You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/container-apps/dapr-component-connect-services.md
+3-4Lines changed: 3 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,7 +8,7 @@ ms.service: azure-container-apps
8
8
ms.subservice: dapr
9
9
ms.custom: build-2023
10
10
ms.topic: concept-article
11
-
ms.date: 02/03/2026
11
+
ms.date: 03/26/2026
12
12
---
13
13
14
14
# Connect to other Azure or partner services by using Dapr components
@@ -19,15 +19,14 @@ Before getting started, learn more about the [offered support for Dapr component
19
19
20
20
## Recommendations
21
21
22
-
Whenever possible, it's recommended that you use Azure components that provide managed identity support for the most secure connection. Use Azure Key Vault secret stores *only* when managed identity authentication isn't supported.
22
+
For the most secure connection, we recommended that you use Azure components that provide managed identity support whenever possible. Use Azure Key Vault secret stores *only* when managed identity authentication isn't supported.
23
23
24
24
| Service type | Recommendation |
25
25
| ------------ | -------------- |
26
26
| Azure component with managed identity support |[Use the managed identity flow (recommended)](#use-managed-identity-recommended)|
27
27
| Azure component without managed identity support |[Use an Azure Key Vault secret store](#azure-key-vault-secret-stores)|
28
28
| Non-Azure components |[Use an Azure Key Vault secret store](#azure-key-vault-secret-stores)|
29
29
30
-
31
30
## Use managed identity (recommended)
32
31
33
32
For Azure-hosted services, Dapr can use the [managed identity of the scoped container apps][aca-managed-id] to authenticate to the backend service provider. When using managed identity, you don't need to include secret information in a component manifest. *Using managed identity is recommended* as it eliminates storage of sensitive input in components and doesn't require managing a secret store.
@@ -72,7 +71,7 @@ scopes:
72
71
73
72
#### Platform-managed Kubernetes secrets
74
73
75
-
As an alternative to Kubernetes secrets, local environment variables, and local file Dapr secret stores, Azure Container Apps provides a platform-managed approach for creating and using Kubernetes secrets. This approach can be used to connect to non-Azure services or in dev/test scenarios for quickly deploying components via the CLI without setting up a secret store or managed identity.
74
+
As an alternative to Kubernetes secrets, local environment variables, and local file Dapr secret stores, Azure Container Apps provides a platform-managed approach for creating and using Kubernetes secrets. This approach can be used to connect to non-Azure services. Or, in dev/test scenarios it can be used for quickly deploying components via the CLI without setting up a secret store or managed identity.
76
75
77
76
This component configuration defines the sensitive value as a secret parameter that can be referenced from the metadata section.
0 commit comments