You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: extensions/use-pod-identity-mid/README.md
+14-12Lines changed: 14 additions & 12 deletions
Original file line number
Diff line number
Diff line change
@@ -10,8 +10,8 @@ In this sub-project, you will work on completing the following tasks.
10
10
11
11
- Install *AAD Pod Identity* components on AKS cluster
12
12
- Configure Azure SQL Database to allow *Managed Identity* access to resources (eg., Database Tables)
13
-
- Deploy AAD Pod Identity application resoureces on AKS
14
-
-Configure the Claims Web API application to retrieve data from Azure SQL Database Tables using Azure *Managed Identity*
13
+
- Deploy AAD Pod Identity application resources on AKS
14
+
-Deploy the Claims Web API application on AKS
15
15
16
16
**Functional Diagram:**
17
17
@@ -158,10 +158,10 @@ To allow **Managed Identity** access to Azure SQL Database resources (eg., Table
158
158
159
159

160
160
161
-
## C. Deploy AAD Pod Identity resoureces on AKS
161
+
## C. Deploy AAD Pod Identity resources on AKS
162
162
**Approx. time to complete this section: 10 minutes**
163
163
164
-
1. Create a new Kubernetes namespace for deploying Claims Web API application;
164
+
1. Create a new Kubernetes namespace for deploying Claims Web API application.
165
165
166
166
```bash
167
167
# Create a new Kubernetes namespace 'dev-claims-mid' for deploying the Claims Web API application
@@ -204,10 +204,12 @@ To allow **Managed Identity** access to Azure SQL Database resources (eg., Table
204
204
#
205
205
```
206
206
207
-
## E. Deploy the Claims Web API application
208
-
**Approx. time to complete this section: 20 minutes**
207
+
## D. Deploy the Claims Web API application on AKS
208
+
**Approx. time to complete this section: 30 minutes**
209
+
210
+
Login to the Linux VM (Bastion Host) via an SSH terminal window.
209
211
210
-
Login to the Linux VM (Bastion Host) via an SSH terminal window. Execute the steps below to deploy the Claims Web API application on AKS.
212
+
Execute the steps below to deploy the Claims Web API application on AKS.
211
213
212
214
1. Modify the Claims Web API application configuration file.
213
215
@@ -243,7 +245,7 @@ Login to the Linux VM (Bastion Host) via an SSH terminal window. Execute the st
243
245
244
246
3. Define and execute an Build Pipeline in Azure DevOps.
245
247
246
-
Login to [Azure DevOps Services](https://dev.azure.com/) and define a simple *Pipeline*. This pipeline should contain 2 tasks as detailed below.
248
+
Login to [Azure DevOps Services](https://dev.azure.com/) and define a simple *Pipeline*. The pipeline should contain 2 tasks as detailed below.
247
249
248
250
- Docker **Build** Task: This task builds the Claims Web API application and application container image.
249
251
- Docker **Push** Task: This task pushes the built application container image to ACR.
@@ -253,14 +255,14 @@ Login to the Linux VM (Bastion Host) via an SSH terminal window. Execute the st
253
255
254
256
Log back into the Linux VM.
255
257
256
-
Switch to the extensions directory `./extensions/use-pod-identity-mid`. Edit the Kubernetes application deployment manifest `./k8s-resources/deployment.yaml`. Update this file and specify correct values for attributes listed in the table below.
258
+
Switch to this project extensions directory `./extensions/use-pod-identity-mid`. Edit the Kubernetes application deployment manifest `./k8s-resources/deployment.yaml`. Specify correct values for attributes listed in the table below.
257
259
258
260
| Attribute Name | Description |
259
261
| -------------- | ----------- |
260
262
acr-name | Name of the Azure Container Registry instance |
261
-
tag-name | Azure DevOps Pipeline **Build ID**. Get the latest build ID from ACR. |
263
+
tag-name | Azure DevOps Pipeline **Build ID**. Login to Azure Portal. Get the latest build ID from ACR**claims-api** repository. |
262
264
263
-
In case you have deployed an Ingress Controller (Nginx / Traefik) on the AKS cluster, you can also expose the API endpoint on the ingress controller by defining and deploying an *Ingress* resource (left as an exercise).
265
+
In case you have deployed an Ingress Controller (Nginx / Traefik) on the AKS cluster, you can also expose the API endpoint on the ingress controller by deploying an *Ingress* resource (left as an exercise).
264
266
265
267
5. Create a new Kubernetes namespace for deploying Claims Web API with Managed Identity.
266
268
@@ -296,4 +298,4 @@ Login to the Linux VM (Bastion Host) via an SSH terminal window. Execute the st
296
298
297
299
Access the Claims Web API service using a browser eg., http://[ALB Public IP]/api/v1/claims.
298
300
299
-
Congrats! In this extension, you installed **AAD Pod Identity** components on the AKS Cluster. You then configured the Claims Web API application to retrieve an OAuth token from Azure AD using **Managed Identity**. This token was used by the application to authenticate to Azure SQL Server. Finally, you deployed the application on AKS and verified the application is able to retrieve and send Claims documents to the SQL Database.
301
+
Congrats! In this project extension, you installed **AAD Pod Identity** components on the AKS Cluster. You then configured the Claims Web API application to retrieve an OAuth token from Azure AD using **Managed Identity**. This token was used by the application to authenticate to Azure SQL Server. Finally, you deployed the application on AKS and verified the application is able to retrieve and send Claims documents to the SQL Database.
0 commit comments