Enable Support for User-Assigned Managed Identity in Microsoft Fabric Workspaces

Currently workspaces support generating a new managed identity. however, this is cumbersome and creates a lot of unneeded identities. especially if you are using source control integration and feature branching tied to workspaces.

Business Justification:

Supporting user-assigned managed identities (UAMI) in Microsoft Fabric workspaces would greatly enhance security, flexibility, and resource management, particularly in enterprise environments. Here’s how:

1. Improved Security and Compliance: User-assigned managed identities are independent of specific resources, unlike system-assigned identities. This decoupling allows for consistent identity management practices across environments, even when resources (e.g., Fabric workspaces) are deleted or recreated. This persistence ensures that access to resources follows the principle of least privilege, reducing security risks and aligning with enterprise compliance requirements.
2. Streamlined Access Management: User-assigned managed identities simplify permissions management across multiple resources and services. By associating a UAMI with multiple workspaces or Azure resources, organizations avoid redundant access management tasks. This approach enables centralized control, which is more efficient and less prone to error, saving time for administrators and improving governance.
3. Cost Efficiency and Resource Optimization: UAMIs can be reused across various services and resources within Azure. Reusability reduces the need to create separate identities for each workspace, which minimizes administrative overhead and allows for better cost control. This is particularly beneficial for organizations with large-scale deployments or dynamic environments requiring frequent provisioning and deprovisioning of workspaces.
4. Enhanced Flexibility for Complex Architectures: In scenarios involving multiple interconnected services, using UAMI simplifies identity management in complex architectures, such as multi-tier applications or solutions with dynamic resource scaling. This flexibility is essential in environments that rely on managed identities for secure access to storage accounts, databases, and other Azure services frequently integrated with Fabric workspaces.
5. Support for Automation and DevOps Practices: UAMIs align well with automation and Infrastructure as Code (IaC) practices by allowing predefined identities to be assigned to resources consistently across development, testing, and production environments. This support would facilitate automated deployment pipelines, reducing human intervention, and ensuring consistent configurations across environments.