Using Azure Managed identities
Вставка
- Опубліковано 3 тра 2021
- Azure Managed Identity provide an identity for applications to use when connecting to resources.
In this episode, Varun joins Christos to show us how us how to use managed identity along with the Azure SDK for .NET.
[01:50] - What are managed identities?
[05:10] - Types of managed identities
[07:13] - Creating an identity in the portal (Demo)
[14:10] - Deploying your project
Useful Links
What are managed identities for Azure resources?
docs.microsoft.com/azure/acti...
Authenticate with the Azure SDK for .NET
docs.microsoft.com/dotnet/azu...
Azure for .NET Developers
docs.microsoft.com/en-us/dotn...
Azure SDK for .NET
github.com/Azure/azure-sdk-fo...
Get your questions answered on the Microsoft Q&A for .NET - aka.ms/dotnet-qa
Learn .NET with free self-guided learning from Microsoft Learn: aka.ms/learndotnet
#DotNet - Наука та технологія
Great episode! Every minute was worth it, thanks!
Hi need the code which you used in this demo.
Have an issue with "The request is not authorized to perform the operation." on 15:27. I tried all identity / permission possible variations to make it work and no success
I am using CosmosDB Mongo API can I use this approach to clean my code from keys and connection string
Yeah Cosmos db supports managed identity
Can you please do a demo with Cosmos DB
Followed every step but doesn't work. Exact same code. It would work if I use the connection string instead of Identity's clientID. Do I need to activate something on my azure portal?
He did a step Behind the scenes
Where he assigned the managed identity to Target resource (Azure storage account)
@@chinmayshetye3 Okay, I did the same. I made an app config and assigned app config data reader role to user defined identity then added this user defined identity to my app service. Now since my login in AD has the rights to contribute , shouldn't the connect via DefaultAzureCredential via user assigned client id shouldn't work? but this is giving me forbidden error.
@@jayaraut Check if the DefaultAzureCredential is picking the credentials of the user you assigned role to
@chinmayshetye3 ok I figured the same yesterday. I have to assign same set of roles to my user too as the managed identity to get it working locally. That worked! Though I haven't deployed the code yet on app service to check managed identity which I hope will work but it was working locally.
@@jayaraut you can use your managed identity with DefaultAzureCredential object, you need to pass it as property while initialisation
User Managed Identity doesnt work
DefaultAzureCredential failed to retrieve a token from the included credentials.
- EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
- ManagedIdentityCredential authentication unavailable. No Managed Identity endpoint found.
- Process "C:\Program Files\Microsoft Visual Studio\2022\Preview\Common7\IDE\Extensions\3fhsnrhg.f0v\TokenService\Microsoft.Asal.TokenService.exe" has failed with unexpected error: TS003: Error, Could not load file or assembly 'Microsoft.VisualStudio.Validation, Version=16.8.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040).
- Stored credentials not found. Need to authenticate user in VSCode Azure Account.
- Azure CLI not installed
- PowerShell is not installed.
.net