Use AAD authentication with Service Fabric clusters#
Security · Service Fabric · 2021_03
Use Azure Active Directory (AAD) client authentication for Service Fabric clusters.
Description#
When deploying Service Fabric clusters on Azure, AAD can optionally be used to secure management endpoints. If configured, client authentication (client-to-node security) uses AAD. Additionally Azure Role-based Access Control (RBAC) can be used to delegate cluster access.
For Service Fabric clusters running on Azure, AAD is recommended to secure access to management endpoints.
Recommendation#
Consider enabling Azure Active Directory (AAD) client authentication for Service Fabric clusters.
Notes#
For Linux clusters, AAD authentication must be configured at cluster creation time. Windows cluster can be updated to support AAD authentication after initial deployment.
Links#
- Security recommendations
- Set up Azure Active Directory for client authentication
- Configure Azure Active Directory Authentication for Existing Cluster