diff --git a/builder/azure/arm/template_factory.go b/builder/azure/arm/template_factory.go
index 5680f1003..650cb6923 100644
--- a/builder/azure/arm/template_factory.go
+++ b/builder/azure/arm/template_factory.go
@@ -61,6 +61,10 @@ func GetVirtualMachineDeployment(config *Config) (*resources.Deployment, error)
 		builder.BuildWindows(config.tmpKeyVaultName, config.tmpWinRMCertificateUrl)
 	}
 
+	if len(config.UserAssignedManagedIdentities) != 0 {
+		builder.SetIdentity(config.UserAssignedManagedIdentities)
+	}
+
 	if config.ImageUrl != "" {
 		builder.SetImageUrl(config.ImageUrl, osType, config.diskCachingType)
 	} else if config.CustomManagedImageName != "" {
diff --git a/builder/azure/common/template/template_builder.go b/builder/azure/common/template/template_builder.go
index fdd298e57..a301f569a 100644
--- a/builder/azure/common/template/template_builder.go
+++ b/builder/azure/common/template/template_builder.go
@@ -103,6 +103,28 @@ func (s *TemplateBuilder) BuildWindows(keyVaultName, winRMCertificateUrl string)
 	return nil
 }
 
+func (s *TemplateBuilder) SetIdentity(userAssignedManagedIdentities []string) error {
+	resource, err := s.getResourceByType(resourceVirtualMachine)
+	if err != nil {
+		return err
+	}
+
+	var id *Identity
+
+	if len(userAssignedManagedIdentities) != 0 {
+		id = &Identity{
+			Type:                   to.StringPtr("UserAssigned"),
+			UserAssignedIdentities: make(map[string]*UserAssignedIdentitiesValue),
+		}
+		for _, uid := range userAssignedManagedIdentities {
+			id.UserAssignedIdentities[uid] = &UserAssignedIdentitiesValue{}
+		}
+	}
+
+	resource.Identity = id
+	return nil
+}
+
 func (s *TemplateBuilder) SetManagedDiskUrl(managedImageId string, storageAccountType compute.StorageAccountTypes, cachingType compute.CachingTypes) error {
 	resource, err := s.getResourceByType(resourceVirtualMachine)
 	if err != nil {