5 docs tagged with "managed-identity"

Minimal Azure permissions required to run the Foundry connector pilot

How connectors actually run inside the SecurityV0 platform — VM topology, credential delivery chain (1Password → Key Vault → Managed Identity → VM env → broker → subprocess), scheduler/driver path, tenant isolation invariants, and failure topology. Complements 05-connectors.md (interface contract) with the runtime/infra view.

V2 revision of the Gemini validation: refined entity taxonomy proposing additional types (service_account, managed_identity, ephemeral_session, token_exchange, federation_trust, policy_statement, resource_hierarchy, materialized_edge, evidence_pack, connector_instance).

Plan to extend the azure-foundry connector to synthesize the data-plane authority chain (workload to RUNS_AS to identity to HAS_ROLE to role to GRANTS to permission to APPLIES_TO to resource) without platform-side changes.

Draft ADR (pending team discussion) on standardizing the platform's classification of Azure managed identities, currently labeled inconsistently across connectors as 'service principal' or 'machine account'.