Managedidentity powershell #91
Conversation
added basic steps to assign managed identity
…anaged-identity-powershell.md basic instructions in the (hopefully) correct folder
There was a problem hiding this comment.
This is a great start! I've added some suggestions. And I'll update/add the deployment lesson for a PS function.
Looks like you renamed the _lesson_template.md file so that's gone now 😬. Can you put the template back for future use? 😉
You can put the source code in this folder: \src\PowerShell\AzureFunctions.ManagedIdentity. Please include the local.settings.json as well (as long as that does not contain any secrets).
Once the sources have been added we can start with CodeTour and Workspaces.
|
|
||
| ### Steps | ||
|
|
||
| 1. Install the Core Tools package with `npm install -g azure-functions-core-tools@3 --unsafe-perm true` |
There was a problem hiding this comment.
You can skip 1 and 2 since they are also described in the prerequistes page.
There was a problem hiding this comment.
I suggest to use this formatting to keep the style the same as the other lessons:
https://github.com/marcduiker/azure-functions-university/blob/main/lessons/dotnetcore31/queue/queue-lesson-dotnet.md#steps-1
There was a problem hiding this comment.
ah, I see. I assumed that you'd do it the docs.microsoft.com way - but happy to adjust :-)
|
|
||
| See [{language} prerequisites](../prerequisites/prerequisites-{language}.md) for more details. | ||
|
|
||
| ## 1. Create an Azure Functions |
There was a problem hiding this comment.
| ## 1. Create an Azure Functions | |
| ## 1. Create an Azure Functions App |
|
|
||
| ## 1. Create an Azure Functions | ||
|
|
||
| before we will deploy our app to Azure, we will develop it locally in Visual Studio Code. This comes with some great advantages such as |
There was a problem hiding this comment.
I suggest you add a description here what the goal of is this exercise (what is the end result?)
An example: https://github.com/marcduiker/azure-functions-university/blob/main/lessons/dotnetcore31/queue/queue-lesson-dotnet.md#2-using-string-queue-output-bindings
We can drop the general benefits of VS Code here since all the lessons sofar have been done in VSCode.
|
|
||
| ### Steps | ||
|
|
||
| ``` |
There was a problem hiding this comment.
| ``` | |
| ```console |
| - permission scope, expressed as App role | ||
| Let’s do this: | ||
|
|
||
| ``` |
There was a problem hiding this comment.
| ``` | |
| ```powershell |
| $appRoleId = az ad sp show --id $graphId --query "appRoles[?value=='Group.Read.All'].id | [0]" | ||
| ``` | ||
| Time to make the REST call to assign the permissions as shown above to the Managed Identity: | ||
| ``` |
There was a problem hiding this comment.
| ``` | |
| ```powershell |
|
|
||
| ## 5. Homework | ||
|
|
||
| <!-- check with Marc what would be appropriate homework --> |
There was a problem hiding this comment.
What would be a small extension to the function app that doesn't require any new knowledge?
There was a problem hiding this comment.
❓perhaps calling another endpoint of Graph?
|
|
||
| ## 6. More info | ||
| <!-- | ||
| check with Marc about what should go in this section --> |
There was a problem hiding this comment.
Usually we put links here to MS docs. So in this case any links that have been used before in the text regarding background info on Managed Identities. E.g: https://github.com/marcduiker/azure-functions-university/blob/main/lessons/dotnetcore31/queue/queue-lesson-dotnet.md#9-more-info
Co-authored-by: Marc Duiker <[email protected]>
Co-authored-by: Marc Duiker <[email protected]>
|
Closed because #92 replaces this PR |
Hey there, hope I did at least SOME things right. Please @marcduiker reach out, will need help with some assets of a lesson :-)