Forum Discussion

eddie89's avatar
eddie89
Copper Contributor
Feb 25, 2023

How to assign multiple user-managed-identities to Azure Web App depending on the AD user

I have a single Azure Web App that connects back to Azure Flexible Postgres using AD authentication.   I've managed to add the AD Administrator to Postgres and add two user managed identities as Po...
  • ergolpe's avatar
    Mar 07, 2023
    User-Managed-Identities are for applications to use when connecting to resources that support Azure AD authentication. They should not be directly manipulated by AAD Users (User objects) themselves. Applications use managed identities to obtain Azure AD tokens without having to manage any credentials, unlike Users who can manage their own credentials directly. What you should be leveraging are role-based access controls and I would suggest looking at creating custom roles if the out-of-box role based access control permissions don't meet what you are looking for. However, since this is more within the Postgres DB itself, you would be best served utilizing DB roles within Postgres itself: https://www.postgresql.org/docs/current/user-manag.html

Resources