You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Now, I've just learned that I can give my Azure SQL Server its own managed identity, and I'd love to be able to perform database actions (e.g. Entity Framework migrations) using that instead of maintaining an MSSQL user/password as the database owner.
Would it be possible to integrate this action with azure/login in such a way that the connection string can use the Authentication=Active Directory Default trick to connect using the service principal you've already logged in with? Or maybe you can think of an even easier way to pull this off.
This is all in the spirit of not having to store passwords anywhere. This way I wouldn't even need to store my db_owner password as a GitHub secret.
Thanks!
The text was updated successfully, but these errors were encountered:
mabster
changed the title
Can I connec to an Azure SQL database using a managed identity?
Can I connect to an Azure SQL database using a managed identity?
Apr 26, 2022
If I have an Azure App Service with a managed identity, I can give it db_datareader/db_datawriter access to my database like this:
(Where $appName is the name of the managed identity service principal.)
I can then connect to that database from the app service with a connection string like this:
Now, I've just learned that I can give my Azure SQL Server its own managed identity, and I'd love to be able to perform database actions (e.g. Entity Framework migrations) using that instead of maintaining an MSSQL user/password as the database owner.
Would it be possible to integrate this action with azure/login in such a way that the connection string can use the
Authentication=Active Directory Default
trick to connect using the service principal you've already logged in with? Or maybe you can think of an even easier way to pull this off.This is all in the spirit of not having to store passwords anywhere. This way I wouldn't even need to store my db_owner password as a GitHub secret.
Thanks!
The text was updated successfully, but these errors were encountered: