the Azure resources scoped by this App (Service Principal)
7. For **Entity type**, select **Environment**, **Branch**, **Pull request**, or **Tag** and specify the value, based on how you have configured the trigger for your GitHub workflow. For a more detailed overview, see [GitHub OIDC guidance]( https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#defining-[…]dc-claims).
8. Add a **Name** for the federated credential.
9. Click **Add** to configure the federated credential.

For a more detailed overview, see more guidance around [Azure Federated Credentials](https://docs.microsoft.com/en-us/azure/active-directory/develop/workload-identity-federation-create-trust-github).

Expand Down

0 comments on commit 94c2e15

Please sign in to comment.