I am really struggling regarding my Azure SQL configuration. I have an app I want to move from a prototype to production and I want to use Azure SQL Database with Managed Identities and SQL Authentication with App Services so I don't need to deal w/passwords. I was reading these two articles, E2E DevOps for Azure SQL with Managed Identities and Secure Configuration in Azure with Managed Identity. This Microsoft document on Azure Active Directory service principal with Azure SQL was referenced which referenced Assign Azure AD roles to groups. As I was going through the latter and following along, I could not create assignments because I don't have AAD P1 or p2. Is that require? I am trying to do this all in bicep and wish there was a script for it. Does anybody have one?
The two articles referenced have additional components (DevOps integration for one and KeyVault/App Configuration for the other which might have complicated the explanations. I guess the key is accessing the database from App Service using Managed Identity. That alone would be helpful. I expect Azure AD Authentication is required for this but am not sure if that's the path that was chosen by the authors or if it was required?
I guess the other question is how to develop on my local machine if this is set up and I am not connecting through the Azure App Services Managed Identity.
Has anybody overcome all these questions to get this up and running?
