azure-managed-identity

问题 Is it possible to use Azure AD on Ubuntu for connecting to Azure SQL? That is, it is possible to use trusted_connection=True in sqlalchemy in Python? # Creating engine engine = sqlalchemy.create_engine('mssql://*server_name*/*database_name*?trusted_connection=yes') On Azure you can create a linux VM with a managed identity which allows you to connect to Azure services using Azure AD. In their documentation I can find examples of how to connect to various Azure services using this, however, I

问题 I've gotten stuck on this for quite a while now, with no luck advancing it on my own. I am trying to connect from an Azure App Service to a EF CodeFirst managed database, using an MSI token. When I deployed the App Service using ARM I produced an Output that ensured that it created a Service Principal: { "principalId":"98f2c1f2-0a86-4ff1-92db-d43ec0edxxxx"," tenantId":"e6d2d4cc-b762-486e-8894-4f5f440dxxxx", "type":"SystemAssigned" } In Kudu the environment variables show that it is being

问题 We are currently developing a ETL solution in Azure Data Factory that requires calling out to an Azure Function App HTTP trigger. Out Data Factory instance has a Managed Identity configured and I was wondering how I can secure the Azure Function App to only allow access from the Data Factroy Managed Identity? I have previously used Azure Function Apps System Assigned Managed Identities to access other resources (Key Vault) so I understand the basic concepts but I am struggling to understand

问题 I'm experimenting with various Azure features and currently want to retrieve a secret from KeyVault. Straight to the case: I'm using this nuget package to interact with my azure resources. I've developed a simple .NET Core console app and run it locally. I have a KeyVault resource with one secret defined which is active and not expired. I've registered an App in AAD so my locally shipped .NET Core console app has an identity within AAD. Than I've created a "client secret" within this

问题 I am running my applictaion from Azure VM and trying to connect with KeyVault. But I am getting below exception Parameters: Connectionstring: [No connection string specified], Resource: https://vault.azure.net, Authority: https://login.windows.net/1e465dc8-5f36-4ab9-9a49-57cbfdcfdf9a. Exception Message: Tried the following 3 methods to get an access token, but none of them worked. Parameters: Connectionstring: [No connection string specified], Resource: https://vault.azure.net, Authority:

问题 I am trying to get a msi token for a specific User defined identity. Our app service has 2 user defined identities and I want a token on behalf of one of the user assigned identity. Here is the code: HttpWebRequest req = (HttpWebRequest)WebRequest.Create( "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.azure.com/&object_id=<ObjectId>&client_id=<clientId>"); req.Headers["Metadata"] = "true"; req.Method = "GET"; try { // Call /token

问题 Is there a way to use Azure managed identities with Linux VMs to access Azure SQL DB? All I could find is this document https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-sql which specifically speaks to Windows VMs. Is there a documented step-by-step approach for a Linux machine? 回答1: SQL access using Managed Identity from Linux webapp is supported. The Use a Windows VM system-assigned managed identity to access Azure SQL

问题 Is there a way to use Azure managed identities with Linux VMs to access Azure SQL DB? All I could find is this document https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-sql which specifically speaks to Windows VMs. Is there a documented step-by-step approach for a Linux machine? 回答1: SQL access using Managed Identity from Linux webapp is supported. The Use a Windows VM system-assigned managed identity to access Azure SQL

问题 I've deployed a Docker container in Azure App Services. I have a public API that I can call, which returns "Hello world". I would like to use Azure Managed Identity in my app, so I enabled it in Azure portal. I enabled the "System assigned" one, following this documentation: https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=dotnet After enabling the Managed Identity, my web app stops working. Restarting it doesn't help. Disabling the Managed identity fixes it.

问题 I've deployed a Docker container in Azure App Services. I have a public API that I can call, which returns "Hello world". I would like to use Azure Managed Identity in my app, so I enabled it in Azure portal. I enabled the "System assigned" one, following this documentation: https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=dotnet After enabling the Managed Identity, my web app stops working. Restarting it doesn't help. Disabling the Managed identity fixes it.