You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/operator-nexus/howto-service-principal.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -13,7 +13,7 @@ ms.author: matthewernst
13
13
14
14
Service principals in Azure are identity entities that are used by applications, services, and automation tools to access specific Azure resources. They can be thought of as 'users' for applications, allowing these applications to interact with Azure services. Service principals provide and control permissions to Azure resources within your subscription, allowing you to specify exactly what actions an application can perform in your environment.
15
15
16
-
For more information on how to create a Service principal, reference this [tutorial](/cli/azure/azure-cli-sp-tutorial-1.md) or this [documentation](/entra/architecture/service-accounts-principal).
16
+
For more information on how to create a Service principal, an existing Azure Learn [documentation](/entra/architecture/service-accounts-principal) goes into Service Principal fundamentals.
17
17
18
18
## Service principals in Operator Nexus
19
19
@@ -29,12 +29,12 @@ For information on how to rotate a service principal, reference [how to rotate s
29
29
30
30
## Best practices
31
31
32
-
The below guidance is a high-level list of recommended security considerations to take into account when managing a new service principal.
32
+
The list is a high-level list of recommended security considerations to take into account when managing a new service principal.
33
33
34
34
-**Least Privilege**: Assign the minimum permissions necessary for the service principal to perform its function. Avoid assigning broad permissions if they aren't needed.
35
-
-**Lifecycle Management**: Regularly review and update service principals. Remove or disable them when they're no longer needed.
35
+
-**Lifecycle Management**: Regularly review and update service principals. Remove or disable them when not required.
36
36
-**Use Managed Identities**: Where possible, use Azure Managed Identities instead of creating and managing service principals manually.
37
-
-**Secure Secrets**: If a service principal uses a password (client secret), ensure it's stored securely. Consider using Azure Key Vault.
37
+
-**Secure Secrets**: If a service principal uses a password (client secret), ensure credentials are stored securely. Consider using Azure Key Vault.
38
38
-**Monitor Activity**: Use Azure Monitor and Azure Log Analytics to track the activities of your service principals.
39
39
-**Rotation of Secrets**: Regularly rotate and change the service principal's secrets. The maximum recommended duration is 180 days.
40
40
-**Use Azure Policy**: Implement Azure policies to audit and enforce best practices for service principals.
0 commit comments