I was wondering if I can get some direction on this problem. I have an Azure Rest API that I only want a few of my Azure Web Apps access to. I thought if I deny anonymous on the Rest API and set up the Web Apps' service principals in AAD I would be able to achieve this. Most of the examples I seen require the user of the Web App to login which is not a requirement for what I am doing. Essentially the Web Apps are the only consumers and I know their Service Principal information but I can't figure the next step. Thanks
问问题
140 次
1 回答
0
一种可能的解决方案是使用Managed Service Identity. 本质上,您将为您的 WebApps 分配一个身份,然后只允许从这些身份访问 API。
您可以在此处找到有关托管服务标识的更多信息:https ://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview和https://docs.microsoft.com /en-us/azure/app-service/overview-managed-identity?tabs=dotnet。
于 2020-01-29T14:19:02.223 回答