Renew Azure Service Principal Credentials - CDCgov/prime-simplereport GitHub Wiki

What is this?

Our service credentials are used in our automated pipelines; without these credentials, our Azure logins and our Terraform initializations will fail.

Where to get them

• Method 1: Create a ticket with the active directory helpdesk and cc Product owner for approval

• Method 2: To get new service principal credentials, ask our team leads for help contacting an admin who can generate these credentials, and contact the proj-cdc-prime-devops slack channel for support.

Where do I put these?

To update the service principle credentials, update the azure_credentials and the terraform_arm_client_secret for the following repos:

• https://github.com/CDCgov/prime-simplereport
• https://github.com/CDCgov/prime-simplereport-site

The format for the azure_credentials secret is a json blob that includes the information below (all except the subscriptionID is provided by the Active Directory technician):

{ "clientSecret": "******", "subscriptionId": "******", "tenantId": "******", "clientId": "******" }

The terraform_arm_client_secret secret only requires the clientSecret value in plaintext format.

For formatting, you can refer to the Github Azure login docs.