Azure service principal vs managed identity vs (enterprise) application
Question
I want to create some kind of service account that I use as an identity for the application like a web app. I also want to use the credentials of this identity on-premises for local testing. How do I do it in Azure? Or is it just not possible, so I need to create two things, a managed identity for the app and a separate service principal/enterprise app for local testing?
In GCP it is very simple to do, but in Azure it is way more complicated. When I create a managed identity that I can attach to an app service/web app then I do not have access to the credentials. In GCP I can download a service account json file containing the credentials.
1 answers
solution1
0 2021-11-08 13:08:39
I solved similar problem using followings ( the links below are the articles I wrote in my blog ):
- Azure:
- App Service Easy Auth for apps hosted in App Service
- or AKS Pod-Managed Identity Addon for apps deployed to AKS
- For local testing:
- Login to visual studio using your Azure Credential
- Make sure you have required roles assigned
- During debugging, Visual Studio will use your credentials to access Azure services ie to fetch KeyVault secrets
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.