< Device identity can be stored in Azure AD. → Yes
A single system-assigned managed identity can be used by multiple Azure resources. → No
If you delete an Azure resource that has a user-assigned managed identity, the managed identity is deleted automatically. → No
From Microsoft Entra ID (Azure AD) device documentation: Azure AD holds device objects for registration and join states. The docs state that device identities are maintained in Azure AD: “Azure AD device objects represent registered and joined devices so they can be managed and secured.” and “Devices can be Azure AD registered, Azure AD joined, or hybrid Azure AD joined.” These statements confirm that device identity is stored in Azure AD, so the first item is Yes.
Regarding managed identities: Microsoft’s description of system-assigned managed identity explains, “The identity is created in Entra ID and is tied to the lifecycle of that Azure resource.” and “Only that resource can use this identity.” Because a system-assigned identity is unique to a single resource and cannot be shared, the second statement is No.
For user-assigned managed identity, the documentation says, “A user-assigned managed identity is a standalone Azure resource.” and “It can be assigned to one or more Azure service instances and is managed independently.” Additionally, “When you delete the Azure resource, the user-assigned identity is not deleted.” Therefore, deleting a resource does not automatically delete the user-assigned identity, making the third statement No.
