The old way is, we use post provision script to create the service link again
az containerapp connection create mysql-flexible xxx
But there are some limitations:
ERROR: AADSTS530003: Your device is required to be managed to access this resource. But on github codespace environment, the devcontainer environment is not a managed device.
You must add your self to "Microsoft Entra Admins" before run the command.
we use service connection for apps to sql server
when use bicep to create the service link 'Microsoft.ServiceLinker/linkers@2023-04-01-preview', it does not create aad user in the db server.
The aad user is created in az extension, see https://github.com/Azure/azure-cli-extensions/blob/main/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py
The old way is, we use post provision script to create the service link again
az containerapp connection create mysql-flexible xxxBut there are some limitations:
ERROR: AADSTS530003: Your device is required to be managed to access this resource.But on github codespace environment, the devcontainer environment is not a managed device.A more direct way is, run command to add aad user to the db server and grant permissions. ref file: https://github.com/Azure/azure-dev/blob/main/templates/common/infra/bicep/core/database/sqlserver/sqlserver.bicep