|
| 1 | +The following steps demonstrate how to create a system-assigned managed identity for various web hosting services. The managed identity can securely connect to other Azure Services using the app configurations you set up previously. |
| 2 | + |
| 3 | +### [Service Connector](#tab/service-connector) |
| 4 | + |
| 5 | +Some app hosting environments support Service Connector, which helps you connect Azure compute services to other backing services. Service Connector automatically configures network settings and connection information. You can learn more about Service Connector and which scenarios are supported on the [overview page](../../../articles/service-connector/overview.md). |
| 6 | + |
| 7 | +The following compute services are currently supported: |
| 8 | + |
| 9 | +* Azure App Service |
| 10 | +* Azure Spring Cloud |
| 11 | +* Azure Container Apps (preview) |
| 12 | + |
| 13 | +For this migration guide you'll use App Service, but the steps are similar on Azure Spring Apps and Azure Container Apps. |
| 14 | + |
| 15 | +> [!NOTE] |
| 16 | +> Azure Spring Apps currently only supports Service Connector using connection strings. |
| 17 | +1. On the main overview page of your App Service, select **Service Connector** from the left navigation. |
| 18 | + |
| 19 | +1. Select **+ Create** from the top menu and the **Create connection** panel will open. Enter the following values: |
| 20 | + |
| 21 | + * **Service type**: Choose **Service bus**. |
| 22 | + * **Subscription**: Select the subscription you would like to use. |
| 23 | + * **Connection Name**: Enter a name for your connection, such as *connector_appservice_servicebus*. |
| 24 | + * **Client type**: Leave the default value selected or choose the specific client you'd like to use. |
| 25 | + |
| 26 | + Select **Next: Authentication**. |
| 27 | + |
| 28 | +1. Make sure **System assigned managed identity (Recommended)** is selected, and then choose **Next: Networking**. |
| 29 | +1. Leave the default values selected, and then choose **Next: Review + Create**. |
| 30 | +1. After Azure validates your settings, select **Create**. |
| 31 | + |
| 32 | +The Service Connector will automatically create a system-assigned managed identity for the app service. The connector will also assign the managed identity a **Azure Service Bus Data Owner** role for the service bus you selected. |
| 33 | + |
| 34 | +### [Azure App Service](#tab/app-service) |
| 35 | + |
| 36 | +1. On the main overview page of your Azure App Service instance, select **Identity** from the left navigation. |
| 37 | + |
| 38 | +1. Under the **System assigned** tab, make sure to set the **Status** field to **on**. A system assigned identity is managed by Azure internally and handles administrative tasks for you. The details and IDs of the identity are never exposed in your code. |
| 39 | + |
| 40 | + :::image type="content" source="../media/migration-create-identity-small.png" alt-text="Screenshot showing how to create a system assigned managed identity." lightbox="../media/migration-create-identity.png"::: |
| 41 | + |
| 42 | +### [Azure Spring Apps](#tab/spring-apps) |
| 43 | + |
| 44 | +1. On the main overview page of your Azure Spring Apps instance, select **Identity** from the left navigation. |
| 45 | + |
| 46 | +1. Under the **System assigned** tab, make sure to set the **Status** field to **on**. A system assigned identity is managed by Azure internally and handles administrative tasks for you. The details and IDs of the identity are never exposed in your code. |
| 47 | + |
| 48 | + :::image type="content" source="../media/spring-apps-identity.png" alt-text="Screenshot showing how to enable managed identity for Azure Spring Apps."::: |
| 49 | + |
| 50 | +### [Azure Container Apps](#tab/container-apps) |
| 51 | + |
| 52 | +1. On the main overview page of your Azure Container Apps instance, select **Identity** from the left navigation. |
| 53 | + |
| 54 | +1. Under the **System assigned** tab, make sure to set the **Status** field to **on**. A system assigned identity is managed by Azure internally and handles administrative tasks for you. The details and IDs of the identity are never exposed in your code. |
| 55 | + |
| 56 | + :::image type="content" source="../media/container-apps-identity.png" alt-text="Screenshot showing how to enable managed identity for Azure Container Apps."::: |
| 57 | + |
| 58 | +### [Azure Virtual Machines](#tab/virtual-machines) |
| 59 | + |
| 60 | +1. On the main overview page of your virtual machine, select **Identity** from the left navigation. |
| 61 | + |
| 62 | +1. Under the **System assigned** tab, make sure to set the **Status** field to **on**. A system assigned identity is managed by Azure internally and handles administrative tasks for you. The details and IDs of the identity are never exposed in your code. |
| 63 | + |
| 64 | + :::image type="content" source="../media/virtual-machine-identity.png" alt-text="Screenshot showing how to enable managed identity for virtual machines."::: |
| 65 | + |
| 66 | +--- |
0 commit comments