You are designing an architecture where an Azure App Service web app needs to securely access an Azure SQL Database. You want to eliminate the need for developers to manage credentials or connection strings. The identity used for access must be tied to the lifecycle of the App Service and deleted automatically if the App Service is deleted. What should you use?

Answer options:

A user-assigned managed identity.

A system-assigned managed identity.

An Azure AD Service Principal.

Azure Key Vault secrets.

How to approach this question

Differentiate between system-assigned and user-assigned managed identities based on lifecycle.

Full Answer

B.A system-assigned managed identity.✓ Correct

A system-assigned managed identity.

System-assigned managed identities are created in Microsoft Entra ID and are tied directly to the lifecycle of an Azure resource. When the resource is deleted, the identity is automatically deleted.

Common mistakes

Choosing user-assigned managed identity, which persists after resource deletion.

Question 13 All questions Question 15

Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 6

55 questions · hints · full answers · grading

More questions from this exam

Q01Contoso Ltd is a global manufacturing company with 50,000 employees. They operate a mix of on-pre...Medium Q02A financial institution has 500 Windows Server VMs on-premises and 200 VMs in Azure. They need to...Hard Q03An enterprise uses Azure Sentinel and Log Analytics. They ingest 500 GB of logs daily. The IT bud...Hard Q04You are designing a monitoring strategy for a new Azure deployment consisting of App Service, Azu...Easy Q05A healthcare company uses Microsoft Entra ID (Azure AD). They need to implement a security policy...Medium

View all 55 questions →