Azure services and resource types supporting managed identities

Article
05/09/2025

Managed identities for Azure resources provide an automatically managed identity in Microsoft Entra ID, enabling secure, credential-free authentication to Azure services. This article lists Azure services and resource types that support managed identities.

This page provides links to services' content that can use managed identities to access other Azure resources as well as a list of Azure resource providers and resource types that support managed identities.

Additional resource provider namespace information is available in Resource providers for Azure services.

Important

New technical content is added daily. This list does not include every article that talks about managed identities. Please refer to each service's content set for details on their managed identities support.

Services supporting managed identities

The following Azure services support managed identities for Azure resources:

Service Name	Documentation
API Management	Use managed identities in Azure API Management
Application Gateway	TLS termination with Key Vault certificates
Azure App Configuration	How to use managed identities for Azure App Configuration
Azure App Services	How to use managed identities for App Service and Azure Functions
Azure Arc enabled Kubernetes	Quickstart: Connect an existing Kubernetes cluster to Azure Arc
Azure Arc enabled servers	Authenticate against Azure resources with Azure Arc-enabled servers
Azure Automanage	Repair an Automanage Account
Azure Automation	Azure Automation account authentication overview
Azure Batch	Configure customer-managed keys for your Azure Batch account with Azure Key Vault and Managed Identity Configure managed identities in Batch pools
Azure Blueprints	Stages of a blueprint deployment
Azure Cache for Redis	Managed identity for storage accounts with Azure Cache for Redis
Azure Chaos Studio	Permissions and security in Azure Chaos Studio
Azure Communications Gateway	Deploy Azure Communications Gateway
Azure Communication Services	How to use Managed Identity with Azure Communication Services
Azure Container Apps	Managed identities in Azure Container Apps
Azure Container Instance	How to use managed identities with Azure Container Instances
Azure Container Registry	Use an Azure-managed identity in ACR Tasks
Azure CycleCloud	Using Managed Identities
Azure AI services	Configure customer-managed keys with Azure Key Vault for Azure AI services
Azure Data Box	Use customer-managed keys in Azure Key Vault for Azure Data Box
Azure Data Explorer	Configure managed identities for your Azure Data Explorer cluster
Azure Data Factory	Managed identity for Data Factory
Azure Data Lake Storage Gen1	Customer-managed keys for Azure Storage encryption
Azure Data Share	Roles and requirements for Azure Data Share
Azure DevTest Labs	Enable user-assigned managed identities on lab virtual machines in Azure DevTest Labs
Azure Digital Twins	Enable a managed identity for routing Azure Digital Twins events
Azure Event Grid	Event delivery with a managed identity
Azure Event Hubs	Authenticate a managed identity with Microsoft Entra ID to access Event Hubs Resources
Azure File Sync	How to use managed identities with Azure File Sync
Azure Files	Access Azure file shares using Microsoft Entra ID with Azure Files OAuth over REST
Azure Health Data Services workspace services	Authentication and authorization for Azure Health Data Services
Azure Health Data Services de-identification service	Use managed identities with the de-identification service
Azure Image Builder	Azure Image Builder overview
Azure Import/Export	Use customer-managed keys in Azure Key Vault for Import/Export service
Azure IoT Hub	IoT Hub support for virtual networks with Private Link and Managed Identity
Azure Kubernetes Service (AKS)	Use managed identities in Azure Kubernetes Service
Azure Load Testing	Use managed identities for Azure Load Testing
Azure Logic Apps	Authenticate access to Azure resources using managed identities in Azure Logic Apps
Azure Log Analytics cluster	Azure Monitor customer-managed key
Azure Machine Learning Services	Use Managed identities with Azure Machine Learning
Azure Managed Disk	Use the Azure portal to enable server-side encryption with customer-managed keys for managed disks
Azure Media services	Managed identities
Azure Monitor	Azure Monitor customer-managed key
Azure Policy	Remediate non-compliant resources with Azure Policy
Microsoft Purview	Credentials for source authentication in Microsoft Purview
Azure Quantum	Authenticate using a managed identity
Azure Resource Mover	Move resources across regions (from resource group)
Azure Site Recovery	Replicate machines with private endpoints
Azure Search	Set up an indexer connection to a data source using a managed identity
Azure Service Bus	Authenticate a managed identity with Microsoft Entra ID to access Azure Service Bus resources
Azure Service Fabric	Using Managed identities for Azure with Service Fabric
Azure SignalR Service	Managed identities for Azure SignalR Service
Azure Spring Apps	Enable system-assigned managed identity for an application in Azure Spring Apps
Azure SQL	Managed identities in Microsoft Entra for Azure SQL
Azure SQL Managed Instance	Managed identities in Microsoft Entra for Azure SQL
Azure Stack Edge	Manage Azure Stack Edge secrets using Azure Key Vault
Azure Static Web Apps	Securing authentication secrets in Azure Key Vault
Azure Stream Analytics	Authenticate Stream Analytics to Azure Data Lake Storage Gen1 using managed identities
Azure Synapse	Azure Synapse workspace managed identity
Azure VM image builder	Configure Azure Image Builder Service permissions using Azure CLI
Azure Virtual Machine Scale Sets	Configure managed identities on virtual machine scale set - Azure CLI
Azure Virtual Machines	Secure and use policies on virtual machines in Azure
Azure Web PubSub Service	Managed identities for Azure Web PubSub Service

Resource providers and resource types supporting managed identities

The following resource providers and resource types support managed identities:

Namespace	ResourceType	Identity types(s)
Microsoft.AVS	privateClouds	System-assigned User-assigned
Microsoft.ApiManagement	service	System-assigned User-assigned
Microsoft.App	builders	System-assigned User-assigned
Microsoft.App	containerApps	System-assigned User-assigned
Microsoft.App	jobs	System-assigned User-assigned
Microsoft.App	managedEnvironments	System-assigned User-assigned
Microsoft.App	sessionPools	System-assigned User-assigned
Microsoft.AppConfiguration	configurationStores	System-assigned User-assigned
Microsoft.AppPlatform	Spring	System-assigned
Microsoft.AppPlatform	Spring/apps	System-assigned User-assigned
Microsoft.Automation	automationAccounts	System-assigned User-assigned
Microsoft.AzureStackHCI	clusters	System-assigned
Microsoft.AzureStackHCI	devicePools	System-assigned
Microsoft.AzureStackHCI	edgeMachines	System-assigned
Microsoft.AzureStackHCI	virtualMachines	System-assigned
Microsoft.Batch	batchAccounts	System-assigned User-assigned
Microsoft.Batch	batchAccounts/pools	User-assigned
Microsoft.Blueprint	blueprintAssignments	System-assigned User-assigned
Microsoft.Cache	Redis	System-assigned User-assigned
Microsoft.Cache	redisEnterprise	System-assigned User-assigned
Microsoft.Cdn	profiles	System-assigned User-assigned
Microsoft.ChangeAnalysis	profile	System-assigned
Microsoft.CognitiveServices	accounts	System-assigned User-assigned
Microsoft.CognitiveServices	accounts/encryptionScopes
Microsoft.Communication	CommunicationServices	System-assigned User-assigned
Microsoft.Compute	diskEncryptionSets	System-assigned User-assigned
Microsoft.Compute	galleries	System-assigned User-assigned
Microsoft.Compute	virtualMachineScaleSets	System-assigned User-assigned
Microsoft.Compute	virtualMachines	System-assigned User-assigned
Microsoft.ContainerInstance	containerGroups	System-assigned User-assigned
Microsoft.ContainerInstance	containerScaleSets	System-assigned User-assigned
Microsoft.ContainerInstance	nGroups	System-assigned User-assigned
Microsoft.ContainerRegistry	registries	System-assigned User-assigned
Microsoft.ContainerRegistry	registries/credentialSets	System-assigned
Microsoft.ContainerRegistry	registries/exportPipelines	System-assigned User-assigned
Microsoft.ContainerRegistry	registries/importPipelines	System-assigned User-assigned
Microsoft.ContainerRegistry	registries/taskRuns	User-assigned
Microsoft.ContainerRegistry	registries/tasks	System-assigned User-assigned
Microsoft.ContainerService	fleets	System-assigned User-assigned
Microsoft.ContainerService	managedClusters	System-assigned User-assigned
Microsoft.ContainerService	managedclustersnapshots	System-assigned User-assigned
Microsoft.ContainerService	snapshots	System-assigned User-assigned
Microsoft.CustomProviders	resourceProviders	System-assigned
Microsoft.DBforMariaDB	servers	System-assigned
Microsoft.DBforMySQL	flexibleServers	User-assigned
Microsoft.DBforMySQL	servers	System-assigned
Microsoft.DBforPostgreSQL	flexibleServers	System-assigned User-assigned
Microsoft.DBforPostgreSQL	serverGroupsv2	User-assigned
Microsoft.DBforPostgreSQL	servers	System-assigned
Microsoft.DataBox	jobs	System-assigned User-assigned
Microsoft.DataBoxEdge	DataBoxEdgeDevices	System-assigned
Microsoft.DataFactory	factories	System-assigned User-assigned
Microsoft.DataLakeStore	accounts	System-assigned
Microsoft.DataMigration	SqlMigrationServices	System-assigned
Microsoft.DataMigration	migrationServices	System-assigned
Microsoft.DataProtection	BackupVaults	System-assigned User-assigned
Microsoft.DataShare	accounts	System-assigned
Microsoft.Databricks	accessConnectors	System-assigned User-assigned
Microsoft.DesktopVirtualization	hostpools	System-assigned User-assigned
Microsoft.DevCenter	devcenters	System-assigned User-assigned
Microsoft.DevCenter	devcenters/encryptionsets	System-assigned User-assigned
Microsoft.DevCenter	projects	System-assigned User-assigned
Microsoft.DevCenter	projects/environmentTypes	System-assigned User-assigned
Microsoft.DevOpsInfrastructure	pools	User-assigned
Microsoft.DevTestLab	labs	System-assigned User-assigned
Microsoft.DevTestLab	labs/serviceRunners	System-assigned User-assigned
Microsoft.DeviceUpdate	accounts	System-assigned User-assigned
Microsoft.DeviceUpdate	updateAccounts	System-assigned User-assigned
Microsoft.Devices	IotHubs	System-assigned User-assigned
Microsoft.Devices	ProvisioningServices	System-assigned User-assigned
Microsoft.DigitalTwins	digitalTwinsInstances	System-assigned User-assigned
Microsoft.DocumentDB	cassandraClusters	System-assigned
Microsoft.DocumentDB	databaseAccounts	System-assigned User-assigned
Microsoft.DocumentDB	databaseAccounts/encryptionScopes	User-assigned
Microsoft.DocumentDB	garnetClusters	System-assigned
Microsoft.DocumentDB	managedResources	System-assigned
Microsoft.DocumentDB	throughputPools	System-assigned
Microsoft.DocumentDB	throughputPools/throughputPoolAccounts	System-assigned
Microsoft.ElasticSan	elasticSans/volumeGroups	System-assigned User-assigned
Microsoft.EventGrid	domains	System-assigned User-assigned
Microsoft.EventGrid	namespaces	System-assigned User-assigned
Microsoft.EventGrid	partnerTopics	System-assigned User-assigned
Microsoft.EventGrid	systemTopics	System-assigned User-assigned
Microsoft.EventGrid	topics	System-assigned User-assigned
Microsoft.EventHub	namespaces	System-assigned User-assigned
Microsoft.HDInsight	clusters	System-assigned User-assigned
Microsoft.HybridCompute	machines	System-assigned
Microsoft.HybridNetwork	networkfunctions	System-assigned User-assigned
Microsoft.HybridNetwork	publishers	System-assigned
Microsoft.HybridNetwork	serviceManagementContainers	System-assigned User-assigned
Microsoft.HybridNetwork	siteNetworkServices	System-assigned User-assigned
Microsoft.IoTCentral	IoTApps	System-assigned
Microsoft.KeyVault	managedHSMs	User-assigned
Microsoft.Kubernetes	connectedClusters	System-assigned
Microsoft.KubernetesConfiguration	extensions	System-assigned
Microsoft.Kusto	clusters	System-assigned User-assigned
Microsoft.LoadTestService	loadtests	System-assigned User-assigned
Microsoft.Logic	integrationAccounts	System-assigned User-assigned
Microsoft.Logic	integrationServiceEnvironments	System-assigned User-assigned
Microsoft.Logic	workflows	System-assigned User-assigned
Microsoft.MachineLearningServices	registries	System-assigned User-assigned
Microsoft.MachineLearningServices	workspaces	System-assigned User-assigned
Microsoft.MachineLearningServices	workspaces/batchEndpoints	System-assigned
Microsoft.MachineLearningServices	workspaces/computes	System-assigned User-assigned
Microsoft.MachineLearningServices	workspaces/inferencePools/groups	System-assigned User-assigned
Microsoft.MachineLearningServices	workspaces/linkedServices	System-assigned
Microsoft.MachineLearningServices	workspaces/onlineEndpoints	System-assigned User-assigned
Microsoft.Maps	accounts	System-assigned User-assigned
Microsoft.Media	mediaservices	System-assigned User-assigned
Microsoft.Migrate	migrateprojects	System-assigned
Microsoft.Migrate	modernizeProjects	System-assigned
Microsoft.Migrate	moveCollections	System-assigned
Microsoft.MobileNetwork	mobileNetworks	User-assigned
Microsoft.MobileNetwork	packetCoreControlPlanes	User-assigned
Microsoft.MobileNetwork	simGroups	System-assigned User-assigned
Microsoft.NetApp	netAppAccounts	System-assigned User-assigned
Microsoft.Network	networkWatchers/flowLogs	User-assigned
Microsoft.OperationalInsights	clusters	System-assigned User-assigned
Microsoft.OperationalInsights	workspaces	System-assigned User-assigned
Microsoft.PowerPlatform	enterprisePolicies	System-assigned User-assigned
Microsoft.Purview	accounts	System-assigned User-assigned
Microsoft.Quantum	Workspaces	System-assigned
Microsoft.RecoveryServices	vaults	System-assigned User-assigned
Microsoft.RedHatOpenShift	OpenShiftClusters	System-assigned
Microsoft.Search	searchServices	System-assigned User-assigned
Microsoft.Security	dataScanners	System-assigned
Microsoft.Security	pricings/securityOperators	System-assigned
Microsoft.ServiceBus	namespaces	System-assigned User-assigned
Microsoft.ServiceFabric	clusters	System-assigned User-assigned
Microsoft.ServiceFabric	clusters/applications	System-assigned User-assigned
Microsoft.ServiceFabric	managedclusters	System-assigned User-assigned
Microsoft.ServiceFabric	managedclusters/applications	System-assigned User-assigned
Microsoft.SignalRService	SignalR	System-assigned User-assigned
Microsoft.SignalRService	WebPubSub	System-assigned User-assigned
Microsoft.Solutions	applications	System-assigned User-assigned
Microsoft.Sql	managedInstances	System-assigned User-assigned
Microsoft.Sql	servers	System-assigned User-assigned
Microsoft.Sql	servers/databases	User-assigned
Microsoft.Sql	servers/jobAgents	User-assigned
Microsoft.Storage	storageAccounts	System-assigned User-assigned
Microsoft.Storage	storageTasks	System-assigned
Microsoft.StorageCache	amlFilesystems	User-assigned
Microsoft.StorageCache	caches	System-assigned User-assigned
Microsoft.StorageSync	storageSyncServices	System-assigned User-assigned
Microsoft.StreamAnalytics	streamingjobs	System-assigned User-assigned
Microsoft.Synapse	workspaces	System-assigned User-assigned
Microsoft.VirtualMachineImages	imageTemplates	User-assigned
Microsoft.Web	hostingEnvironments	System-assigned User-assigned
Microsoft.Web	sites	System-assigned User-assigned
Microsoft.Web	sites/slots	System-assigned User-assigned
Microsoft.Web	staticSites	System-assigned User-assigned

Next steps

Managed identities overview

Share via

Azure services and resource types supporting managed identities

Services supporting managed identities

Resource providers and resource types supporting managed identities

Next steps

Feedback

Additional resources