Which type of identity should you include in the recommendation?

You plan to deploy an application named App1 that will run on five Azure virtual machines.

Additional virtual machines will be deployed later to run App1.

You need to recommend a solution to meet the following requirements for the virtual machines that will run App1:

✑ Ensure that the virtual machines can authenticate to Azure Active Directory (Azure AD) to gain access to

✑ an Azure key vault, Azure Logic Apps instances, and an Azure SQL database.

✑ Avoid assigning new roles and permissions for Azure services when you deploy additional virtual machines.

✑ Avoid storing secrets and certificates on the virtual machines.

Which type of identity should you include in the recommendation?
A . a service principal that is configured to use a certificate
B. a system-assigned managed identity
C. a service principal that is configured to use a client secret
D. a user-assigned managed identity

View Answer

Answer: D

Explanation:

Managed identities for Azure resources is a feature of Azure Active Directory. User-assigned managed identity can be shared. The same user-assigned managed identity can be associated with more than one Azure resource.

Reference: https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview