Which role-based access control should you use?

AZ-204 0 Comments

You are developing a Java application that uses Cassandra to store key and value data. You plan to use a new Azure Cosmos DB resource and the Cassandra API in the application. You create an Azure Active Directory (Azure AD) group named Cosmos DB Creators to enable provisioning of Azure Cosmos accounts, databases, and containers.

The Azure AD group must not be able to access the keys that are required to access the data.

You need to restrict access to the Azure AD group.

Which role-based access control should you use?
A . DocumentDB Accounts Contributor
B . Cosmos Backup Operator
C . Cosmos DB Operator
D . Cosmos DB Account Reader

Answer: C

Explanation:

Azure Cosmos DB now provides a new RBAC role, Cosmos DB Operator. This new role lets you provision Azure Cosmos accounts, databases, and containers, but can’t access the keys that are required to access the data. This role is intended for use in scenarios where the ability to grant access to Azure Active Directory service principals to manage deployment operations for Cosmos DB is needed, including the account, database, and containers.

Reference: https://azure.microsoft.com/en-us/updates/azure-cosmos-db-operator-role-for-role-based-access-control-rbac-is-now-available/

Latest AZ-204 Dumps Valid Version with 254 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download AZ-204 PDF     AZ-204 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments