You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/service-fabric/configure-existing-cluster-enable-managed-identity-token-service.md
+10-9Lines changed: 10 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,24 +1,25 @@
1
1
---
2
-
title: Azure Service Fabric - Configure an existing Azure Service Fabric cluster to enable managed identity support
3
-
description: This article shows you how to configure an existing Azure Service Fabric cluster to enable support for managed identities
4
-
2
+
title: Configure managed identity support in an existing Service Fabric cluster
3
+
description: Here's how to enable managed identities support in an existing Azure Service Fabric cluster
5
4
ms.topic: article
6
5
ms.date: 12/09/2019
6
+
ms.custom: sfrev
7
7
---
8
8
9
-
# Configure an existing Azure Service Fabric cluster to enable Managed Identity support (preview)
10
-
In order to access the managed identity feature for Azure Service Fabric applications, you must first enable the **Managed Identity Token Service** on the cluster. This service is responsible for the authentication of Service Fabric applications using their managed identities, and for obtaining access tokens on their behalf. Once the service is enabled, you can see it in Service Fabric Explorer under the **System** section in the left pane, running under the name **fabric:/System/ManagedIdentityTokenService**.
9
+
# Configure managed identity support in an existing Service Fabric cluster (preview)
10
+
11
+
To use [Managed identities for Azure resources](../active-directory/managed-identities-azure-resources/overview) in your Service Fabric applications, first enable the *Managed Identity Token Service* on the cluster. This service is responsible for the authentication of Service Fabric applications using their managed identities, and for obtaining access tokens on their behalf. Once the service is enabled, you can see it in Service Fabric Explorer under the **System** section in the left pane, running under the name **fabric:/System/ManagedIdentityTokenService**.
11
12
12
13
> [!NOTE]
13
14
> Service Fabric runtime version 6.5.658.9590 or higher is required to enable the **Managed Identity Token Service**.
14
-
>
15
+
>
15
16
> You can find the Service Fabric version of a cluster from the Azure portal by opening the cluster resource and checking the **Service Fabric version** property in the **Essentials** section.
16
-
>
17
+
>
17
18
> If the cluster is on **Manual** upgrade mode, you will need to first upgrade it to 6.5.658.9590 or later.
18
19
20
+
## Enable *Managed Identity Token Service* in an existing cluster
19
21
20
-
## Enable the Managed Identity Token Service in an existing cluster
21
-
To enable the Managed Identity Token Service in an existing cluster, you will need to initiate a cluster upgrade specifying two changes: enabling the Managed Identity Token Service, and requesting a restart of each node. To do so, add the following two snippets in the Azure Resource Manager template:
22
+
To enable the Managed Identity Token Service in an existing cluster, you will need to initiate a cluster upgrade specifying two changes: (1) Enabling the Managed Identity Token Service, and (2) requesting a restart of each node. First, add the following snippet your cluster Azure Resource Manager template:
Copy file name to clipboardExpand all lines: articles/service-fabric/configure-new-azure-service-fabric-enable-managed-identity.md
+10-9Lines changed: 10 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,20 +1,21 @@
1
1
---
2
-
title: Deploy a new Service Fabric cluster with Managed Identity
3
-
description: This article shows you how to create a new Service Fabric cluster with Managed Identity enabled
4
-
2
+
title: Configure managed identity support for a new Service Fabric cluster
3
+
description: Here's how to enable managed identities support in a new Azure Service Fabric cluster
5
4
ms.topic: article
6
5
ms.date: 12/09/2019
6
+
ms.custom: sfrev
7
7
---
8
8
9
-
# Create a new Azure Service Fabric cluster with Managed Identity support (preview)
9
+
# Configure managed identity support for a new Service Fabric cluster (preview)
10
10
11
-
In order to access the managed identity feature for Azure Service Fabric applications, you must first enable the Managed Identity Token Service on the cluster. This service is responsible for the authentication of Service Fabric applications using their managed identities, and for obtaining access tokens on their behalf. Once the service is enabled, you can see it in Service Fabric Explorer under the **System** section in the left pane, running under the name **fabric:/System/ManagedIdentityTokenService** next to other system services.
11
+
To use [Managed identities for Azure resources](../active-directory/managed-identities-azure-resources/overview) in your Service Fabric applications, first enable the *Managed Identity Token Service* on the cluster. This service is responsible for the authentication of Service Fabric applications using their managed identities, and for obtaining access tokens on their behalf. Once the service is enabled, you can see it in Service Fabric Explorer under the **System** section in the left pane, running under the name **fabric:/System/ManagedIdentityTokenService** next to other system services.
12
12
13
13
> [!NOTE]
14
14
> Service Fabric runtime version 6.5.658.9590 or higher is required to enable the **Managed Identity Token Service**.
15
15
16
-
## Enable the Managed Identity Token Service
17
-
To enable the Managed Identity Token Service at cluster creation time, you may use the following snippet in an Azure Resource Manager template:
16
+
## Enable the Managed Identity Token Service
17
+
18
+
To enable the Managed Identity Token Service at cluster creation time, add the following snippet to your cluster Azure Resource Manager template:
18
19
19
20
```json
20
21
"fabricSettings": [
@@ -35,21 +36,21 @@ To enable the Managed Identity Token Service at cluster creation time, you may u
35
36
If the deployment fails with this message, it means the cluster is not on the required Service Fabric version (the minimum supported runtime is 6.5 CU2):
36
37
37
38
38
-
39
39
```json
40
40
{
41
41
"code": "ParameterNotAllowed",
42
42
"message": "Section 'ManagedIdentityTokenService' and Parameter 'IsEnabled' is not allowed."
43
43
}
44
44
```
45
45
46
-
47
46
## Related Articles
47
+
48
48
* Review [managed identity support](./concepts-managed-identity.md) in Azure Service Fabric
49
49
50
50
*[Enable managed identity support in an existing Azure Service Fabric cluster](./configure-existing-cluster-enable-managed-identity-token-service.md)
51
51
52
52
## Next steps
53
+
53
54
*[Deploy an Azure Service Fabric application with a system-assigned managed identity](./how-to-deploy-service-fabric-application-system-assigned-managed-identity.md)
54
55
*[Deploy an Azure Service Fabric application with a user-assigned managed identity](./how-to-deploy-service-fabric-application-user-assigned-managed-identity.md)
55
56
*[Leverage the managed identity of a Service Fabric application from service code](./how-to-managed-identity-service-fabric-app-code.md)
0 commit comments