Table of Contents
Question
Which RBAC role should you assign to the KeyManagers group?
A. Cognitive Services Contributor
B. Security Manager
C. Cognitive Services User
D. Security Administrator
Answer
A. Cognitive Services Contributor
Explanation
The correct answer is A. Cognitive Services Contributor.
The Cognitive Services Contributor role allows users to create, read, update, delete, and manage keys for Azure Cognitive Services. This includes the ability to create and manage access policies for keys.
The Security Manager role allows users to manage security settings for Azure resources, including Azure Cognitive Services. However, this role does not specifically allow users to manage keys.
The Cognitive Services User role allows users to read and list keys for Azure Cognitive Services. However, this role does not allow users to create, update, delete, or manage keys.
The Security Administrator role allows users to manage all aspects of security for Azure resources, including Azure Cognitive Services. However, this role is a more privileged role than is necessary for managing keys, and it is not recommended to assign this role to a group of users unless they need to manage all aspects of security for Azure resources.
Therefore, the Cognitive Services Contributor role is the most appropriate role to assign to the KeyManagers group. This role will allow the members of the group to manage keys for Azure Cognitive Services, while still limiting their permissions to the specific tasks that need to be performed.
Here is a table that summarizes the permissions granted by each of the roles mentioned above:
| Role | Permissions |
|---|---|
| Cognitive Services Contributor | Create, read, update, delete, and manage keys for Azure Cognitive Services. |
| Security Manager | Manage security settings for Azure resources, including Azure Cognitive Services. |
| Cognitive Services User | Read and list keys for Azure Cognitive Services. |
| Security Administrator | Manage all aspects of security for Azure resources, including Azure Cognitive Services. |
Reference
- Implement role-based access control in applications – Microsoft Entra | Microsoft Learn
- Azure built-in roles – Azure RBAC | Microsoft Learn
- How to manage groups – Microsoft Entra | Microsoft Learn
- Recommended Azure role-based access control – Cloud Adoption Framework | Microsoft Learn
- What is Azure role-based access control (Azure RBAC)? | Microsoft Learn
- Steps to assign an Azure role – Azure RBAC | Microsoft Learn
Designing and Implementing an Azure AI Solution AI-100 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Designing and Implementing an Azure AI Solution AI-100 exam and earn Designing and Implementing an Azure AI Solution AI-100 certification.