Creating a User Assigned Managed Identity in an ARM Template

October 02, 2020

I’m working on a new project that will use managed identities to access an SQL database from a function app. I chose to use a user-assigned identity to simplify our deployment scenario. We use deployment slots for zero downtime deployments and I want to assign a single identity to control database access across those slots.

I will post the complete ARM template later. For now, here is one that creates a user assigned identity and includes it’s client ID in the output.

{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"identityName": {
"type": "string",
"defaultValue": "[concat('uai-', uniqueString(resourceGroup().id))]",
"metadata": {
"description": "The name of the identity resource"
}
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.ManagedIdentity/userAssignedIdentities",
"name": "[parameters('identityName')]",
"apiVersion": "2018-11-30",
"location": "[resourceGroup().location]"
}
],
"outputs": {
"identityClientId": {
"type": "string",
"value": "[reference(resourceID('Microsoft.ManagedIdentity/userAssignedIdentities/',parameters('identityName')), '2018-11-30').clientId]"
}
}
}
view raw uai-deploy.json hosted with ❤ by GitHub


© 2020 Jesse Barocio. Built with Gatsby