Question 1

You are designing an application architecture where an application running on an Azure Virtual Machine needs to retrieve database connection strings securely from Azure Key Vault.

The security team mandates that no credentials or secrets used to authenticate to the Key Vault can be stored in the VM's code or configuration files. The identity used must be tied to the lifecycle of the VM.

Which identity solution should you use?

Accepted Answer

Differentiate between System-assigned (tied to resource lifecycle) and User-assigned (independent lifecycle) managed identities.

Question 2

What mistakes do candidates make on this AZ-305 question?

Accepted Answer

Confusing system-assigned and user-assigned identities. Remember: System = 1:1 relationship with resource lifecycle. User = 1:Many relationship, independent lifecycle.

How to approach this question

Full Answer

Common mistakes

Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 2

More questions from this exam