I am slowly working my way through Az 305, and am completely stumped by these concepts. I shouldn't say completely stumped. I understand that when app is registered a service principal is created. I think I understand user and system assigned managed identities.
What I don't understand is their relationships to AAD and Resources, when to use a service principal vs a managed identity. I have run across this statement several times, and it confuses me, but seems key in understanding what the differences are..
the difference between a managed identity and a service principal is that a managed identity manages the creation and automatic renewal of a service principal on your behalf.
