Our organisation has adopted complete key less authentication and only use managed identities for any auth in Azure.
Detailed Description
Managed identity in Azure provides a way to authenticate with Azure using AD and it gives us a way to not having service principals or keys which can create vulnerability at times. With MI support we can run inspec in computes in Azure and use identity of VM or aci to run inspec profile.
Context
I am unable to implement inspec is my current organisation as service principals are negated through policies.
Our organisation has adopted complete key less authentication and only use managed identities for any auth in Azure.
Detailed Description
Managed identity in Azure provides a way to authenticate with Azure using AD and it gives us a way to not having service principals or keys which can create vulnerability at times. With MI support we can run inspec in computes in Azure and use identity of VM or aci to run inspec profile.
Context
I am unable to implement inspec is my current organisation as service principals are negated through policies.
Possible Implementation
There is a ruby module already but this is just a suggestion https://github.com/Azure-Samples/resources-ruby-manage-resources-with-msi