Overview When a Kubernetes cluster is set up in an AKS environment, you can associate that with an AAD service principal or an MSI (Managed Service Identity). Usually, you would use this identity to access "cluster-specific" resources, e.g. Container Registry, Key vault storing cluster secrets, Storage accounts with additional artifacts, etc. But suppose you are… Continue reading Part 1: Consuming secrets from an Azure Kubernetes Service (AKS) container – Linux
Tag: AAD
Service-to-Service Authentication on the Cloud
Overview Service-to-Service authentication over the cloud is probably one of most common authentication scenarios that are required. A service calling another service could be within the same domain boundary, e.g. a micro service calling another micro service or could be across the domain if the service is calling another service outside its own boundary. Essentially,… Continue reading Service-to-Service Authentication on the Cloud
Managing Secrets for your Service in the Cloud
Application in the cloud ranges from a simple single page application to complex applications running complex logics across multiple boundaries and geographic regions. Irrespective of what kind they are, they must deal with secrets. Managing secrets is usually hard, especially when the application needs to be compliant, and the application has a big user base,… Continue reading Managing Secrets for your Service in the Cloud
OAuth 2.0 and OpenId With Azure Azure Active Directory (AAD)
Overview of OAuth 2.0 The OAuth 2.0 protocol is an open standard for delegated authorization scenarios. The term delegation in here means the user lets an application access its data in it its behalf. The OAuth 2.0 protocol is widely accepted to provide capabilities to Web API to make authorization decisions, without requiring for the… Continue reading OAuth 2.0 and OpenId With Azure Azure Active Directory (AAD)
Nerd Backbone 