Automation and Security go hand-in-hand in the Cloud services of today, and securely representing Azure Resources to the Authentication services that validate them is a common requirement.
In this hands-on lab, engineers create a User Assigned Managed Identity, deploy a virtual machine member server to Azure, and then attach the Managed Identity to it. In addition to utilizing the User Assigned Identity, a System Assigned Identity will also be enabled to demonstrate automation at work.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Create a User Assigned Managed Identity
Create a User Assigned Managed Identity with the name of MythicalUAMI001. When creating it, use
West USwhen asked a location and a resource group; it should be the only available option.- Create and Deploy a Virtual Machine
Note: Use ‘West US’ when asked location and asked for a resource group; the only available option.
Deploy a VM:
- The VM name can be anything (MythicalVM001 in this example)
- The VM should be imaged with Windows Server 2019.
- The VM Size should be
B2ms. - Username/Password can be anything (mythicaladmin and Crystal1Montana! in this example).
- Change Public Inbound Ports to ‘None’.
- Set NIC NSG to
Advanced. - Set Boot Diagnostics to
Off.
- Associate UAMI and enable SAMI
Navigate back to your Virtual Machine, then scroll down to the Identity link on the left-hand menu. Click Identity. There, attach the User assigned managed identity. Then enable System assigned managed identity.
