- `cloud_environment_name` (string) - One of Public, China, Germany, or USGovernment. Defaults to Public. Long forms such as USGovernmentCloud and AzureUSGovernmentCloud are also supported. - `client_id` (string) - The application ID of the AAD Service Principal. Requires either `client_secret`, `client_cert_path` or `client_jwt` to be set as well. - `client_secret` (string) - A password/secret registered for the AAD SP. - `client_cert_path` (string) - The path to a pem-encoded certificate that will be used to authenticate as the specified AAD SP. - `client_cert_token_timeout` (duration string | ex: "1h5m2s") - The timeout for the JWT Token when using a [client certificate](#client_cert_path). Defaults to 1 hour. - `client_jwt` (string) - A JWT bearer token for client auth (RFC 7523, Sec. 2.2) that will be used to authenticate the AAD SP. Provides more control over token the expiration when using certificate authentication than when using `client_cert_path`. - `object_id` (string) - The object ID for the AAD SP. Optional, will be derived from the oAuth token if left empty. - `tenant_id` (string) - The Active Directory tenant identifier with which your `client_id` and `subscription_id` are associated. If not specified, `tenant_id` will be looked up using `subscription_id`. - `subscription_id` (string) - The subscription to use. - `use_azure_cli_auth` (bool) - Flag to use Azure CLI authentication. Defaults to false. CLI auth will use the information from an active `az login` session to connect to Azure and set the subscription id and tenant id associated to the signed in account. If enabled, it will use the authentication provided by the `az` CLI. Azure CLI authentication will use the credential marked as `isDefault` and can be verified using `az account show`. Works with normal authentication (`az login`) and service principals (`az login --service-principal --username APP_ID --password PASSWORD --tenant TENANT_ID`). Ignores all other configurations if enabled.