What are the options for KeyVault authentication with Cloud Service (extended support)?

jc 1 Reputation point
2022-08-05T17:44:00.957+00:00

It seems that Cloud Service (classic) does not support managed identity: https://learn.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/managed-identities-faq
228647-msi-azure.png

Is managed identity for Cloud Service (extended support) supported? If not, what are the options for accessing KV outside the Cloud Service (extended support) resource group? Is this possible without having to use cert for auth to outside KV?

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,372 questions
Azure Cloud Services
Azure Cloud Services
An Azure platform as a service offer that is used to deploy web and cloud applications.
711 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,258 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. GitaraniSharma-MSFT 49,806 Reputation points Microsoft Employee
    2022-08-09T16:26:16.647+00:00

    Hello @jc ,

    Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

    I understand that you would like to know what are the available options for KeyVault authentication with Cloud Service (extended support).

    You can install the Key Vault VM extension on Azure Cloud Services (extended support) by first creating a bootstrap certificate in your vault to get a token from Azure Active Directory (Azure AD). That token will help in the authentication of the extension with the vault. After the authentication process is set up and the extension is installed, all the latest certificates will be pulled down automatically at regular polling intervals.

    Refer : https://learn.microsoft.com/en-us/azure/cloud-services-extended-support/enable-key-vault-virtual-machine

    Kindly let us know if the above helps or you need further assistance on this issue.

    ----------------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.