Merge pull request #5667 from nojnhuh/fic-audience

nojnhuh · web-flow · commit 3a6e211d1a8c · 2025-06-02T23:13:30.000-05:00
Add audience for FIC create
diff --git a/scripts/kind-with-registry.sh b/scripts/kind-with-registry.sh
@@ -191,13 +191,15 @@ EOF
       --identity-name "${USER_IDENTITY}" \
       -g "${AZWI_RESOURCE_GROUP}" \
       --issuer "${SERVICE_ACCOUNT_ISSUER}" \
+      --audiences "api://AzureADTokenExchange" \
       --subject "system:serviceaccount:capz-system:capz-manager" --output none --only-show-errors
 
     echo "Creating federated credentials for aso-federated-identity"
     az identity federated-credential create -n "aso-federated-identity" \
       --identity-name "${USER_IDENTITY}" \
       -g "${AZWI_RESOURCE_GROUP}" \
       --issuer "${SERVICE_ACCOUNT_ISSUER}" \
+      --audiences "api://AzureADTokenExchange" \
       --subject "system:serviceaccount:capz-system:azureserviceoperator-default" --output none --only-show-errors
   fi
 }
