You plan to deploy an application named App1 that will run on five Azure virtual machines. Additional virtual machines will be deployed later to run App1.
You need to recommend a solution to meet the following requirements for the virtual machines that will run App1:
– Ensure that the virtual machines can authenticate to Azure Active Directory (Azure AD) to gain access to an Azure key vault, Azure Logic Apps instances, and an Azure SQL database.
– Avoid assigning new roles and permissions for Azure services when you deploy additional virtual machines.
– Avoid storing secrets and certificates on the virtual machines.
Which type of identity should you include in the recommendation?
A . a service principal that is configured to use a certificate
B . a system-assigned managed identity
C . a service principal that is configured to use a client secret
D . a user-assigned managed identity
Answer: D
Explanation:
Managed identities for Azure resources is a feature of Azure Active Directory.
User-assigned managed identity can be shared. The same user-assigned managed identity can be associated with more than one Azure resource.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
Leave a Reply