User-assigned vs System-assigned Managed Identities in Azure

Jul 29, 2022 · 1 min read · Post a comment

In one of the last Azure posts, I wrote about the differences between Service Principal and Managed Identities. Since there are two types of MIs – User-assigned and System-assigned, I’m going to cover them both broadly.

To start with, Managed Identity is a type of Service Principal that can be used only with Azure resources.

User-assigned Managed Identity

User-assigned Managed Identity can be used on multiple Azure resources as its lifecycle does not depend on them. Thus, you could deploy as many as you want user-assigned MIs and assign them to multiple Azure resources.

The only downside is that, mostly, you need to do everything manually. Create and remove them once they are not needed anymore.

System-assigned Managed Identity

On the opposite side, a System-assigned Managed Identity lifecycle is bound to the lifecycle of the related Azure resource. A 1:1 relationship where once the Azure resource is removed, the System-assigned MI is deleted along with it.

Considering that these MIs are automatically managed, you don’t need to clean anything up afterwards.


Feel free to leave a comment below and if you find this tutorial useful, follow our official channel on Telegram.