Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ability to express user-assigned managed identity in IConfiguration #19090

Closed
mattchenderson opened this issue Feb 27, 2021 · 2 comments
Closed

Ability to express user-assigned managed identity in IConfiguration #19090

mattchenderson opened this issue Feb 27, 2021 · 2 comments
Assignees
@pakrym
Labels
Client This issue points to a problem in the data-plane of the library. Extensions ASP.NET Core extensions needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team

Comments

@mattchenderson
Copy link

Library or service name.
Microsoft.Extensions.Azure

Is your feature request related to a problem? Please describe.
When using a configuration source to drive a connection, I would like to be able to reference a user-assigned identity. The model today accounts for system-assigned only. That's the default case, and a client ID option exists in conjunction with a secret to form a client credential. Just adding a solo client ID could create some confusion there, so it needs to be explicit. That's especially true considering deployment environments.

Proposal (CC @pakrym) : Add an explicit credential property (possibly useable in other areas), which can be set to "managedidentity" and indicates the ManagedIdentityCredential type should be used. A clientId property is optional and if set indicates the used-assigned identity as per the ManagedIdentityCredential constructor. In absence of clientId, the system-assigned identity should be used. In practice, setting credential on its own is unlikely since omitting it entirely would provide the same result + local options per DefaultAzureCredential underneath.

Using a Blob as an example (json config):

{
  "MyStorageConnection": {
      "serviceUri": "",
      "credential": "managedidentity",
      "clientId": ""
  }
}
@ghost ghost added the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Feb 27, 2021
@jsquire jsquire added Client This issue points to a problem in the data-plane of the library. Extensions ASP.NET Core extensions needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team labels Feb 27, 2021
@ghost ghost removed the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Feb 27, 2021
@jsquire
Copy link
Member

jsquire commented Feb 27, 2021

Thank you for your feedback. Tagging and routing to the team member best able to assist.

@pakrym
Copy link
Contributor

pakrym commented Mar 1, 2021

Done in #18459.

@pakrym pakrym closed this as completed Mar 1, 2021
@github-actions github-actions bot locked and limited conversation to collaborators Mar 28, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@pakrym pakrym

Labels
Client This issue points to a problem in the data-plane of the library. Extensions ASP.NET Core extensions needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jsquire @pakrym @mattchenderson