fcda64cd35
## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)
8 lines
722 B
Plaintext
8 lines
722 B
Plaintext
Disabling Managed Identities can reduce an organization's ability to protect itself against configuration faults and credential leaks.
|
|
|
|
Authenticating via managed identities to an Azure resource solely relies on an API call with a non-secret token. The process is inner to Azure: secrets used by Azure are not even accessible to end-users.
|
|
|
|
In typical scenarios without managed identities, the use of credentials can lead to mistakenly leaving them in code bases. In addition, configuration faults may also happen when storing these values or assigning them permissions.
|
|
|
|
By transparently taking care of the Azure Active Directory authentication, Managed Identities allow getting rid of day-to-day credentials management.
|