| author | azure-quantum-content |
|---|---|
| description | This document provides instructions on how to authenticate in your Azure Quantum workspace using a managed identity. |
| ms.author | quantumdocwriters |
| ms.date | 06/18/2024 |
| ms.service | azure-quantum |
| ms.subservice | core |
| ms.topic | how-to |
| title | Authenticate Using a Managed Identity |
| uid | microsoft.quantum.optimization.authenticate-managed-identity |
| ms.custom | sfi-image-nochange |
There are several scenarios where it is unsuitable to use interactive authentication or to authenticate as a user account. For example, you may want to submit jobs from a virtual machine (VM), or from a Function App. One option is to authenticate using a service principal, another option is to configure a managed identity, which this article will explain.
A managed identity allows an application to access other Azure resources (such as your Azure Quantum workspace) and authenticate with these resources.
To configure a managed identity:
- Via the Azure portal, locate the resource that you wish to give access to. This resource may be a VM, a Function App, or other application.
- Select the resource, and view the overview page.
- Under Settings, select Identity.
- Configure the Status setting to On.
- Select Save to persist your configuration and confirm the opening dialog with Yes.
In order to allow the resource to access your Azure Quantum workspace:
-
Navigate to your Azure Quantum workspace and select Access control (IAM) from the left-side menu.
-
Select Add and Add role assignment.
:::image type="content" source="media/how-to-publish-qio-job-as-azurefunction/prepare-cloud-env-3.png" alt-text="Screenshot showing how to create a new role assignment on your Azure Quantum workspace.":::
-
On the Add role assignment page, select Contributor and select Next.
-
On the Members tab, in Assign access to, select Managed Identity, and then select + Select members.
-
In the Select managed identities popup, select a category from the Managed identity dropdown.
-
Select the desired resource from the list and click Select.
-
Select Next and then select Review and assign.
You should now be able to use your quantum workspace from your chosen resource. For example when using your workspace from within a VM, you will no longer need to authenticate each time.
In some cases, you may also want to specify explicitly within the code to use a Managed Identity Credential:
from azure.identity import ManagedIdentityCredential
from qdk.azure import Workspace
workspace = Workspace (
resource_id = "",
credential=ManagedIdentityCredential()
)