Disable your Azure Automation account managed identity (preview)

There are two ways to disable a system-assigned identity in Azure Automation. You can complete this task from the Azure portal, or by using an Azure Resource Manager (ARM) template.

Disable managed identity in the Azure portal

You can disable the managed identity from the Azure portal no matter how the managed identity was originally set up.

  1. Sign in to the Azure portal.

  2. Navigate to your Automation account and select Identity under Account Settings.

  3. Set the System assigned option to Off and press Save. When you're prompted to confirm, press Yes.

The managed identity is removed and no longer has access to the target resource.

Disable using Azure Resource Manager template

If you created the managed identity for your Automation account using an Azure Resource Manager template, you can disable the managed identity by reusing that template and modifying its settings. Set the type of the identity object's child property to None as shown in the following example, and then re-run the template.

"identity": { 
   "type": "None" 
} 

Removing a system-assigned identity using this method also deletes it from Azure AD. System-assigned identities are also automatically removed from Azure AD when the app resource that they are assigned to is deleted.

Next steps