| title | description | ms.topic | ms.author | author | ms.service | services | ms.date |
|---|---|---|---|---|---|---|---|
Configure managed identity support for a new Service Fabric cluster |
Here's how to enable managed identities support in a new Azure Service Fabric cluster |
how-to |
tomcassidy |
tomvcassidy |
service-fabric |
service-fabric |
07/11/2022 |
To use Managed identities for Azure resources in your Service Fabric applications, first enable the Managed Identity Token Service on the cluster. This service is responsible for the authentication of Service Fabric applications using their managed identities, and for obtaining access tokens on their behalf. Once the service is enabled, you can see it in Service Fabric Explorer under the System section in the left pane, running under the name fabric:/System/ManagedIdentityTokenService next to other system services.
Note
Service Fabric runtime version 6.5.658.9590 or higher is required to enable the Managed Identity Token Service.
To enable the Managed Identity Token Service at cluster creation time, add the following snippet to your cluster Azure Resource Manager template:
"fabricSettings": [
{
"name": "ManagedIdentityTokenService",
"parameters": [
{
"name": "IsEnabled",
"value": "true"
}
]
}
]If the deployment fails with this message, it means the cluster is not on the required Service Fabric version (the minimum supported runtime is 6.5 CU2):
{
"code": "ParameterNotAllowed",
"message": "Section 'ManagedIdentityTokenService' and Parameter 'IsEnabled' is not allowed."
}-
Review managed identity support in Azure Service Fabric
-
Enable managed identity support in an existing Azure Service Fabric cluster
- Deploy an Azure Service Fabric application with a system-assigned managed identity
- Deploy an Azure Service Fabric application with a user-assigned managed identity
- Leverage the managed identity of a Service Fabric application from service code
- Grant an Azure Service Fabric application access to other Azure resources