-
Notifications
You must be signed in to change notification settings - Fork 418
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
After upgrade to 8.2.0 AddAzureServiceBus disabled "Local Authentication" (SAS) #5494
Comments
Part of our "secure by default" initiative (#4938): You should be able to turn it back on with: builder.AddAzureServiceBus("sb")
.ConfigureConstruct(c =>
{
#pragma warning disable AZPROVISION001 // Type is for evaluation purposes only and is subject to change or removal in future updates. Suppress this diagnostic to proceed.
var ns = c.GetSingleResource<ServiceBusNamespace>()!;
ns.AssignProperty(p => p.DisableLocalAuth, "false");
future updates. Suppress this diagnostic to proceed.
}) |
This change happened in #4938. It is part of our security work to make the Azure resources meet best practices. It is a best practice to use managed identity to connect to Azure Service Bus. See https://learn.microsoft.com/security/benchmark/azure/baselines/service-bus-security-baseline?toc=%2Fazure%2Fservice-bus-messaging%2FTOC.json#im-3-manage-application-identities-securely-and-automatically. By default, your Aspire app will use managed identity to connect to the Service Bus. So local authentication was disabled. To keep this enabled, you can use this experimental API: #pragma warning disable AZPROVISION001 // Need to use the experimental API to customize the service bus namespace
var sb = builder.AddAzureServiceBus("servicebus", (_, _, serviceBusNamespace) =>
{
serviceBusNamespace.AssignProperty(p => p.DisableLocalAuth, "false");
})
#pragma warning restore AZPROVISION001 // Need to use the experimental API to customize the service bus namespace |
Closing as answered. Feel free to re-open if this doesn't help. |
@eerhardt do we put this elsewhere? |
Docs and release notes |
Thanks guys! |
Is there an existing issue for this?
Describe the bug
After upgrade to 8.2.0 out Azure ServiceBus "Local Authentication" was disabled.
How can we configure the appHost to keep this enabled?
// Ryan
Expected Behavior
No response
Steps To Reproduce
No response
Exceptions (if any)
No response
.NET Version info
No response
Anything else?
No response
The text was updated successfully, but these errors were encountered: