Question 1

You are designing an architecture for a multi-tier application. The application runs on a cluster of 10 Azure Virtual Machines that are part of a Virtual Machine Scale Set (VMSS).

The application needs to securely retrieve database connection strings from Azure Key Vault. The VMs are frequently scaled in and out based on demand. You need to design an identity solution for the VMs to authenticate to Key Vault that minimizes administrative overhead and prevents credential leakage.

Which identity solution should you recommend?

Accepted Answer

Differentiate between System-assigned (1:1 relationship with a resource) and User-assigned (1:N relationship, good for scale sets).

Question 2

What mistakes do candidates make on this AZ-305 question?

Accepted Answer

Choosing System-assigned managed identity because it's the default for single VMs, without considering the scaling dynamics of a VMSS.

How to approach this question

Full Answer

Common mistakes

Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 1

More questions from this exam