DEV Community

Avelyn Hyunjeong Choi
Avelyn Hyunjeong Choi

Posted on

System assigned vs User assigned identity in Azure

User assigned identity

  • let the function app to read/manage azure resources
  • can be assigned to multiple resources and we have more flexibility when using user-assigned identity

System assigned identity

  • let the function app to connect to sql db using its own identity instead of username + password, which is less secure
  • solely used by one resource
  • with this, SQL_CONNECTION_STRING in configuration doesn't require to contain username or password. Instead, it sets Authentication to Active Directory Managed Identity
  • to be able to use this, you should

1.enable function app system assigned identity by clicking Identity> Status On

Image description

2.add user assigned identity

Image description

***NOTE: make sure to change IdentityId in configuration to the client (applicaton) Id of the user assigned identity

Image description

Image description

Image description

3.update SQL_CONNECTION_STRING in configuration to use Active Directory Managed Identity

Image description

4.In sql db, create a function app as sql user and make it as db_owner

CREATE USER [function app name] 
FROM EXTERNAL PROVIDER 
WITH DEFAULT_SCHEMA = dbo;  

ALTER ROLE db_owner ADD MEMBER [function app name];
Enter fullscreen mode Exit fullscreen mode

5.you can test your function code by clicking your function app > Code+Test > Test/Run > Run

Image description

6.you can see the result by clicking Monitor

Image description

Speedy emails, satisfied customers

Postmark Image

Are delayed transactional emails costing you user satisfaction? Postmark delivers your emails almost instantly, keeping your customers happy and connected.

Sign up

Top comments (0)

Image of Docusign

🛠️ Bring your solution into Docusign. Reach over 1.6M customers.

Docusign is now extensible. Overcome challenges with disconnected products and inaccessible data by bringing your solutions into Docusign and publishing to 1.6M customers in the App Center.

Learn more