Azure
/
db-dsc-jobs
зеркало из https://github.com/Azure/db-dsc-jobs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Update README.md

This commit is contained in:
Ayman El-Ghazali 2020-07-07 12:43:06 -04:00 коммит произвёл GitHub
Родитель d4adf891c1
Коммит 37a1714215
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
1 изменённых файлов: 1 добавлений и 1 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
README.md
Просмотреть файл

@ -152,7 +152,7 @@ For Service Principal authentication, allowed methods are using a certificate as
During the testing of this application, a locally generated certificate was generated using this method: https://github.com/AzureAD/microsoft-authentication-library-for-python/wiki/Client-Credentials During the testing of this application, a locally generated certificate was generated using this method: https://github.com/AzureAD/microsoft-authentication-library-for-python/wiki/Client-Credentials
Managed Identity (or Managed Service Identity, MSI) is a specific resource either created indepently in Azure (user-generated) or is created and associated to a resource when it is created in Azure (system-managed). MSIs do not use the MSAL library but instead call a known endpoint from the resource it's associated to in Azure. In our testing, we created a managed identity and then associated to a VM. We are only able to successfully generate a token when calling the known endpoint from within that VM. The resouce scope is also a necessary part of that API call and is specific to Databricks. Managed Identity (or Managed Service Identity, MSI) is a specific resource either created indepently in Azure (user-generated) or is created and associated to a resource when it is created in Azure (system-managed). MSIs do not use the MSAL library but instead call a known endpoint from the resource it's associated to in Azure. In our testing, we created a managed identity and then associated it to a VM. We are only able to successfully generate a token when calling the known endpoint from within that VM. The resouce scope is also a necessary part of that API call and is specific to Databricks.
Personal Access Tokens allow for authenicating directly against the Databricks instance, since the token is generated from the service. Personal Access Tokens allow for authenicating directly against the Databricks instance, since the token is generated from the service.