ansible-collections · xuzhang3 · Mar 22, 2024 · Dec 20, 2021 · Dec 20, 2021 · Dec 20, 2021
diff --git a/plugins/doc_fragments/azure.py b/plugins/doc_fragments/azure.py
@@ -34,7 +34,8 @@ class ModuleDocFragment(object):
         type: str
     client_id:
         description:
-            - Azure client ID. Use when authenticating with a Service Principal.
+            - Azure client ID. Use when authenticating with a Service Principal or Managed Identity (msi). 
+              Can also be set via the C(AZURE_CLIENT_ID) environment variable.
         type: str
     secret:
         description:

diff --git a/plugins/inventory/azure_rm.py b/plugins/inventory/azure_rm.py
@@ -118,6 +118,7 @@
 except ImportError:
     from Queue import Queue, Empty
 
+from os import environ
 from collections import namedtuple
 from ansible import release
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
@@ -222,8 +223,9 @@ def parse(self, inventory, loader, path, cache=True):
             raise
 
     def _credential_setup(self):
+        auth_source = environ.get('ANSIBLE_AZURE_AUTH_SOURCE', None) or self.get_option('auth_source')
         auth_options = dict(
-            auth_source=self.get_option('auth_source'),
+            auth_source=auth_source,
             profile=self.get_option('profile'),
             subscription_id=self.get_option('subscription_id'),
             client_id=self.get_option('client_id'),

diff --git a/plugins/module_utils/azure_rm_common.py b/plugins/module_utils/azure_rm_common.py
@@ -1559,6 +1559,7 @@ def _get_profile(self, profile="default"):
         return None
 
     def _get_msi_credentials(self, subscription_id=None, client_id=None, **kwargs):
+        client_id = client_id or self._get_env('client_id')
         credentials = MSIAuthentication(client_id=client_id)
         subscription_id = subscription_id or self._get_env('subscription_id')
         if not subscription_id: