Reducing the need for secrets with managed identities
Managed identities (now known by the full name Microsoft Entra managed identities for Azure resources) remove the hassles we had with service principals. Managed identities abstract service principals, creating and deleting them automatically.
Using an Azure service (such as Azure Container Apps), the identity of the service can be configured to run with a managed identity. Services that are accessed (such as Azure App Configuration) use role management, whereby you configure who has access to this resource – which includes a simple option to select a managed identity.
The kinds of managed identities that are available are system-assigned managed identities and user-assigned managed identities:
- A system-assigned managed identity is directly associated with the Azure resource. If the Azure resource is deleted, the managed identity and its role-based access are removed as well.
- A user-assigned managed identity...
