Make life simpler, Use Managed Identities -Part 1

A very underrated feature of Azure is the Azure Active AD. A lot of Azure Services can very easily integrate with Azure AD with just a single command/click of a button.

As Azure AD is Managed Identity solution in Azure, we can almost make our code passwordless/signatureless/connectionstringless. This makes our life easy, as we need not worry about expiring signatures.

What makes it a more hassle free solution is that we need Roles Based Access Controls (RBAC) which when combined with Azure AD can make the principle of ‘least privilege’ a reality. Why give someone extra access when they do not really need it.

I will show how this can be done using Azure Functions, but the principle/philosophy can be used in other scenarios too.

How to do it?

We used Azure Service Bus Queue/Topic Triggers extensively in my previous project. The triggers needs a connection Service Bus Connection string to read a message from the queue/topic

A typical Service Bus Trigger would look like:

public static class ServiceBusQueueTriggerCSharp1
{
[FunctionName(“ServiceBusQueueTriggerCSharp1”)]
public static void Run([ServiceBusTrigger(“myqueue”, Connection =…