From a3ebcc715d19b7dc096c9957075779c6f1ec8cc8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C3=ABl=20Hompus?= Date: Sat, 28 Nov 2020 16:35:46 +0100 Subject: [PATCH] Update azure-keyvault-managed-identity.md (#952) * Fix some typos * Improve text style --- .../azure-keyvault-managed-identity.md | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/daprdocs/content/en/operations/components/setup-secret-store/supported-secret-stores/azure-keyvault-managed-identity.md b/daprdocs/content/en/operations/components/setup-secret-store/supported-secret-stores/azure-keyvault-managed-identity.md index f2eb167a8..06ae8a853 100644 --- a/daprdocs/content/en/operations/components/setup-secret-store/supported-secret-stores/azure-keyvault-managed-identity.md +++ b/daprdocs/content/en/operations/components/setup-secret-store/supported-secret-stores/azure-keyvault-managed-identity.md @@ -30,7 +30,7 @@ description: How to configure Azure Key Vault and Kubernetes to use Azure Manage 3. Create the managed identity(Optional) - This step is required only if the AKS Cluster is provisoned without the flag "--enable-managed-identity". If the cluster is provisioned with manahed identity, than is suggested to use the autogenerated managed identity that is associated to the Resource Group MC_*. + This step is required only if the AKS Cluster is provisoned without the flag "--enable-managed-identity". If the cluster is provisioned with a managed identity, then it is suggested to use the autogenerated managed identity that is associated to the Resource Group MC_*. ```bash $identity = az identity create -g [your resource group] -n [you managed identity name] -o json | ConvertFrom-Json @@ -45,7 +45,7 @@ description: How to configure Azure Key Vault and Kubernetes to use Azure Manage 4. Retrieve Managed Identity ID - The two main scenario are: + The two main scenarios are: - Service Principal, in this case the Resource Group is the one in which is deployed the AKS Service Cluster ```bash @@ -67,7 +67,9 @@ description: How to configure Azure Key Vault and Kubernetes to use Azure Manage ``` 6. Assign the Managed Identity Operator role to the AKS Service Principal - Refer to previous step about the Resource Group to use and which identity to assign + + Refer to the previous step about the Resource Group to use and which identity to assign. + ```bash az role assignment create --role "Managed Identity Operator" --assignee $clientId --scope /subscriptions/[your subscription id]/resourcegroups/[your resource group] @@ -124,7 +126,7 @@ In Kubernetes mode, you store the certificate for the service principal into the 1. Create azurekeyvault.yaml component file - The component yaml uses the name of your key vault and the Cliend ID of the managed identity to setup the secret store. + The component yaml uses the name of your key vault and the Client ID of the managed identity to setup the secret store. ```yaml apiVersion: dapr.io/v1alpha1 @@ -148,10 +150,10 @@ In Kubernetes mode, you store the certificate for the service principal into the ``` ## References -- [Azure CLI Keyvault CLI](https://docs.microsoft.com/en-us/cli/azure/keyvault?view=azure-cli-latest#az-keyvault-create) +- [Azure CLI Key Vault CLI](https://docs.microsoft.com/en-us/cli/azure/keyvault?view=azure-cli-latest#az-keyvault-create) - [Create an Azure service principal with Azure CLI](https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli?view=azure-cli-latest) - [AAD Pod Identity](https://github.com/Azure/aad-pod-identity) - [Secrets building block]({{< ref secrets >}}) - [How-To: Retreive a secret]({{< ref "howto-secrets.md" >}}) - [How-To: Reference secrets in Dapr components]({{< ref component-secrets.md >}}) -- [Secrets API reference]({{< ref secrets_api.md >}}) \ No newline at end of file +- [Secrets API reference]({{< ref secrets_api.md >}})