in src/Utils/CommonUtils.ts [252:300]
export function validateAndGetSegregatedManagedIdentities(referenceIdentities: {[key: string]: string}[], keyVaultGivenOutOfReferenceIdentities: boolean = false) : AllManagedIdentitiesSegregated {
let referenceIdentityValuesUAMIMap: { [key in ReferenceIdentityKinds]: string[] } = {
[ReferenceIdentityKinds.KeyVault]: [],
[ReferenceIdentityKinds.Metrics]: [],
[ReferenceIdentityKinds.Engine]: []
};
let referenceIdentiesSystemAssignedCount : { [key in ReferenceIdentityKinds]: number } = {
[ReferenceIdentityKinds.KeyVault]: 0,
[ReferenceIdentityKinds.Metrics]: 0,
[ReferenceIdentityKinds.Engine]: 0
}
for (let referenceIdentity of referenceIdentities) {
// the value has check proper check in the utils, so we can decide the Type based on the value.
if(referenceIdentity.value) {
referenceIdentityValuesUAMIMap[referenceIdentity.kind as ReferenceIdentityKinds].push(referenceIdentity.value);
} else {
referenceIdentiesSystemAssignedCount[referenceIdentity.kind as ReferenceIdentityKinds]++;
}
}
// key-vault which needs back-compat.
if(keyVaultGivenOutOfReferenceIdentities) {
if(referenceIdentityValuesUAMIMap[ReferenceIdentityKinds.KeyVault].length > 0 || referenceIdentiesSystemAssignedCount[ReferenceIdentityKinds.KeyVault] > 0) {
throw new Error("Two KeyVault references are defined in the YAML config file. Use either the keyVaultReferenceIdentity field or the referenceIdentities section to specify the KeyVault reference identity.");
}
// this will be assigned above if the given is outside the refIds so no need to assign again.
}
for(let key in ReferenceIdentityKinds) {
if(key != ReferenceIdentityKinds.Engine) {
if(referenceIdentityValuesUAMIMap[key as ReferenceIdentityKinds].length > 1 || referenceIdentiesSystemAssignedCount[key as ReferenceIdentityKinds] > 1) {
throw new Error(`Only one ${key} reference identity should be provided in the referenceIdentities array.`);
} else if(referenceIdentityValuesUAMIMap[key as ReferenceIdentityKinds].length == 1 && referenceIdentiesSystemAssignedCount[key as ReferenceIdentityKinds] > 0) {
throw new Error(`${key} reference identity should be either SystemAssigned or UserAssigned but not both.`);
}
}
}
// engines check, this can have multiple values too check is completely different.
if(referenceIdentityValuesUAMIMap[ReferenceIdentityKinds.Engine].length > 0 && referenceIdentiesSystemAssignedCount[ReferenceIdentityKinds.Engine] > 0) {
throw new Error("Engine reference identity should be either SystemAssigned or UserAssigned but not both.");
} else if(referenceIdentiesSystemAssignedCount[ReferenceIdentityKinds.Engine] > 1) {
throw new Error("Only one Engine reference identity with SystemAssigned should be provided in the referenceIdentities array.");
}
return {referenceIdentityValuesUAMIMap, referenceIdentiesSystemAssignedCount};
}