azure-active-directory-service-principal-secret node sequelize migrations

Question

I'm connecting db with service principal by using below method in express using link

but while running migrations it will establish connection from db.config file where db.config file contains

  "development": {
"username": process.env.DB_USER,
"password": process.env.DB_PASSWORD,
"database": process.env.DB_DATABASE,
"host": process.env.DB_HOST,
"dialect": "mssql",
"logging": false

},

so how to configure the db.config file for service principal method

Answer 1

how to configure the db.config file for service principal method

Follow the below steps to configure the db.config file for service principal method:

• Create an App registration as shown below

• Provide name of the application and click on Register:

• Note the ClientId and TenantId after registering

• Generate the client secret which is present in Certificates & Secrets and note the secretId.

• Grant permissions to the Service Principal which you have created. To grant permission, navigate to the Access control which is present in the Azure server and go to Add role assignment as shown below.

• Select role which is needed to access the db. I selected SQL DB Contributor role.

• After selecting the role, select the member to which you want to assign the role.

After adding the role assignment, now provide the required config details accordingly in the db.config

module.exports = {
    development: {
      username: 'admin1',
      password: '*****',
      database: 'db1',
      host: 'server6391.database.windows.net',
      dialect: 'mssql',
      logging: false, // Set to true for Sequelize query logging
  
      authentication: {
        type: 'azure-active-directory-msi-app-service',
        options: {
          resource: 'https://database.windows.net/',
          tenantId: '******',
          clientId: '******'
        }
      }
    }
  };  

By running your node application it will connect successfully to the db as you can see in the output below.