Customers may see such authorization events in App Service -> Monitoring -> Logs -> AppServiceAuditLogs, and be puzzled by these entries.
Resource field value is your app service web app name, and the User account of KUDU line is '$' plus your app name.
The User account of AAD line is 10032*****, totally 16 digit number. This is the Net ID of your logged in AAD account.
You can query the 'UserDisplayName' column to display the readable user account name of this NET ID.
What's that?
These are the authentication and authorization events when accessing the KUDU site(the .scm site) by Web browser.
Refer to https://github.com/projectkudu/kudu/wiki/Accessing-the-kudu-service
When access to SCM site, the scm service requires authentication and authorization.
Authentication
There are 2 authentication mechanisms.
What Kind of User Operations Trigger Kudu Authorization Events?
For example, visit Settings -> Web Jobs, Development Tools -> Extensions, API -> API management, Process Explorer and Metrics under Monitoring, etc on Azure App service Portal https://ms.portal.azure.com/, it will trigger such kind of below requests to the Kudu/SCM service. And these requests will default log in to Kudu with the user's AAD account.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.