Skip to content

Managed Identities

Setting up a system assigned identity

https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal-managed-identity

Adding roles for the managed identity

https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal

Networking Settings for Resources

NOTE: This has only been tested for an Azure Storage resource.

In the "Networking" settings of the resource the VM needs to access, the following settings need checked.

  1. Ensure "Public Network Access" is set to "Enabled from selected virtual networks and IP addresses"

  2. Add the vnet of the virtual machine using "Add Existing Virtual Network". Select the "default" subnet and click "Enable". Azure may give a message that it needs to set up the endpoints, go through with this if it does.

  3. Add the public ip address of the VM to the "Firewall" section.

  4. Ensure that the "Allow Azure services on the trusted services list to access this storage account." is checked under the "Exceptions" section.

  5. Use "Microsoft Network Routing" in the "Network Routing" section.

  6. Finally, make sure to save the config changes at the top of the page.