1. Answers
  2. Creating an Azure User-Assigned Managed Identity

How do I build an Azure msi userassignedidentity?

In this guide, we’ll walk through the creation of an Azure User-Assigned Managed Identity. A managed identity allows your applications to securely access resources that support Azure Active Directory (AAD) authentication. Here’s how you can set it up:

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const example = new azure.core.ResourceGroup("example", {
    name: "example-resources",
    location: "West Europe",
});
const exampleUserAssignedIdentity = new azure.authorization.UserAssignedIdentity("example", {
    name: "example-identity",
    resourceGroupName: example.name,
    location: example.location,
});
export const identityId = exampleUserAssignedIdentity.id;
export const identityClientId = exampleUserAssignedIdentity.clientId;
export const identityPrincipalId = exampleUserAssignedIdentity.principalId;

Explanation:

  1. Provider Configuration: The provider block defines the Azure provider and configures it with the required features.

  2. Resource Group: An Azure resource group to contain our resources. This is defined with a name and location.

  3. User-Assigned Managed Identity: This resource creates the user-assigned managed identity within the specified resource group and location.

  4. Outputs: Outputs are defined to expose the managed identity’s ID, Client ID, and Principal ID. These values are useful for referencing this identity in other scripts or later configurations.

This setup provides a user-assigned managed identity in Azure, which can then be used to grant access to various Azure resources securely without hardcoding credentials.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up