You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
<I thought this issue existed, but I can't seem to find it...>
Deployment of managed identities should be done programmatically (probably via bicep).
This won't necessarily be straight-forward to implement because of differences which exist today between production / staging environments. ie, there is not a standard naming convention between environments so storage accounts, resource groups, resources are all over the place. Something will need to know that MI A1 in subscription B1 has access policy set C on resource D and that represents MI A2 in subscription B2 has access policy C on resource E.
Problem
Today, our managed identities are created manually and explicitly given specific access policies which they require. This has a couple of problems
auditing changes is difficult
historical context of changes is difficult
there is no guaranteed consistency between staging and production environments (very error prone)
if these are lost / deleted, recovery would be difficult
discovery is difficult
The text was updated successfully, but these errors were encountered:
<I thought this issue existed, but I can't seem to find it...>
Deployment of managed identities should be done programmatically (probably via bicep).
This won't necessarily be straight-forward to implement because of differences which exist today between production / staging environments. ie, there is not a standard naming convention between environments so storage accounts, resource groups, resources are all over the place. Something will need to know that MI A1 in subscription B1 has access policy set C on resource D and that represents MI A2 in subscription B2 has access policy C on resource E.
Problem
Today, our managed identities are created manually and explicitly given specific access policies which they require. This has a couple of problems
The text was updated successfully, but these errors were encountered: