As Public Cloud usage continues to grow, new problems emerge, and new tools arise to help us meet those challenges. In the early days of cloud development, “public by default” was largely the norm, and secret keys or other credentials were used to govern access between services. However, these solutions have been prone to error and both misconfiguration and credential leaks have become very real security issues leading to data breaches, ransomware attacks and data loss.
One solution to this challenge is the ability to assign identities directly to applications, allowing them to use role-based access control and industry-proven token-based authentication to govern access between services. To this end, Azure has introduced Managed Identities.
In this talk, we will introduce Managed Identities for Azure resources, and show how you can use them together with role-based access control and industry-proven token-based authentication to govern access between services, without having to embed credentials in either your code or in configuration files.
Benefits of Attending this Session:
- Understand the problems developers may encounter when using embedded credentials in cloud-hosted applications
- Learn how Azure Managed Identities can be used to have Azure itself assign an identity directly to an application
- Learn how Managed Identities can be used with Role-Based Access to provide secure access between services in Azure