Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

azure: mention that we search azure config #2703

Merged
merged 4 commits into from
Aug 18, 2021
Merged

azure: mention that we search azure config #2703

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
6c635f1
azure: mention that we search azure config
isidentical Aug 10, 2021
4909f0b
Merge branch 'master' into azure-config-dir
jorgeorpinel Aug 18, 2021
c255e22
ref: specify which options and when are taken from Azure config
jorgeorpinel Aug 18, 2021
8b035c1
ref: explain Azure auth routes from the beginning of section
jorgeorpinel Aug 18, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 22 additions & 5 deletions content/docs/command-reference/remote/modify.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -369,16 +369,22 @@ $ dvc remote modify --system myremote

</details>

To use a custom authentication method, you can either use this command to
configure the appropriate auth params, use environment variables, or rely on an
Azure config file (in that order). More details below.

> See some [Azure auth examples](#example-some-azure-authentication-methods).

To use a custom authentication method, use the following parameters (listed in
order of precedence):
#### Authenticate with DVC config parameters

The following parameters are listed in the order they are used by DVC when
attempting to authenticate with Azure:

1. `connection_string` is used for authentication if given (`account_name` is
ignored).
2. If `tenant_id` and `client_id`, `client_secret` are given, Active Directory
(AD) [service principal] auth is performed.
3. DVC will try next to connect with `account_key` or `sas_token` (in this
3. DVC will next try to connect with `account_key` or `sas_token` (in this
order) if either are provided.
4. If `allow_anonymous_login` is set to `True`, then DVC will try to connect
[anonymously].
Expand Down Expand Up @@ -442,8 +448,10 @@ order of precedence):
$ dvc remote modify myremote allow_anonymous_login true
```

Note that Azure remotes can also authenticate via environment variables (instead
of `dvc remote modify`). These are tried if none of the params above are set.
#### Authenticate with environment variables

Azure remotes can also authenticate via env vars (instead of
`dvc remote modify`). These are tried if none of the params above are set.

For Azure connection string:

Expand Down Expand Up @@ -481,6 +489,15 @@ $ export AZURE_PASSWORD='mysecret'
> [env vars](https://docs.microsoft.com/en-us/python/api/azure-identity/azure.identity.environmentcredential)
> available.

#### Authenticate with an Azure config file

As a final option (if no params or env vars are set), some of the auth methods
can propagate from an Azure configuration file (typically managed with
[az config](https://docs.microsoft.com/en-us/cli/azure/config)):
`connection_string`, `account_name`, `account_key`, `sas_token` and
`container_name`. The default directory where it will be searched for is
`~/.azure` but this can be customized with the `AZURE_CONFIG_DIR` env var.

</details>

<details>
Expand Down