Enable user-assigned managed identities on lab virtual machines in Azure DevTest Labs
As a lab owner, you can enable user-assigned managed identities on your lab virtual machines (VMs) in Azure DevTest Labs.
A managed identity can be used to authenticate to any service that supports Microsoft Entra authentication, including Key Vault, without passing any credentials in the code. For more information on managed identities, see What is managed identities for Azure resources?.
With this feature, lab users can share Azure resources such as Azure SQL Database in the context of the lab. The authentication to the resource is taken care by the identity itself. Once configured, every existing/newly created lab VM will be enabled with this identity. Lab users can access resources once logged in to their machines.
Note
You can add multiple user assigned managed identities to be enabled on your lab VMs.
Use Azure portal
To add a user assigned managed identity for lab VMs, follow these steps:
Create a user-assigned managed identity in your subscription
Navigate to the Configuration and policies page for your lab.
Select Identity (Preview) on the left menu.
Select the Virtual machine tab.
Select Add to select an existing identity from a pre-populated dropdown list.
Select an existing user-managed identity from the dropped-down list, and select OK.
Use API
After creating an identity, note the resource ID of the identity. It should look like the following sample:
/subscriptions/0000000000-0000-0000-0000-00000000000000/resourceGroups/{rg}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}.Perform a PUT HTTPS method on the lab resource to add one or multiple user assigned identities to the managementIdentities field.
{ "location": "southeastasia", "properties": { ... "managementIdentities": { "/subscriptions/0000000000-0000-0000-0000-00000000000000/resourceGroups/{rg}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}": {} }, ... }, ... }
Next steps
To learn more about managed identities, see What is managed identities for Azure resources?.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for