Answer-first summary for fast verification
Answer: Synapse Contributor
## Role Analysis for Creating Lake Databases in Azure Synapse Analytics ### Requirements Analysis: - **Task**: User1 needs to create a new lake database using an Azure Synapse database template from Gallery - **Constraint**: Must follow the principle of least privilege - **Environment**: Azure Synapse Analytics workspace ### Role Evaluation: **A: Synapse Contributor** ✅ **OPTIMAL CHOICE** - **Permissions**: Grants full access to manage Synapse resources including databases, SQL pools, Apache Spark pools, and integration runtimes - **Database Creation**: Specifically includes permissions to create and manage lake databases - **Template Access**: Allows access to database templates from the Gallery - **Least Privilege Alignment**: Provides exactly the permissions needed for the task without unnecessary administrative capabilities **B: Synapse Administrator** ❌ **EXCESSIVE PERMISSIONS** - Includes all Synapse Contributor permissions PLUS additional administrative capabilities - Can manage role assignments and workspace settings - Violates the principle of least privilege by granting more permissions than required **C: Synapse User** ❌ **INSUFFICIENT PERMISSIONS** - Primarily allows running queries and viewing published code artifacts - Does not include permissions to create or manage databases - Cannot access database templates for creation purposes **D: Storage Blob Data Contributor** ❌ **IRRELEVANT PERMISSIONS** - Focuses on Azure Storage blob operations (read, write, delete) - No permissions related to Synapse database creation or management - Does not provide access to Synapse database templates ### Key Considerations: - **Lake Database Creation**: Requires specific Synapse workspace permissions that include database management capabilities - **Template Gallery Access**: Needs permissions to browse and utilize database templates - **Principle of Least Privilege**: Synapse Contributor provides the minimum required permissions without granting unnecessary administrative control ### Conclusion: Synapse Contributor is the optimal role as it provides the necessary permissions for lake database creation using templates while strictly adhering to the principle of least privilege.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You have an Azure subscription containing an Azure Synapse Analytics workspace and a user named User1.
You must ensure User1 can create a new lake database using an Azure Synapse database template from the Gallery. The solution must adhere to the principle of least privilege.
Which role should you assign to User1?
A
Synapse Contributor
B
Synapse Administrator
C
Synapse User
D
Storage Blob Data Contributor
No comments yet.