[英]How to connect to Azure SQL Server using Managed Service Identity from Django application in my local laptop
I have a Django application which connects to an Azure SQL Server through traditional username and password combination and it works fine.我有一个 Django 应用程序,它通过传统的用户名和密码组合连接到 Azure SQL 服务器,它工作正常。
The library I am using for this is mssql-django.我为此使用的库是 mssql-django。 Here is the link to it.
这是它的链接。 https://github.com/microsoft/mssql-django
https://github.com/microsoft/mssql-django
This is the extract from the settings.py这是settings.py的摘录
DATABASES = {
"default": {
"ENGINE": "mssql",
"NAME": "db_name",
"USER": "foo",
"PASSWORD": "password",
"HOST": "foo.database.windows.net",
"PORT": "1433",
"OPTIONS": {
"driver": "ODBC Driver 17 for SQL Server",
},
},
}
However, I want to connect to the Azure SQL Server using Managed Identities.但是,我想使用托管身份连接到 Azure SQL 服务器。 The library I am using talks about this in this link: https://github.com/microsoft/mssql-django/wiki/Azure-AD-Authentication
我正在使用的库在此链接中讨论此问题: https://github.com/microsoft/mssql-django/wiki/Azure-AD-Authentication
Towards the bottom of the above link they suggest to use this setting:在上述链接的底部,他们建议使用此设置:
DATABASES = {
"default": {
"ENGINE": "mssql",
"NAME": "db_name",
"HOST": "foo.windows.net",
"PORT": "1433",
"OPTIONS": {
"driver": "ODBC Driver 17 for SQL Server",
"extra_params": "Authentication=ActiveDirectoryMsi",
},
},
}
But how do I set up the managed identity in my local laptop, so that it can authenticate with Azure?但是如何在我的本地笔记本电脑中设置托管身份,以便它可以通过 Azure 进行身份验证? I understand that this would work for an App Service or an Azure VM, but how to set this up for local laptop?
我知道这适用于应用服务或 Azure VM,但是如何为本地笔记本电脑设置它?
Managed Service Identity can be used only for the resources that are hosted on Azure托管服务标识只能用于托管在 Azure 上的资源
As your application is hosted in your local laptop, you cannot use Managed Service Identity由于您的应用程序托管在本地笔记本电脑中,因此您无法使用托管服务身份
In your case, you can use service principal authentication instead of Managed Service Identity在您的情况下,您可以使用服务主体身份验证而不是托管服务身份
If your application is hosted in Azure (either Azure App service or Azure VM), then you can create Managed Identity for your Azure Resource and provide the required permissions for the managed identity in the Azure SQL server If your application is hosted in Azure (either Azure App service or Azure VM), then you can create Managed Identity for your Azure Resource and provide the required permissions for the managed identity in the Azure SQL server
Then you would be able to use Managed Service Identity for your application然后您就可以为您的应用程序使用托管服务标识
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.