Learn how to enable secure access to specific blobs in Azure Storage based on blob index tags. Implement role assignment conditions effectively to enhance data security and access control for your storage environment.
Table of Contents
Question
You have an Azure Storage account that contains 5,000 blobs accessed by multiple users.
You need to ensure that the users can view only specific blobs based on blob index tags.
What should you include in the solution?
A. a role assignment condition
B. a stored access policy
C. just-in-time (JIT) VM access
D. a shared access signature (SAS)
Answer
A. a role assignment condition
Explanation
A role assignment condition is a feature of Azure role-based access control (RBAC) that allows you to restrict access to Azure resources based on attributes such as blob index tags. By using a role assignment condition, you can grant users the ability to view only specific blobs that match the specified tags.
B. a stored access policy is incorrect because it is a way to manage shared access signatures (SAS) for a container or a queue, not for individual blobs. A stored access policy does not support blob index tags.
C. just-in-time (JIT) VM access is incorrect because it is a feature of Azure Security Center that helps you control and audit access to Azure virtual machines (VMs). It has nothing to do with blob access or blob index tags.
D. a shared access signature (SAS) is incorrect because it is a way to grant limited access to Azure Storage resources without exposing your account key. A SAS can be used to access individual blobs, but it does not support blob index tags.
Microsoft Azure Administrator AZ-104 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Microsoft Azure Administrator AZ-104 exam and earn Microsoft Azure Administrator AZ-104 certification.