We are trying to authenticate DefaultAzureCredential using azure user-assigned managed identities with python SDK. The approach we see is to specify the client id as below, following the python SDK guidance.
DefaultAzureCredential(managed_identity_client_id=123456)
We are wondering if there's another way to authenticate the managed identity with DefaultAzureCredential? Right now we hard-coded these client ids in the config which is not very robust when we recreate the MI. Is there a way we can use resourceId of the managed identity or fetching the managed identity client id from its subscription id and name in python SDK?
Any help is greatly appreciated! Thank you :)
We are wondering if there's another way to authenticate the managed identity with DefaultAzureCredential?
It seems as of now there is no alternative way to do that.
managed_identity_client_id
: The client ID of a user-assigned managed identity. Defaults to the value of the environment variable AZURE_CLIENT_ID
, if any. If not specified, a system-assigned identity will be used.
You can refer to DefaultAzureCredential(managed_identity_client_id) and Determine client id of user-assigned managed identity at runtime?