Creating managed identities
Once you’ve created the storage account and file system within it, create the managed identities and then assign roles with specific scopes to these identities.
You can reuse the same resource group that you created for the storage account or you can optionally create a new resource group that can act as a logical grouping of managed identities.
You need to create four managed identities (Assumer Identity, Data Lake Admin Identity, Ranger Audit Logger Identity, and Logger Identity). Use the following steps to create these managed identities:
- On Azure Portal, navigate to Managed Identities.
- Click +Add.
- Specify managed identity name and select the resource group that you created earlier.
Repeat these steps to create each of the four managed identities. Once you’ve created these managed identities, assign roles with specific scopes (subscription or storage account) to these identities as follows.