Deploying ServiceFabric apps using AzureAD Authentication

Question

I want to deploy apps to my service fabric using azure ad & powershell.

I\'ve setup the required azure AD apps, but I don\'t know how to login to an Azure AD acc

Answer 1

Here are steps that you could use to get things up and running -

1. You need to create two app registrations in AD - the one to represent the SF cluster and the second one for the client app. You could follow the instructions here to get it done Set up Azure Active Directory for client authentication

As the result, you should have the next output -

"azureActiveDirectory": { "tenantId":"guid", "clusterApplication":"guid", "clientApplication":"guid" }

2. Now you could set up your SF cluster. You could either put the AD artifacts you've got from the previous step into the rm template or specify the fields in the portal. The choice is yours -

3. Find the app registrations created at the first step in AD, and assign to the user you are going to login with some role there.

4. Finally, use this example to login using AD authentication in a non-interactive mode - Connect to a secure cluster non-interactively using Azure Active Directory.

Here is just the same but in Powershell -

$authority = "https://login.microsoftonline.com/your_tenant_id"
$credentials = [Microsoft.IdentityModel.Clients.ActiveDirectory.UserCredential]::new($UserName, $Password)
$authContext = [Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext]::new($authority)
$authResult = $authContext.AcquireTokenAsync($clusterApplicationId, $clientApplicationId, $credentials) 
$Token = $authResult.Result.AccessToken

Connect-ServiceFabricCluster -AzureActiveDirectory -SecurityToken $Token -ConnectionEndpoint "your_cluster_name.location.cloudapp.azure.com:19000" -ServerCertThumbprint "your_server_cert_thumbprint"

That's basically it.