Note: This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated goals.
Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it.
As a result, these questions will not appear in the review screen.
You develop Azure solutions.
You must grant a virtual machine (VM) access to specific resource groups in Azure Resource Manager.
You need to obtain an Azure Resource Manager access token.
Solution: Run the Invoke-RestMethod cmdlet to make a request to the local managed identity for Azure resources endpoint.
Does the solution meet the goal?
Click on the arrows to vote for the correct answer
A. B.A.
Get an access token using the VM's system-assigned managed identity and use it to call Azure Resource Manager You will need to use PowerShell in this portion.
1
In the portal, navigate to Virtual Machines and go to your Windows virtual machine and in the Overview, click Connect.
2
Enter in your Username and Password for which you added when you created the Windows VM.
3
Now that you have created a Remote Desktop Connection with the virtual machine, open PowerShell in the remote session.
4
Using the Invoke-WebRequest cmdlet, make a request to the local managed identity for Azure resources endpoint to get an access token for Azure Resource Manager.
Example: $response = Invoke-WebRequest -Uri 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https:// management.azure.com/' -Method GET -Headers @{Metadata="true"} Reference: https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-arm.
Yes, the solution meets the goal of obtaining an Azure Resource Manager access token for granting a virtual machine access to specific resource groups in Azure Resource Manager.
The solution involves using the Invoke-RestMethod cmdlet to make a request to the local managed identity for Azure resources endpoint. This endpoint provides access tokens that can be used to authenticate with Azure Resource Manager.
When a virtual machine is created in Azure with a managed identity enabled, it automatically obtains an access token that can be used to authenticate with Azure Resource Manager. This token can be used to grant the virtual machine access to specific resource groups in Azure Resource Manager.
To obtain the access token, the Invoke-RestMethod cmdlet can be used to send a request to the local managed identity for Azure resources endpoint. The endpoint responds with an access token that can be used to authenticate with Azure Resource Manager.
In summary, the solution of using the Invoke-RestMethod cmdlet to make a request to the local managed identity for Azure resources endpoint meets the goal of obtaining an Azure Resource Manager access token for granting a virtual machine access to specific resource groups in Azure Resource Manager.