Microsoft Azure Administrator Associate AZ-104
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
Configure Azure AD authentication for an Azure Storage account 'storage1' to allow 'Group1' members to upload files via the Azure portal, adhering to the principle of least privilege. Identify the two necessary roles.
Exam-Like
A
Storage Account Contributor
B
Storage Blob Data Contributor
C
Reader
D
Contributor
E
Storage Blob Data Reader
Explanation:
To allow 'Group1' members to upload files using the Azure portal while adhering to the principle of least privilege, you need to assign them the 'Storage Blob Data Contributor' role, which allows read, write, and delete permissions for blob storage. Additionally, you need to assign the 'Reader' role, which grants read access to Azure resource management data. This combination ensures that members can navigate the Azure portal to reach the storage account and upload files, without unnecessary broader permissions.
Comments
Loading comments...