Secure access with managed identities

Implement Azure Security for Developers

Anushika Agarwal

Cloud Data Engineer

The problem with secrets

Risk of hardcoded secrets

Managed Identity

Managed Identity

Example - PeopleSphere HR app

Provisioning
- Azure auto-creates an identity
- No credentials or manual setup needed
Lifecycle
- Lifecycle ends with the resource
- Bound to a single resource
Access Control
- Assign roles via Azure RBAC

Provisioning
- Created as a standalone Azure resource
- One access policy, multiple resources
Lifecycle
- Reusable across multiple services
- Independent of any one resource
Access Control
- Assign roles via Azure RBAC

User-Assigned Managed Identity

Category	System-Assigned	User-Assigned
Provisioning	Created with the resource	Created as a separate resource
Lifecycle	Tied to the resource's lifecycle	Independent of resource lifecycle
Reusability	Cannot be shared across resources	Can be reused across services
Access	Uses Azure RBAC	Uses Azure RBAC
Use Case	Single-resource workloads	Multi-resource or pre-provisioned setups

Virtual Machines

App Services

Azure Functions

Key Vault

Azure Storage

Implement Azure Security for Developers