hashicorp · mbfrahry · Jul 9, 2020 · Jul 9, 2020 · Jul 9, 2020 · Jul 9, 2020
diff --git a/azurerm/internal/clients/builder.go b/azurerm/internal/clients/builder.go
@@ -38,7 +38,15 @@ func Build(ctx context.Context, builder ClientBuilder) (*Client, error) {
 		return nil, fmt.Errorf(azureStackEnvironmentError)
 	}
 
-	env, err := authentication.DetermineEnvironment(builder.AuthConfig.Environment)
+	isAzureStack, err := authentication.IsEnvironmentAzureStack(ctx, builder.AuthConfig.MetadataURL, builder.AuthConfig.Environment)
+	if err != nil {
+		return nil, err
+	}
+	if isAzureStack {
+		return nil, fmt.Errorf(azureStackEnvironmentError)
+	}
+
+	env, err := authentication.AzureEnvironmentByNameFromEndpoint(ctx, builder.AuthConfig.MetadataURL, builder.AuthConfig.Environment)
 	if err != nil {
 		return nil, err
 	}

diff --git a/azurerm/internal/provider/provider.go b/azurerm/internal/provider/provider.go
@@ -97,6 +97,13 @@ func azureProvider(supportLegacyTestSuite bool) terraform.ResourceProvider {
 				Description: "The Cloud Environment which should be used. Possible values are public, usgovernment, german, and china. Defaults to public.",
 			},
 
+			"metadata_url": {
+				Type:        schema.TypeString,
+				Required:    true,
+				DefaultFunc: schema.EnvDefaultFunc("ARM_METADATA_URL", ""),
+				Description: "The Metadata URL which will be used to obtain the Cloud Environment.",
+			},
+
 			// Client Certificate specific fields
 			"client_certificate_path": {
 				Type:        schema.TypeString,
@@ -211,6 +218,7 @@ func providerConfigure(p *schema.Provider) schema.ConfigureFunc {
 			TenantID:           d.Get("tenant_id").(string),
 			AuxiliaryTenantIDs: auxTenants,
 			Environment:        d.Get("environment").(string),
+			MetadataURL:        d.Get("metadata_url").(string),
 			MsiEndpoint:        d.Get("msi_endpoint").(string),
 			ClientCertPassword: d.Get("client_certificate_password").(string),
 			ClientCertPath:     d.Get("client_certificate_path").(string),

diff --git a/go.mod b/go.mod
@@ -8,7 +8,7 @@ require (
 	github.com/btubbs/datetime v0.1.0
 	github.com/davecgh/go-spew v1.1.1
 	github.com/google/uuid v1.1.1
-	github.com/hashicorp/go-azure-helpers v0.10.0
+	github.com/hashicorp/go-azure-helpers v0.11.1
 	github.com/hashicorp/go-getter v1.4.0
 	github.com/hashicorp/go-multierror v1.0.0
 	github.com/hashicorp/go-uuid v1.0.1

diff --git a/go.sum b/go.sum
@@ -117,6 +117,8 @@ github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brv
 github.com/hashicorp/go-azure-helpers v0.4.1/go.mod h1:lu62V//auUow6k0IykxLK2DCNW8qTmpm8KqhYVWattA=
 github.com/hashicorp/go-azure-helpers v0.10.0 h1:KhjDnQhCqEMKlt4yH00MCevJQPJ6LkHFdSveXINO6vE=
 github.com/hashicorp/go-azure-helpers v0.10.0/go.mod h1:YuAtHxm2v74s+IjQwUG88dHBJPd5jL+cXr5BGVzSKhE=
+github.com/hashicorp/go-azure-helpers v0.11.1 h1:MpUAPXPFqvihw80cJnGXiu0cL0F6kYFq5+uzEI3j0TE=
+github.com/hashicorp/go-azure-helpers v0.11.1/go.mod h1:YuAtHxm2v74s+IjQwUG88dHBJPd5jL+cXr5BGVzSKhE=
 github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80=
 github.com/hashicorp/go-cleanhttp v0.5.1 h1:dH3aiDG9Jvb5r5+bYHsikaOUIpcM0xvgMXVoDkXMzJM=
 github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80=

diff --git a/vendor/github.com/hashicorp/go-azure-helpers/authentication/azure_sp_objectid.go b/vendor/github.com/hashicorp/go-azure-helpers/authentication/azure_sp_objectid.go
diff --git a/vendor/github.com/hashicorp/go-azure-helpers/authentication/builder.go b/vendor/github.com/hashicorp/go-azure-helpers/authentication/builder.go
diff --git a/vendor/github.com/hashicorp/go-azure-helpers/authentication/config.go b/vendor/github.com/hashicorp/go-azure-helpers/authentication/config.go
diff --git a/vendor/github.com/hashicorp/go-azure-helpers/authentication/environment.go b/vendor/github.com/hashicorp/go-azure-helpers/authentication/environment.go
diff --git a/vendor/modules.txt b/vendor/modules.txt
@@ -198,7 +198,7 @@ github.com/google/uuid
 github.com/googleapis/gax-go/v2
 # github.com/hashicorp/errwrap v1.0.0
 github.com/hashicorp/errwrap
-# github.com/hashicorp/go-azure-helpers v0.10.0
+# github.com/hashicorp/go-azure-helpers v0.11.1
 github.com/hashicorp/go-azure-helpers/authentication
 github.com/hashicorp/go-azure-helpers/resourceproviders
 github.com/hashicorp/go-azure-helpers/response

diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown
@@ -95,6 +95,10 @@ The following arguments are supported:
 
 * `tenant_id` - (Optional) The Tenant ID which should be used. This can also be sourced from the `ARM_TENANT_ID` Environment Variable.
 
+* `metadata_url` - (Optional) The Metadata URL which will be used to obtain the Cloud Environment.
+
+~> **Note:** `environment` must be set to the requested environment name in the list of available environments held in the `metadata_url`.
+
 ---
 
 When authenticating as a Service Principal using a Client Certificate, the following fields can be set: