PdfPrep.com

What should you include in the recommendation?

You have an Azure Active Directory (Azure AD) tenant.

You plan to deploy Azure Cosmos DB databases that will use the SQL API.

You need to recommend a solution to provide specific Azure AD user accounts with read access to the Cosmos DB databases.

What should you include in the recommendation?
A . a resource token and an Access control (IAM) role assignment
B . shared access signatures (SAS) and conditional access policies
C . master keys and Azure Information Protection policies
D . certificates and Azure Key Vault

Answer: A

Explanation:

The Access control (IAM) pane in the Azure portal is used to configure role-based access control on Azure Cosmos resources. The roles are applied to users, groups, service principals, and managed identities in Active Directory. You can use built-in roles or custom roles for individuals and groups.

The following screenshot shows Active Directory integration (RBAC) using access control (IAM) in the Azure portal:

Reference: https://docs.microsoft.com/en-us/azure/cosmos-db/role-based-access-control

Exit mobile version