Skip to content

Commit

Permalink
[Identity] Update README regarding user-assigned MI (#37595)
Browse files Browse the repository at this point in the history 
Examples were added to demonstrate how to authenticate with a
user-assigned managed identity using and object ID and resource ID.

Signed-off-by: Paul Van Eck <paulvaneck@microsoft.com>
  • Loading branch information
@pvaneck
pvaneck authored Sep 27, 2024
1 parent 5f5ab59 commit 703aa82
Showing 1 changed file with 30 additions and 1 deletion.
31 changes: 30 additions & 1 deletion sdk/identity/azure-identity/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -162,13 +162,42 @@ client = SecretClient("https://my-vault.vault.azure.net", default_credential)

### Examples

These examples demonstrate authenticating `SecretClient` from the [`azure-keyvault-secrets`](https://github.com/Azure/azure-sdk-for-python/tree/main/sdk/keyvault/azure-keyvault-secrets) library with `ManagedIdentityCredential`.


#### Authenticate with a user-assigned managed identity

To authenticate with a user-assigned managed identity, you must specify one of the following IDs for the managed identity.

##### Client ID

```python
from azure.identity import ManagedIdentityCredential
from azure.keyvault.secrets import SecretClient

credential = ManagedIdentityCredential(client_id="managed_identity_client_id")
client = SecretClient("https://my-vault.vault.azure.net", credential)
```

##### Resource ID

```python
from azure.identity import ManagedIdentityCredential
from azure.keyvault.secrets import SecretClient

resource_id = "/subscriptions/<id>/resourceGroups/<rg>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/<mi-name>"

credential = ManagedIdentityCredential(identity_config={"resource_id": resource_id})
client = SecretClient("https://my-vault.vault.azure.net", credential)
```

##### Object ID

```python
from azure.identity import ManagedIdentityCredential
from azure.keyvault.secrets import SecretClient

credential = ManagedIdentityCredential(client_id=managed_identity_client_id)
credential = ManagedIdentityCredential(identity_config={"object_id": "managed_identity_object_id"})
client = SecretClient("https://my-vault.vault.azure.net", credential)
```

Expand Down

0 comments on commit 703aa82

Please sign in to comment.