Enterprise UAMI Design in Azure: Trust Boundaries and Blast Radius

User Assigned Managed Identities (UAMI) simplify secretless authentication in Azure, offering flexibility by allowing reuse across various compute resources. This flexibility, however, introduces architectural considerations, particularly in shared infrastructure environments. UAMI exists independently of compute resource lifecycles, and their reuse across environments can expand the operational trust boundary. When a single UAMI is used across development, testing, and production, it creates a shared authentication surface. This approach increases the risk of privilege propagation, as a compromised lower-tier environment could potentially access production resources. The blast radius, the potential impact of a security compromise, becomes larger with shared UAMIs. To mitigate risks, environment-isolated identity models are recommended, utilizing separate UAMIs per environment. Resource-level RBAC assignments and clear identity ownership are also crucial for security. Least privilege principles should be consistently applied, using specific roles instead of broad ones. This approach ensures that identity compromise remains environment-scoped, preventing unintended cross-environment access. Ultimately, aligning identity design with trust boundaries and minimizing the blast radius is essential for secure deployments.