Practice free →
HomeAzure AZ-204cloudcomputingaz204security › Which configuration gives an Azure VM, App Servi…

Which configuration gives an Azure VM, App Service, or Function App an identity to call Key Vault and other Azure APIs without storing credentials in code?

AA Managed Identity (system-assigned or user-assigned) attached to the resource
BHardcoding an access key in the code
CSharing the developer's Entra credentials with the service
DDisabling authentication on Key Vault
Answer & Solution
Correct answer: A. A Managed Identity (system-assigned or user-assigned) attached to the resource
Managed Identities are Entra identities Azure manages for the resource — calls to Key Vault use them with no static credentials. The others leak credentials or remove auth.
Solve this in the app — Azure AZ-204 practice & 24k+ MCQs →
Related questions