Learn how to grant access to a single virtual machine in Azure and why assigning a role at the resource scope is the best option.
Table of Contents
Question
Suppose an administrator in another department needs access to a virtual machine managed by your department. What’s the best way to grant them access to just that resource?
A. At the resource scope, create a role for them with the appropriate access.
B. At the resource group scope, assign the role with the appropriate access.
C. At the resource scope, assign the role with the appropriate access.
Answer
C. At the resource scope, assign the role with the appropriate access.
Explanation
For this scenario, at the virtual machine scope, assign one of the built-in roles that grants the appropriate access for the administrator.
To grant access to a specific resource, such as a virtual machine, the administrator needs to assign a role at the resource scope. The resource scope is the most specific level of scope in Azure.
A is incorrect because for this scenario, at the resource scope, assign one of the built-in roles like contributor or reader instead of creating a new role.
B is incorrect becasue if you assign a role at the resource group scope, they’ll have access to all resources in that resource group.
Microsoft Azure Administrator AZ-104 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Microsoft Azure Administrator AZ-104 exam and earn Microsoft Azure Administrator AZ-104 certification.