Microsoft Azure Architect Design (AZ-304) Practice Test

What is one of the primary benefits of using a system-assigned managed identity in Azure?

• A. It allows for easy role assignment for resources
• B. It integrates directly with Azure Key Vault
• C. It can be reused across multiple subscriptions
• D. It provides a public IP address for services

The correct answer is: It integrates directly with Azure Key Vault

Using a system-assigned managed identity in Azure provides a primary benefit of integrating directly with Azure Key Vault. This integration simplifies the process of accessing secrets, such as passwords or cryptographic keys, in a secure manner. A managed identity allows Azure services to authenticate to Azure Key Vault without needing to manage separate credentials explicitly. The identity is tied to the resource that it is associated with, ensuring that only that specific resource can access the Key Vault secrets it is granted permissions for. This reduces the risk of credential leaks, enhances security, and makes automation much smoother since developers do not need to include credentials in their applications or code. The other options, while related to Azure's features, do not capture the distinct benefit of managed identities in the same way. For instance, while role assignment is relevant, the identity itself primarily streamlines the authentication process with key vaults rather than simplifying role management. Moreover, a system-assigned managed identity is tied to the Azure resource it is created for, which limits its reuse across multiple subscriptions. Lastly, managed identities do not provide a public IP address for services, as they are focused on identity and access management rather than networking configurations.