Nov 24 2021 09:50 AM
We are looking at using Managed Identity with on-prem servers that run enterprise applications.
The server runs multiple applications that has their own app registration in Azure Active Directory. We would like to use managed identity so that the applications do not need to rotate their client secrets. Currently each application makes calls to Azure resources by getting their token with the client Id and secret.
Every example I see makes it look like you can use the server's managed identity to get access tokens for Azure resources on behalf of the application. I've seen examples where you can pass a user defined managed identity client id, so I assume I can pass the application's client Id instead. But I do not see how I can associate the application's Id with the Arc Server instance.
Is what I am trying to do possible? Or does the applications need to access Azure resources as the Arc Server's managed identity?
Dec 09 2021 06:27 AM