This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 56.00000000000001%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
I just saw update that Azure Automation support for Managed Identities is now generally available (azure-automation-managed-identities-ga). What are real benefits using Managed Identities vs Run As accounts? I still need to give permission to mg/subscription/rg level if I want control resources in many subscriptions. One benefit that I came up with is that if you use managed identities you don't need to renew certificates like you need to do with run as account and I don't have to specify the Run As connection object in your runbook code but that's like few lines of code which is really easy to copy + paste to new runbooks.
So do Managed Identities in reality offer something really good benefits so we could considered to migrate existing Run As accounts to Managed identities?
I think you've answered your own question. Managed Identities require less maintenance than run as accounts as the credentials are managed for you by Azure. You enabled the managed identity and just assign the required access, Azure will look after the rest including renewals like you said.