How do I implement Managed Identity authentication for zero secrets?
Event Hub, Service Bus, and Blob Storage sinks support Managed Identity: 1) Assign System-Assigned or User-Assigned Managed Identity to Azure Function App, 2) Grant identity "Azure Event Hubs Data Sender" role (Event Hub) / "Azure Service Bus Data Sender" role (Service Bus) / "Storage Blob Data Contributor" role (Blob Storage), 3) Serilog config: new EventHubProducerClient("namespace.servicebus.windows.net", "hubname", new DefaultAzureCredential())—zero connection strings in code/config. Passes security audits—no secrets in source control, Key Vault, environment variables.
Related Questions
See all FAQs: [Troubleshooting Overview][]