azure-managed-identity

来源： https://stackoverflow.com/questions/63139515/assign-custom-role-to-azure-active-directory-system-managed-identity

来源： https://stackoverflow.com/questions/64213827/removing-secrets-from-azure-function-config

来源： https://stackoverflow.com/questions/64213827/removing-secrets-from-azure-function-config

来源： https://stackoverflow.com/questions/62503022/net-core-key-vault-configuration-using-azure-security-keyvault-secrets

问题 I am using a function app which is service bus triggered. It connects to Azure SQL Server using Managed Identity . The connection is created using the following code. new SqlConnection(this.ConnectionString) { // AzureServiceTokenProvider handles caching the token and refreshing it before it expires AccessToken = new AzureServiceTokenProvider().GetAccessTokenAsync("https://database.windows.net/").Result }; I get a few thousand events every day, and all these are failing on connecting to the

问题 I recently setup my .net core application to use MSI (Managed Identity) to communicate with Azure Blob. Does MSI work with Azure Table Storage? Can't seem to find any documentation on it. I am trying to use MSI so I don't have to manage my keys anymore (keyless). 回答1: Azure Table Storage does not support MSI. Table Storage does support Active Directory access. You can find the services that support MSI at the below link... https://docs.microsoft.com/en-us/azure/active-directory/managed

问题 I managed to get the below code to work (complete code here) to use Azure managed identity to authenticate (via Visual Studio) and have access to Azure storage account without using credentials. const string storageResource = "https://storage.azure.com/"; var authResult = await azureServiceTokenProvider.GetAuthenticationResultAsync(storageResource, cancellationToken: cancellationToken); The code managed to find my user logged in to Visual Studio and uses it to get the token and all goes well.

问题 I am trying to get App Service to connect with Azure Sql database. I can git is nicely work with System Assigned Identities with the same code, but I prefer to use User Assigned Identities (UAI), but I cannot get it work. Steps which I do: Created a UAI via the portal, name of the UAI "uai-dev-appname-001" At the Identity tab of the Azure App Service I selected 'User Assigned Identity' and selected the UAI made in the previous step. Ran the following SQL CMD CREATE USER [uai-dev-appname-001]

问题 I'm trying to retrofit MSI to an existing app. The original app's DbContext used only a Constructor that found a ConnectionString by the same name in the web.config. I've modified it to use a DbConnectionFactory to inject an AccessToken. public class AppCoreDbContext : DbContext { public AppCoreDbContext() : this("AppCoreDbContext") { } public AppCoreDbContext(string connectionStringOrName) : base( OpenDbConnectionBuilder.Create(connectionStringOrName).Result, true) { } ...etc... } The class

问题 I have an app service in Azure operating as an API for a system I'm designing. As the API is responsible for accessing the database directly, I obviously don't want to be storing connection strings containing credentials anywhere if possible, so am looking to use Managed Identities to grant the App Service access to the database (also hosted on Azure). Within the Azure portal, I've enabled System-Assigned Identity within the Settings section of the App Service, then given the service the role