Knowledge check

Completed

Your company has decided to implement Azure role-based access control (RBAC) to secure their resources and manage user access. You're reviewing the scenarios to support, and have a list of issues to address:

  • Not all users have access to the same resources. A new employee should have only limited resource access.

  • Most administrators require full access to all corporate resources. A few admins need limited access to specific resources so they can read the settings, but not make changes.

  • How are scopes and permissions applied for Azure resources, including the custom role definition?

  • Your manager has asked if there are differences between Azure roles and Microsoft Entra roles.

Answer the following questions

Choose the best response for each of the questions below. Then select Check your answers.

1.

You have three virtual machines (VM1, VM2, VM3) in a resource group. A new admin is hired, and they need to be able to modify settings on VM3. They shouldn't be able to make changes to VM1 or VM2. How can you implement RBAC to minimize administrative overhead?

2.

What is the purpose of the 'AssignableScopes' permissions in a role definition?

3.

Explain the main differences between Azure roles and Microsoft Entra roles.