cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Azure Arc server / managed identity / enterprise apps

MikeOnDotNet
Copper Contributor

‎Nov 24 2021 09:50 AM

‎Nov 24 2021 09:50 AM

Azure Arc server / managed identity / enterprise apps

We are looking at using Managed Identity with on-prem servers that run enterprise applications.

 

The server runs multiple applications that has their own app registration in Azure Active Directory.  We would like to use managed identity so that the applications do not need to rotate their client secrets.  Currently each application makes calls to Azure resources by getting their token with the client Id and secret.

 

Every example I see makes it look like you can use the server's managed identity to get access tokens  for Azure resources on behalf of the application.  I've seen examples where you can pass a user defined managed identity client id, so I assume I can pass the application's client Id instead.   But I do not see how I can associate the application's Id with the Arc Server instance.

 

Is what I am trying to do possible?  Or does the applications need to access Azure resources as the Arc Server's managed identity?

1,178 Views
1 Like
1 Reply
Reply
1 Reply
RyanWillis

‎Dec 09 2021 06:27 AM

‎Dec 09 2021 06:27 AM

Re: Azure Arc server / managed identity / enterprise apps

Hi Mike, thanks for sharing your scenario! Today, you can only use system-assigned managed identities on Azure Arc-enabled servers. We're always looking for ways to improve Azure Arc and I will pass along your interest in user-assigned identities to help the team as we evaluate and prioritize new capabilities.
0 Likes
Reply