Azure Automation support for Managed Identities is now generally available
Published date: 03 November, 2021
Azure Automation now supports Managed Identities in Azure public, Azure Gov, and Azure China cloud. System Assigned Managed Identities is supported for cloud as well as hybrid jobs, while User Assigned Managed Identities is supported only for cloud jobs. Azure Automation Hybrid jobs could be running on a Hybrid runbook worker running on an Azure or non-Azure VM.
A managed identity from Azure Active Directory (Azure AD) allows the runbook to easily access other Azure AD-protected resources. The identity is managed by the Azure platform and users could eliminate the management overhead associated with managing Run As Account in the runbook code.
Managed identities would be the recommended method for runbook authentication going forward. Read the the guidance to migrate existing Run As accounts to Managed identities.
As part of Managed identities general availability, we have introduced the following updates:
- Managed identities would be the default method of runbook authentication in the Automation account creation flow. You would no longer see the option to provide Run As account, however, we still support Run As account for existing & new Automation accounts. The behavior in the create automation account flow has been changed to encourage customers to use Managed identities going forward. Learn more.
You can choose to select System assigned or User assigned or both identities. If you choose User assigned, then provide the user assigned identity by clicking on the Add user assigned identities option.
- Source control integration in Azure Automation can now use Managed identities instead of RunAs account. Currently, we only support System Assigned Manged Identities with Source control integration. If you have both Run As Account and Manage Identity enabled, Managed Identity will be given preference.
Learn more about Automation Managed Identities support.
Visit Ideas platform to vote for existing requests or create a new request.
Go to Microsoft Q&A to ask technical questions or roadmap related queries.