Thanks for watching this week's episode. My sincere apologies for the poor audio in the screencast portion. My good mic died and I had to use the actual source from the Surfacebook, which isn't anywhere near as good. We tried to clean it up, but I know its not ideal. No matter though... I am still able to show how sweet managed identities are!!! Hope you like it!
You are too good to be truth. Such a detailed and logical step by step explanation is close to impossible to be found nova days. Thank you, and I hope one day you start your channel once again.
Thanks for this, very clear and helpful. As a remark: don't switch mid-way from CLI to UI, now I'm stuck with half the commands to do this. (Or if you do switch over in the video to UI, mention that the commands can be found in the description/some website/...)
Please help me understand. At 9:04 , after you assigned the Managed Identity to the Linux VM and then did a CURL operation to fetch the access token , how did MS authenticate the HTTP request that originated due to CURL ?
Hey Saurabh, a good place to start to learn how the Azure metadata service exposed at 169.254.169.254 works would be to check out this article: docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-use-vm-token
Another article that showcases more info on what is exposed from the metadata service is at docs.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service
Great Video. Definitely a keeper. Unfortunately this is way over my head. Not sure how long you've been doing this but damn your good. I understand its value but creating and managing it will take me sometime to learn well. Thanks for all your videos.
Hey Ivan, I use the “Windows Terminal” from Microsoft, which you can download for free from the Microsoft Store. It supports a cmd shell, PowerShell and even Azure CloudShell. I also use it with WSL so I have a full bash environment. HTH!
I'm now just wondering how assigning a UAMI to the Linux VM in ARM suddenly gives you access to the token inside the VM. I imagine it's some Azure agent/service or something that passes it through, but I am curious.
Azure Academy can learn a trick or 2 from you sir! Just one remark if you don't mind: The videos in the playlist are in no particular order, this is actually the first video and from the sound of it, there are obviously previous lessons. Perhaps you might consider rearranging the content of the play list?
Thanks. Can you do a video of how to use managed identities correctly within a devops pipeline? I see you can create a service connection for Azure Resource Manager which allows the Managed Identity option but it doesn't allow me to specify which managed identity I want to use. I'm very confused.
Sir, I am new to Azure DevOps, this designation is quite new. I have a question, can we fetch servicePrincipaID using the Managed identity or Uploaded certificate (.cer) using PowerShell? If Yes, then please lead me.
Take a look at the AADManagedIdentitySignInLogs object for Azure Monitor at docs.microsoft.com/en-us/azure/azure-monitor/reference/tables/aadmanagedidentitysigninlogs
Well, if the identities are across tenants you will have a hard time. While you can federate between directories, that's not something you would use with managed identities. What exactly are you wanting to accomplish?
Thanks for watching this week's episode. My sincere apologies for the poor audio in the screencast portion. My good mic died and I had to use the actual source from the Surfacebook, which isn't anywhere near as good. We tried to clean it up, but I know its not ideal. No matter though... I am still able to show how sweet managed identities are!!! Hope you like it!
not a major issue... love the background music.
You are too good to be truth. Such a detailed and logical step by step explanation is close to impossible to be found nova days. Thank you, and I hope one day you start your channel once again.
It's also awesome to see Managed Identities working on K8s too. :)
Thanks for this, very clear and helpful. As a remark: don't switch mid-way from CLI to UI, now I'm stuck with half the commands to do this. (Or if you do switch over in the video to UI, mention that the commands can be found in the description/some website/...)
Thanks for this great video. A very clear and useful video to understand managed identities in Azure.
Clear presentation and very useful....
Please help me understand. At 9:04 , after you assigned the Managed Identity to the Linux VM and then did a CURL operation to fetch the access token , how did MS authenticate the HTTP request that originated due to CURL ?
Hey Saurabh, a good place to start to learn how the Azure metadata service exposed at 169.254.169.254 works would be to check out this article: docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-use-vm-token
Another article that showcases more info on what is exposed from the metadata service is at docs.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service
Great Video. Definitely a keeper. Unfortunately this is way over my head. Not sure how long you've been doing this but damn your good. I understand its value but creating and managing it will take me sometime to learn well. Thanks for all your videos.
great video: short, to the point and practical - thx!
Brilliant as usual🙌
Very helpful, thank you for the great guides. :)
hi Dana, thanks for sharing this super useful!! what is the terminal you use for Azure cli?
Hey Ivan, I use the “Windows Terminal” from Microsoft, which you can download for free from the Microsoft Store. It supports a cmd shell, PowerShell and even Azure CloudShell. I also use it with WSL so I have a full bash environment. HTH!
Great video. thanks for sharing.
I'm now just wondering how assigning a UAMI to the Linux VM in ARM suddenly gives you access to the token inside the VM. I imagine it's some Azure agent/service or something that passes it through, but I am curious.
Azure Academy can learn a trick or 2 from you sir! Just one remark if you don't mind: The videos in the playlist are in no particular order, this is actually the first video and from the sound of it, there are obviously previous lessons. Perhaps you might consider rearranging the content of the play list?
That's great feedback. We'll look into.
nice demo, thanks a lot.
Thanks. Can you do a video of how to use managed identities correctly within a devops pipeline? I see you can create a service connection for Azure Resource Manager which allows the Managed Identity option but it doesn't allow me to specify which managed identity I want to use. I'm very confused.
You need a service principal
Sir, I am new to Azure DevOps, this designation is quite new. I have a question, can we fetch servicePrincipaID using the Managed identity or Uploaded certificate (.cer) using PowerShell? If Yes, then please lead me.
Thanks. This was very helpful.
New subscriber here. I like your presentation style.
Thanks Ed!
Great content here. Just sad that Dana got taken by the Covid 😢
Learned something new. Thanks
How to get the activity log of the Managed identity? for example, if MI is used to access secret in KV, how to get it logged...
Take a look at the AADManagedIdentitySignInLogs object for Azure Monitor at docs.microsoft.com/en-us/azure/azure-monitor/reference/tables/aadmanagedidentitysigninlogs
Nice contents in your videos thanks
Glad you like them!
Good vídeo 👍
Greate video.
Very useful
Awesome !!
You're the best
hi how can i leverage the managed identity when my resource is in another tenant and my azure AD is in separate tenant?
Well, if the identities are across tenants you will have a hard time. While you can federate between directories, that's not something you would use with managed identities. What exactly are you wanting to accomplish?
I LOVE your video bro
Hi speaker nice videos. Could I connect you in fb or watsapp. Need some help in azure
Waiting for Azure Sentinel episode ...