Project

activerecord_aad

0.0
Bugfix fork ofattribute_normalizer
No release in over a year
activerecord_aadcomplymd/activerecord_aadHomepageDocumentationSource CodeBug TrackerWiki
This rubygem does not have a description or summary.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
 Popularity
Downloads
2,144
Stars
0
Forks
1
Watchers
1
 Releases
Current version
0.3.0
Total releases
5
First release
2023-07-10
Latest release
2023-07-14
 Pull Requests
Open Pull Requests
0
Closed Pull Requests
0
Merged Pull Requests
1
Pull Request Acceptance Rate
100%
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2023-09-19
Reverse Dependencies
0

 Dependencies

Runtime

activerecord
>= 6.0.0, < 8.0.0
httparty
~> 0.21.0
 Project Readme

activerecord-aad

This gem enables using an Azure Active Directory Managed Identity to connect to an Azure Database Service.

Installation

To install the gem, follow these steps:

  1. Add gem 'activerecord_aad' to your Gemfile.
  2. Run bin/bundle install to install the gem.

Setup

To set up the gem, follow one of the guides below based on your database:

Add the client_id from the Azure AD Managed Identity to your config/database.yml file with the key azure_managed_identity.

Example configuration:

production:
  adapter: mysql2
  reconnect: true
  host: my-app.mysql.database.azure.com
  #provide client id and specify other properties
  azure_managed_identity:
    client_id: 00000000-0000-0000-000000000000
  database: app
  username: MyAppsManagedIdentity@my-app
  sslca: /opt/ssl/BaltimoreCyberTrustRoot.crt.pem
  sslverify: true
  sslcipher: 'AES256-SHA'

How it works

The password field in the database configuration is replaced with an access token from Azure which is passed to the adapter to establish the connection. Whenever the token needs to be replaced, a call is made to the Azure endpoint and the token is updated.

Dependencies

If using the python option to fetch tokens, then python, pip and the azure.identity module need to be installed. HTTP requests will work in VMs, python is better for containers.

Default Properties

The default properties for ActiveRecordAAD include:

  • endpoint: The URL endpoint to fetch the OAuth2 token from.
  • api_version: The API version to use when fetching the token.
  • resource: The resource for which the token is requested.
  • timeout: The timeout for the request to fetch the token.
  • enable_cleartext_plugin: Whether to enable the cleartext plugin for MySQL databases.
  • client_id: The client ID for the Azure Managed Identity.
  • http: Whether to use HTTP to fetch the token.
  • python: Whether to use Python to fetch the token.