You have an Azure virtual machine named VM1 and an Azure Active Directory (Azure AD) tenant named adatum.com.
VM1 has the following settings:
-> IP address: 10.10.0.10
-> System-assigned managed identity: On
You need to create a script that will run from within VM1 to retrieve the authentication token of VM1.
Which address should you use in the script?
Click on the arrows to vote for the correct answer
A. B. C. D.B
Your code that's running on the VM can request a token from the Azure Instance Metadata Service identity endpoint, accessible only from within the VM: http://169.254.169.254/metadata/identity/oauth2/token
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overviewThe correct answer is B. 169.254.169.254.
When an Azure virtual machine has a managed identity enabled, it can request an access token from Azure Active Directory (Azure AD) without needing to store any credentials. This is useful for securing applications running on the virtual machine that need to interact with other Azure resources.
To retrieve the authentication token of VM1, we need to make an HTTP request to the local endpoint of the Azure Instance Metadata Service. This endpoint is available at a well-known IP address: 169.254.169.254. When the request is made, the Azure Instance Metadata Service returns a JSON payload that contains information about the virtual machine, including its system-assigned managed identity.
Therefore, the correct address to use in the script is 169.254.169.254.