Refactor managed identity authorizer to include custom managed identi…

…ty endpoint
hashicorp · Oct 9, 2024 · 6000ee7 · 6000ee7
1 parent d1676a8
commit 6000ee7
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/sdk/auth/managed_identity_authorizer.go b/sdk/auth/managed_identity_authorizer.go
@@ -138,9 +138,6 @@ type managedIdentityConfig struct {
 // clientId and objectId can be left blank when a single managed identity is available
 func newManagedIdentityConfig(resource, clientId, customManagedIdentityEndpoint string) (*managedIdentityConfig, error) {
 	endpoint := msiDefaultEndpoint
-	if customManagedIdentityEndpoint != "" {
-		endpoint = customManagedIdentityEndpoint
-	}
 
 	// If MSI_ENDPOINT and MSI_SECRET are present then we are running in Azure APP Service like environment.
 	// In this case, we need to use the MSI_ENDPOINT and newer version of API.
@@ -150,6 +147,10 @@ func newManagedIdentityConfig(resource, clientId, customManagedIdentityEndpoint
 		apiVersion = "2019-08-01"
 	}
 
+	if customManagedIdentityEndpoint != "" {
+		endpoint = customManagedIdentityEndpoint
+	}
+
 	return &managedIdentityConfig{
 		ClientID:      clientId,
 		Resource:      resource,