Creating a User Assigned Managed Identity in an ARM Template

October 02, 2020

I’m working on a new project that will use managed identities to access an SQL database from a function app. I chose to use a user-assigned identity to simplify our deployment scenario. We use deployment slots for zero downtime deployments and I want to assign a single identity to control database access across those slots.

I will post the complete ARM template later. For now, here is one that creates a user assigned identity and includes it’s client ID in the output.

"$schema": "",
"contentVersion": "",
"parameters": {
"identityName": {
"type": "string",
"defaultValue": "[concat('uai-', uniqueString(resourceGroup().id))]",
"metadata": {
"description": "The name of the identity resource"
"variables": {},
"resources": [
"type": "Microsoft.ManagedIdentity/userAssignedIdentities",
"name": "[parameters('identityName')]",
"apiVersion": "2018-11-30",
"location": "[resourceGroup().location]"
"outputs": {
"identityClientId": {
"type": "string",
"value": "[reference(resourceID('Microsoft.ManagedIdentity/userAssignedIdentities/',parameters('identityName')), '2018-11-30').clientId]"
view raw uai-deploy.json hosted with ❤ by GitHub

© 2020 Jesse Barocio. Built with Gatsby