Since there is no straight forward way to add Managed Identity directly to the Azure service fabric, thinking of adding Managed Identity instead to the Azure VM Scaleset Instance which is in turn managed by the intended Azure service fabric instance. So that the Service Fabric applications (which eventually get deployed to those VMs of the Azure VM Scaleset Instance) can leverage Managed Identity provisioned for the Azure VM Scale set Instance, to access other Azure resources like Azure Key vault etc.
Is this right way of creating managed identity for the Azure service fabric applications? (or) is there any way of enabling managed identity for the Azure service fabric using Powershell or Azure portal?
Is there any way to restrict, Managed Identity only to certain application in Azure service fabric cluster but to not all applications?
Please clarify.