question

bombbe avatar image
0 Votes"
bombbe asked AlanKinane answered

Run As Account vs Managed Identities

I just saw update that Azure Automation support for Managed Identities is now generally available (azure-automation-managed-identities-ga). What are real benefits using Managed Identities vs Run As accounts? I still need to give permission to mg/subscription/rg level if I want control resources in many subscriptions. One benefit that I came up with is that if you use managed identities you don't need to renew certificates like you need to do with run as account and I don't have to specify the Run As connection object in your runbook code but that's like few lines of code which is really easy to copy + paste to new runbooks.


So do Managed Identities in reality offer something really good benefits so we could considered to migrate existing Run As accounts to Managed identities?


azure-automation
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

AlanKinane avatar image
0 Votes"
AlanKinane answered

I think you've answered your own question. Managed Identities require less maintenance than run as accounts as the credentials are managed for you by Azure. You enabled the managed identity and just assign the required access, Azure will look after the rest including renewals like you said.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.