What should you include in the recommendation?

Posted by: Pdfprep Category: AZ-304 Tags: , ,

You have an Azure Active Directory (Azure AD) tenant.

You plan to deploy Azure Cosmos DB databases that will use the SQL API.

You need to recommend a solution to provide specific Azure AD user accounts with read access to the Cosmos DB databases.

What should you include in the recommendation?
A . a resource token and an Access control (IAM) role assignment
B . shared access signatures (SAS) and conditional access policies
C . master keys and Azure Information Protection policies
D . certificates and Azure Key Vault

Answer: A

Explanation:

The Access control (IAM) pane in the Azure portal is used to configure role-based access control on Azure Cosmos resources. The roles are applied to users, groups, service principals, and managed identities in Active Directory. You can use built-in roles or custom roles for individuals and groups.

The following screenshot shows Active Directory integration (RBAC) using access control (IAM) in the Azure portal:

Reference: https://docs.microsoft.com/en-us/azure/cosmos-db/role-based-access-control

Leave a Reply

Your email address will not be published.