Managed Identities

Jan 1, 0001

Definition

Managed Identities are a feature of cloud services that provide applications with an automatically managed identity in Azure Active Directory (AAD). This identity can be used to authenticate to any service that supports AAD authentication, without the need to manage credentials. Managed Identities eliminate the need for developers to handle sensitive information like passwords or secrets, thus reducing the risk of credential exposure.

Secure Settings Example

# Azure Resource Manager template for enabling a system-assigned managed identity
{
  "type": "Microsoft.Web/sites",
  "apiVersion": "2021-02-01",
  "name": "[parameters('appName')]",
  "location": "[resourceGroup().location]",
  "identity": {
    "type": "SystemAssigned"
  },
  "properties": {
    "serverFarmId": "[resourceId('Microsoft.Web/serverfarms', parameters('hostingPlanName'))]"
  }
}

Insecure Settings Example

# Example of using hard-coded credentials in a configuration file
{
  "database": {
    "username": "admin",
    "password": "P@ssw0rd123"
  }
}

Managed Identities

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter