Complete the code to assign a system-assigned managed identity to an Azure VM.
az vm create --resource-group myResourceGroup --name myVM --image UbuntuLTS --assign-identity [1]Setting --assign-identity true enables a system-assigned managed identity for the VM.
Complete the code to assign a user-assigned managed identity to an Azure VM.
az vm identity assign --resource-group myResourceGroup --name myVM --identities [1]The --identities parameter requires the full resource ID of the user-assigned managed identity.
Fix the error in the code to enable managed identity on an Azure App Service.
az webapp identity assign --resource-group myResourceGroup --name myAppService --identities [1]For App Service, use system to enable system-assigned managed identity.
Fill both blanks to create a role assignment for a managed identity with Reader role on a resource group.
az role assignment create --assignee [1] --role [2] --scope /subscriptions/xxxx/resourceGroups/myResourceGroup
The --assignee is the managed identity's principal ID, and --role is set to 'Reader' to grant read access.
Fill all three blanks to retrieve an access token for a managed identity and use it to call Azure REST API.
token=$(az account get-access-token --resource [1] --query accessToken -o tsv) curl -H "Authorization: Bearer [2]" https://management.azure.com/[3]?api-version=2021-04-01
The --resource parameter must be the Azure management endpoint. The token variable is used in the Authorization header. The API path targets the VM resource.