mi-maxconf-test
mi-maxconf-prod
id-github-vbv-docs
:::
The platform uses user-assigned managed identities for runtime secret access and for GitHub deployment federation where applicable.
| Identity | Resource Group | Primary Use |
|---|
mi-maxconf-test | rg-application-test | Non-production workload identity for test resources |
mi-maxconf-prod | rg-application | Production workload identity for production resources |
id-github-vbv-docs | rg-shared-resources | GitHub deployment/auth automation for docs-related cloud operations |
- Function Apps and API Management use identity-based access to Key Vault instead of embedding secrets in code.
- CI/CD workflows use federated Azure login (
azure/login) with environment-scoped credentials.
- Identity assignments and role bindings should be reviewed whenever new Azure resources are introduced.
- Prefer least-privilege RBAC role scopes at resource-group or resource level.