Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Using Managed Identity in container workloads

See original GitHub issue

Query/Question We are looking to add support for Managed Identity (MI), previously known as Managed Service Identity (MSI), to our application which is running in a Linux container.

As it will be hosted on Kubernetes, we’ll use AAD Pod Identity.

However, it’s not clear how we should approach this with the current version of the library.

FromMSI requires us to pass MSIResourceType via MSILoginInformation but it only allows us to specify App Service & Virtual Machines, same for FromSystemAssignedManagedServiceIdentity & FromUserAssigedManagedServiceIdentity.

Is there a way to implement this or is it not supported yet?

Why is this not a Bug or a feature Request? I’m merely looking how to approach Managed Identity authentication.

Setup (please complete the following information if applicable):

  • OS: Linux
  • IDE : Visual Studio
  • Version of the Library used: 1.30.0

Information Checklist Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report

  • Query Added
  • Setup information Added (N/A)

Issue Analytics

  • State:open
  • Created 4 years ago
  • Comments:11 (9 by maintainers)

github_iconTop GitHub Comments

1reaction
chrisfraschetticommented, Aug 31, 2020

Any updates on this issue? It’s a bit of a mess needing to mix and match both a systemassigned identities and service principal simply because the client library is behind.

1reaction
nickzhumscommented, Jan 21, 2020

@tomkerkhove yes, also if it’s convenient for you to use Azure CLI, the managed identities for AKS can be accessed via Azure CLI commands (https://docs.microsoft.com/en-us/azure/aks/use-managed-identity) as previously mentioned

Read more comments on GitHub >

github_iconTop Results From Across the Web

Use an Azure AD workload identities on Azure Kubernetes ...
Azure AD workload identity uses Service Account Token Volume Projection enabling pods to use a Kubernetes identity (that is, a service account).
Read more >
Introduction - Azure AD Workload Identity
Workloads deployed in Kubernetes clusters require Azure AD application credentials or managed identities to access Azure AD protected resources, such as Azure ...
Read more >
Using Managed Identity with Azure AD Workload ... - Jay Lee
Using Managed Identity with Azure AD Workload Identity on AKS for Spring Boot. This article covers the migration from Pod Identity to AAD...
Read more >
Use Azure AD workload identity to securely access ...
Managed identities provide an identity for applications to use when connecting to resources that support Azure Active Directory (Azure AD) authentication.
Read more >
Kubernetes Workload Identity with AKS - baeke.info
Currently, workload identity federation does not work with managed identities. Managed identities are basically a wrapper around app ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

[BUG] SDK creates a lot of HttpClient causing connection starvation

Next page

[BUG] Web App Service Logs Retention Days not set for Application Logging