Table of Contents
Do Azure VMs Stop Running When Transferring Subscription to New Azure AD Tenant?
Learn why Azure VMs continue running during subscription transfers to new Azure AD tenants for your AZ-500 exam. Understand the impact on managed identities, RBAC assignments, and authentication while VMs remain operational throughout the transfer process.
Question
Transferring a subscription to a new Azure AD tenant will cause Azure VMs to stop running.
A. FALSE
B. TRUE
Answer
A. FALSE
Explanation
The correct answer is A. FALSE. Azure Virtual Machines continue running without interruption when a subscription is transferred to a new Azure AD tenant. The compute resources themselves are not affected by the tenant change.
VMs will not stop running, but you will have to re-enable any managed identities associated with the VMs.
Why VMs Continue Running
Azure VMs operate at the infrastructure layer and are not directly dependent on the Azure AD tenant for their core functionality. The underlying compute, storage, and networking resources remain intact during a subscription transfer. The VMs maintain their:
- Running state and workloads
- Network connectivity within the virtual network
- Storage attachments and data
- Basic operational functionality
Impact on Managed Identities
The primary impact of tenant transfer occurs with managed identities assigned to the VMs. Managed identities are Azure AD objects that provide VMs with an identity to authenticate against Azure services without storing credentials in code. When a subscription moves to a new tenant:
- System-assigned managed identities are automatically deleted and must be recreated after the transfer
- User-assigned managed identities that were in the source tenant become inaccessible
- Applications or services relying on managed identities for authentication will experience failures until identities are reconfigured
Additional Considerations
Beyond managed identities, subscription transfers affect other identity-related configurations:
- RBAC assignments referencing users or groups from the old tenant are removed
- Azure AD authentication for applications may require reconfiguration
- Key Vault access policies linked to the old tenant need updates
- Service principal authentication may require adjustments
Post-Transfer Recovery Steps
After completing the subscription transfer, administrators must:
- Re-enable system-assigned managed identities on affected VMs
- Recreate or reassign user-assigned managed identities
- Reconfigure RBAC assignments for the new tenant
- Update application authentication settings
- Verify and restore access to dependent Azure services
The key point for AZ-500 exam purposes is that while VMs maintain operational continuity, the identity and access management layer requires immediate attention to restore full functionality.
Microsoft Certified Azure Security Engineer Associate AZ-500 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the Microsoft Certified Azure Security Engineer Associate AZ-500 exam and earn Microsoft Certified Azure Security Engineer Associate AZ-500 certification.