msticpy.auth.azure_auth_core module
Azure KeyVault pre-authentication.
- class msticpy.auth.azure_auth_core.AzCredentials(legacy, modern)
Bases:
tuple
Create new instance of AzCredentials(legacy, modern)
- count(value, /)
Return number of occurrences of value.
- index(value, start=0, stop=9223372036854775807, /)
Return first index of value.
Raises ValueError if the value is not present.
- legacy
Alias for field number 0
- modern
Alias for field number 1
- class msticpy.auth.azure_auth_core.AzureCliStatus(value)
Bases:
Enum
Enumeration for _check_cli_credentials return values.
- CLI_NEEDS_SIGN_IN = 2
- CLI_NOT_INSTALLED = 1
- CLI_OK = 0
- CLI_TOKEN_EXPIRED = 3
- CLI_UNKNOWN_ERROR = 4
- class msticpy.auth.azure_auth_core.AzureCloudConfig(cloud: Optional[str] = None, tenant_id: Optional[str] = None)
Bases:
object
Azure Cloud configuration.
Initialize AzureCloudConfig from cloud or configuration.
- Parameters
cloud (str, optional) – The cloud to retrieve configuration for. If not supplied, the cloud ID is read from configuration. If this is not available, it defaults to ‘global’.
tenant_id (str, optional) – The tenant to authenticate against. If not supplied, the tenant ID is read from configuration, or the default tenant for the identity.
- property cloud_names: List[str]
Return a list of current cloud names.
- property endpoints: msrestazure.azure_cloud.CloudEndpoints
Get a list of all the endpoints for an Azure cloud.
- Returns
A dictionary of endpoints for the cloud.
- Return type
dict
- Raises
MsticpyAzureConfigError – If the cloud name is not valid.
- static resolve_cloud_alias(alias) Optional[str]
Return match of cloud alias or name.
- property suffixes: msrestazure.azure_cloud.CloudSuffixes
Get a list of all the suffixes for an Azure cloud.
- Returns
A dictionary of suffixes for the cloud.
- Return type
dict
- Raises
MsticpyAzureConfigError – If the cloud name is not valid.
- property token_uri: str
Return the resource manager token URI.
- msticpy.auth.azure_auth_core.az_connect_core(auth_methods: Optional[List[str]] = None, cloud: Optional[str] = None, tenant_id: Optional[str] = None, silent: bool = False, **kwargs) AzCredentials
Authenticate using multiple authentication sources.
- Parameters
auth_methods (List[str], optional) – List of authentication methods to try Possible options are: - “env” - to get authentication details from environment variables - “cli” - to use Azure CLI authentication details - “msi” - to user Managed Service Identity details - “vscode” - to use VSCode credentials - “powershell” - to use PowerShell credentials - “interactive” - to prompt for interactive login - “cache” - to use shared token cache credentials If not set, it will use the value defined in msticpyconfig.yaml. If this is not set, the default is [“env”, “cli”, “msi”, “interactive”]
cloud (str, optional) – What Azure cloud to connect to. By default it will attempt to use the cloud setting from config file. If this is not set it will default to Azure Public Cloud
tenant_id (str, optional) – The tenant to authenticate against. If not supplied, the tenant ID is read from configuration, or the default tenant for the identity.
silent (bool, optional) – Whether to display any output during auth process. Default is False.
- Returns
Named tuple of: - legacy (ADAL) credentials - modern (MSAL) credentials
- Return type
- Raises
CloudError – If chained token credential creation fails.
Notes
The function tries to obtain credentials from the following sources: - Azure Auth Environment variables - Azure CLI (if an active session is logged on) - Managed Service Identity - Interactive browser logon If the authentication is successful both ADAL (legacy) and MSAL (modern) credential types are returned.
- msticpy.auth.azure_auth_core.check_cli_credentials() Tuple[AzureCliStatus, Optional[str]]
Check to see if there is a CLI session with a valid AAD token.
- msticpy.auth.azure_auth_core.default_auth_methods() List[str]
Get the default (all) authentication options.
- msticpy.auth.azure_auth_core.get_azure_config_value(key, default)
Get a config value from Azure section.
- msticpy.auth.azure_auth_core.only_interactive_cred(chained_cred: azure.identity.ChainedTokenCredential)
Return True if only interactivebrowser credentials available.