Tag Archives: azure managed identity

Reliable and scalable infrastructure: Secrets

Posted on 3.10.2021 by abatishchev

This is a series of posts: Introduction Principles Layers Traffic Secrets (this post) In the previous post we’ve discussed probably the most important aspect of running a service – the handling of live traffic. Without it it’s a not a … Continue reading

Posted in Infrastructure | Tagged , , , , , | Leave a comment

How to get secret from Key Vault using PowerShell and Managed Identity

Posted on 3.12.2020 by abatishchev

First you need to acquire a token using Managed Identity by calling the local Instance Metadata Service (IMDS) endpoint: Note that audience must match the service you’re calling and is different from example calling ARM. Then call the Key Vault … Continue reading

Posted in Programming | Tagged , , | Leave a comment

How to assigned permissions for user-assigned managed identity on multiple subscriptions in bulk

Posted on 26.10.2020 by abatishchev

First get the subscriptions you want to assign permissions on: Then get the client id of the identity you to assign permissions for: Now perform the actual permissions assignment: That’s it, folks!

Posted in Programming | Tagged , | Leave a comment

3 ways to assign access policy for user-assigned managed identity on key vault using ARM template

Posted on 26.10.2020 by abatishchev

This post is a summary of my experience dealing with user-assigned managed identity and key vaults in Azure, it explores multiple ways to achieve the same result – how to assign access policies using an ARM template. Each of the … Continue reading

Posted in Infrastructure | Tagged , , | Leave a comment

How to combine Key Vault access policy for AAD application and user-assigned managed identity in single ARM template

Posted on 13.07.2019 by abatishchev

On other day I was exploring how to grant access for a user-assigned managed identity to a key vault. But here’s a more advanced scenario: let’s say legacy code uses an AAD application to access the key vault and modern … Continue reading

Posted in Infrastructure | Tagged , , | Leave a comment

How to create user-assigned managed identity, Key Vault, assign access policy using ARM template

Posted on 8.07.2019 by abatishchev

There is already a plenty of materials about managed identities in Azure. But how to create a user-assigned managed identity and grant it the access to a key vault using an ARM template? I tried to find any references but … Continue reading

Posted in Infrastructure | Tagged , | 2 Comments