We're working through an issue with our Azure credentials with the Juju team and in the meantime had intended to deploy a few instances by hand and then add them via the manual provider, but it appears that's not possible:
$ juju add-machine ssh:ubuntu@X.X.X.X
ERROR cannot add a new machine: getting instance types: listing VM sizes: azure.BearerAuthorizer#WithAuthorization: Failed to refresh the Token for request to https://management.azure.com/subscriptions/REDACTED/providers/Microsoft.Compute/skus?api-version=2017-09-01: StatusCode=401 -- Original Error: adal: Refresh request failed. Status Code = '401'. Response body: {"error":"invalid_client","error_description":"AADSTS7000215: Invalid client secret is provided.\r\nTrace ID: REDACTED\r\nCorrelation ID: REDACTED\r\nTimestamp: 2020-04-08 00:42:41Z","error_codes":[7000215],"timestamp":"2020-04-08 00:42:41Z","trace_id":"REDACTED","correlation_id":"REDACTED","error_uri":"https://login.windows.net/error?code=7000215"}
I realize what it's probably trying to do is figure out what instance type this is, etc. but it means that credential issues in the client or controller can completely block deployments which isn't great.
Should 'add-machine ssh:' rely on talking to Azure or any of the cloud providers Juju supports? I think it really shouldn't.