alexperovich
commented
2 years ago I did some checking, and it appears that we can use MSI now to authenticate to SQL Azure. They removed the "add the msi identity to a group" requirement. https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-sql#create-contained-user
Kusto now supports MSI, and we can get both maintenance and security gains by moving from key vault authentication to Managed Service Identity (MSI) We should evaluate the various auth schemes in helix-service and move these to use the MSI of their Service Fabric cluster, wherever possible.
Examples: