Which of the following workflows are suitable for using system-assigned identities in Azure?
A single-instance web application hosted on an Azure Virtual Machine, requiring access to an Azure SQL Database for storing user data. The identity is used to authenticate and authorize the VM to access the database without storing credentials in the code.
Three separate Azure Functions, each with a unique task such as processing orders, sending notifications, and generating reports. Each function requires access to different Azure resources, and the identity is used to manage permissions independently for each function.
An analytics application running exclusively on a single Azure VM, tasked with retrieving and processing data from Azure Blob Storage. The identity is used to authenticate the VM to the Blob Storage, allowing secure access without manual credential management.
A distributed e-commerce application running on multiple Azure VMs, all needing to access the same Azure Key Vault to retrieve encryption keys for securing customer data. The identity is shared across all VMs.
An Azure Logic App designed to automate the provisioning of new VMs for a development environment, requiring pre-authorization to a specific Azure Storage Account where deployment scripts are stored. The identity is used to grant immediate access to the storage account upon VM creation.
A containerized microservices application running on Azure Kubernetes Service, where containers are frequently scaled up and down. The identity ensures that permissions to access a shared Azure Queue remain consistent across all containers.
A cluster of VMs running a big data processing application, all needing to read and write data to the same Azure Data Lake for a weather analysis project. The identity is shared across all VMs, allowing them to collectively access the Data Lake with the same permissions.
Common use cases for system-assigned identities: