When deploying a Microsoft.Web resource with the new MSI feature the principleId GUID for the created user is visible after deployment. Screenshot below shows the structure in the ARM-template.
What would be the best way to fetch this GUID later in…
I need to get access to my Key Vault during development and debugging.
Is it possible via using managed service identity?
I see that my code can get this credentials when the app is deployed on VM, but what if I need them during development on my…
I have enabled Managed Service Identities on an App Service. However, my WebJobs seem unable to access the keys.
They report:
Tried the following 3 methods to get an access token, but none of them worked.
Parameters: Connectionstring: [No connection…
I want to access the Key Vault from my Service Fabric application via Managed Service Identity (MSI). I have enabled MSI on the virtual machine scale set in the Azure Portal and given it access to my Key Vault resource. This works like a charm up in…
I have found out it is easy to connect to Azure KeyVault using Managed Identity. The documentation shows how to do it :
var azureServiceTokenProvider = new AzureServiceTokenProvider();
var keyVaultClient = new…
I have an ASP.Net Core 2.1 project with a test project that contains some integration tests that require/need Azure Managed Service Identity access to run successfully (getting secrets from KeyVault). I am using an Azure DevOps VS2017 Hosted Build…
My understanding is that in order to implement Azure AD Managed Service Identity access to a SQL Database in Azure, I would need to create a SqlConnection with a retrieved token.
To add that token to the SqlConnection, .NET 4.6+ has an AccessToken…
When deploying KeyVault service that has Access Policy to Managed Identity on enabled Logic App it fails because it doesn't exist yet. I did add dependson for the logic app.
Wierd thing is this template was working for weeks now it fails every…
I am using the following code to test system managed identity on my web app and it works fine when I deploy in Azure but is there a way to test locally(without giving permissions to my Azure account for the resource?)?
AzureServiceTokenProvider…
I created 2 Azure Function Apps, both setup with Authentication/Authorization so an AD App was created for both. I would like to setup AD Auth from one Function to the other using MSI. I setup the client Function with Managed Service Identity…
I have added a pfx certificate in azure key vault.
I have one asp.net web api application where through one of the endpoint I am trying to access certificate information from key vault.
public class ValuesController : ControllerBase
{
public…
I managed to get the below code to work (complete code here) to use Azure managed identity to authenticate (via Visual Studio) and have access to Azure storage account without using credentials.
const string storageResource =…
I recently setup my .net core application to use MSI (Managed Identity) to communicate with Azure Blob.
Does MSI work with Azure Table Storage? Can't seem to find any documentation on it.
I am trying to use MSI so I don't have to manage my keys…
My question is, do we have any documented method of granting a Manage Service Identity permissions to the Graph API as we would with an Azure App Registration in the portal? I was unable to find any Powershell options or ability to manage…
I think Managed Service Identity is a great concept and I love keyvault. However:
When I use the script using an incremental resource group deployment:
Sample is modified for brevity
{
"type": "Microsoft.KeyVault/vaults",
"name":…