Problem

Very similar to IAM profiles on AWS, Azure uses Managed Identities to set default credentials on instances to give permissions for things like storage and container access. It would be very helpful to be able to somehow pass these through so they're set by dstack on the spun up instances.

Solution

Presumably similar to the solution for this feature: #2345 it could be set per project::backend or if for some reason it would be easier, per fleet::configuration could work too.

Something that would presumably pass the managed identity through to the Resource Management template (ARM) that I assume is used to spin up the underlying instances.

Workaround

Manually passing credentials straight into the machine should work. But I think would be less secure, or at least leaves open space for more insecure human screw ups.

Would you like to help us implement this feature by sending a PR?

No