What is the use of Managed Identity with App Service Environment?
What is the use of Managed Identity with App Service Environment (ASE)?
We have an option to set managed Identity with App services, Logic apps, functions app, which I can use to define RBAC for all my resources, now if I am creating my app services resources into ASE which also has an option to set managed identity then what is the purpose of that managed identity configuration?
How to use that configuration?
What is the use of Managed Identity with App Service Environment (ASE)?
I agree with @Harshitha, According to this reference document on App Service Environment Managed Identity in ASE is used to authenticate against the Azure Key Vault, which has the SSL/TLS certificate. You'll need to configure a managed identity if your App Service Environment doesn't already have one to store your custom domain's pfx certificate in Key vault by giving access to ASE's managed identity to access the certificate and then later use it while creating a custom domain in your ASE as given in the document link.
You can enable System assigned managed identity in ASE environment like below and allow it to access the Key vault.
Assign the ASE managed identity principal to access the key vault by giving it proper roles to access Key vault secrets, keys and certificates in Access Policies like below:-
You can add the ASE managed identity application as Principal or Application any, If you select it as principal no need to select it as Application any option will work.
Now, Store your custom domain certificate in Key vault Certificates and access it while creating your custom domain prefix in ASE:-
1) Add Custom Domain name:-
2) Select your ASE managed Identity:-
3) Select the Key vault with the custom domain certificate:-
