Managed Identity

 Managed Identity:

    Managed identity is used to eliminate the need for maintaining the credentials like keys, secrets, certificates etc.

Managed identity provides an automatically managed identity in Microsoft Entra ID for applications to use when connecting to resources that support Microsoft Entra authentication.

Benefits of using managed Identities:

1. No need to manage credentials and not even accessible to us

2. can use MI to authenticate to any resource that supports MS Entra autehntication

3. NO extra cost

Types:

1. System Assigned

    a. created as part of an azure resource

    b. Share life cycle with azure resources that the MI is created with. 

    c. Can't be shared with other resources

2. User-Assigned

    a. created as a stand alone azure resource

    b. Independent life cycle

    c. can be shared with other resources


Use cases:

System-assigned - Workloads contained within a single azure resource. Workloads needing independent identities. For eg: application that runs on a single virtual machine

User-assigned: Workload that run on a multiple resources and can share a single identity. Workloads where resources are recycled frequently but permission should stay consistent. For example, a workload where multiple virtual machines need to access the same resources.

When managed identity is created, a service principal is created in the MS Entra ID.

How to use:

You can use managed identities by following the steps below:

  1. Create a managed identity in Azure. You can choose between system-assigned managed identity or user-assigned managed identity.
    1. When using a user-assigned managed identity, you assign the managed identity to the "source" Azure Resource, such as a Virtual Machine, Azure Logic App or an Azure Web App.
  2. Authorize the managed identity to have access to the "target" service.
  3. Use the managed identity to access a resource. In this step, you can use the Azure SDK with the Azure.Identity library. Some "source" resources offer connectors that know how to use Managed identities for the connections. In that case, you use the identity as a feature of that "source" resource.



Comments

Post a Comment

Popular posts from this blog

Why Azure Cloud

Image
Microsoft Azure    There are multiple cloud providers in the cloud market. However, only three cloud providers play a major role AWS, Azure, and Google Cloud. Each of them has its own advantages. In this article we are going to see what makes Azure to stand tall among all other cloud providers. Microsoft offers Azure as a cloud computing service. a collection of distinct cloud computing services, including remotely hosted and managed variations of proprietary Microsoft technology, are used to create, test, deploy, and manage cloud-based applications. ·           Offer almost 200+ Services. ·          It has 78 regions available in 140 countries which are huge compared to other cloud providers.   Microsoft Azure’s unique features and their benefits Infrastructure as a Service (IaaS) Microsoft Azure has spearheaded the development of IaaS, which allows businesses to manag...
Read more

Azure Active Directory Domain Services (AADDS)

Image
  Azure Active Directory Domain Services (AADDS)                                 AADDS is a service provided by Azure to maintain the legacy/on-prem applications on Azure cloud which can support only legacy/on-prem protocols like Kerberos, NTLM etc. This will work alongside Azure AD. Users part of Azure AD will be able to access the legacy servers using AADDS service. Users from On-premises will also be able to access the servers in Azure when you have done directory synchronization between On-prem and Azure AD using Azure AD Connect.                                 Azure AD DS provide one-way synchronization from Azure AD to the managed Domain. You can also control the syn...
Read more