Automation and Security go hand-in-hand in the Cloud services of today, and securely representing Azure Resources to the Authentication services that validate them is a common requirement.
In this hands-on lab, engineers create a User Assigned Managed Identity, deploy a virtual machine member server to Azure, and then attach the Managed Identity to it. In addition to utilizing the User Assigned Identity, a System Assigned Identity will also be enabled to demonstrate automation at work.
Successfully complete this lab by achieving the following learning objectives:
- Create a User Assigned Managed Identity
Create a User Assigned Managed Identity with the name of MythicalUAMI001. When creating it, use
West USwhen asked a location and a resource group; it should be the only available option.
- Create and Deploy a Virtual Machine
Note: Use ‘West US’ when asked location and asked for a resource group; the only available option.
Deploy a VM:
- The VM name can be anything (MythicalVM001 in this example)
- The VM should be imaged with Windows Server 2019.
- The VM Size should be
- Username/Password can be anything (mythicaladmin and Crystal1Montana! in this example).
- Change Public Inbound Ports to ‘None’.
- Set NIC NSG to
- Set Boot Diagnostics to
- Associate UAMI and enable SAMI
Browse to Identity Blade on Deployed VM:
- Associate previously created User Assigned Managed Identity.
- Enable System Assigned Managed Identity.