You are deploying a couple of virtual machines that will access Azure Key Vault and Azure SQL Database. Later on you plan to add additional virtual machines. What solution will you use to make sure that no secrets will be stored on the virtual machines, you minimize the administrative effort and don't need to assign new roles and permissions when new virtual machines are added?
Experience Level: Senior
Tags: Azure Active DirectoryAzure CloudAzure Key VaultAzure SQL Database
Answer
Use user-assigned identity and configure its permissions. When a new virtual machine is created, make it use the user-assigned identity. This way it will have the previously configured permissions that is shared by all virtual machines that share the user-assigned identity.
Related Azure Cloud job interview questions
According to Microsoft Cloud Adoption Framework (CAF), what are the three specific terms related to Management phaze that can help improve conversations among business stakeholders?
Microsoft Cloud Adoption Framework (CAF) JuniorWhat are 6 key steps for establishing a management baseline according to Microsoft Cloud Adoption Framework (CAF)?
Microsoft Cloud Adoption Framework (CAF) JuniorWhat is management baseline according to Microsoft Cloud Adoption Framework (CAF)?
Microsoft Cloud Adoption Framework (CAF) JuniorWhat are the 5 disciplines of cloud governance according to Microsoft Cloud Adoption Framework (CAF)?
Microsoft Cloud Adoption Framework (CAF) JuniorIs Cloud Security Posture Management (CSPM) available for all Azure Subscriptions?
Microsoft Defender Junior