Chasing DevOps

A blog about software development, DevOps, and delivering value.

Creating a User Assigned Managed Identity in an ARM Template

I’m working on a new project that will use managed identities to access an SQL database from a function app. I chose to use a user-assigned identity to simplify our deployment scenario. We use deployment slots for zero downtime deployments and I want to assign a single identity to control database access across those slots.

I will post the complete ARM template later. For now, here is one that creates a user-assigned identity and includes its client ID in the output.

{
“$schema”: https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#,
“contentVersion”: 1.0.0.0,
“parameters”: {
“identityName”: {
“type”: string,
“defaultValue”: [concat(‘uai-‘, uniqueString(resourceGroup().id))],
“metadata”: {
“description”: The name of the identity resource
}
}
},
“variables”: {},
“resources”: [
{
“type”: Microsoft.ManagedIdentity/userAssignedIdentities,
“name”: [parameters(‘identityName’)],
“apiVersion”: 2018-11-30,
“location”: [resourceGroup().location]
}
],
“outputs”: {
“identityClientId”: {
“type”: string,
“value”: [reference(resourceID(‘Microsoft.ManagedIdentity/userAssignedIdentities/’,parameters(‘identityName’)), ‘2018-11-30’).clientId]
}
}
}
view raw uai-deploy.json hosted with ❤ by GitHub

Leave a Reply

Your email address will not be published.

Jesse Barocio

Software developer, DevOps engineer, and productivity tool nut. Continuously improving. Have a question or problem you need solved? Email me!