Exam AZ-305 topic 4 question 60 discussion

D. a resource token and an Access control (IAM) role assignment. Azure Cosmos DB's SQL API provides two types of authorization: master key token and resource token. Master key tokens provide access to the all data and all permissions. Resource tokens provide access to specific containers and permissions, and you can create these tokens with an Azure AD user's identity. To provide Azure AD users with access to the Azure Cosmos DB, you would assign them a specific IAM role. Azure Cosmos DB uses Azure role-based access control (Azure RBAC) for providing specific access. Azure RBAC is an authorization system built on Azure Resource Manager that provides fine-grained access management of resources in Azure. The combination of a resource token and an IAM role assignment would provide the necessary access control for the Azure AD user accounts to have read access to the Cosmos DB databases.

D. a resource token and an Access control (IAM) role assignment - correct.

D is correct

Given Answer D is correct

appeared in Exam 01/2024

D is the answer. https://learn.microsoft.com/en-us/azure/cosmos-db/secure-access-to-data?tabs=using-primary-key#resource-tokens You can use a resource token (by creating Azure Cosmos DB users and permissions) when you want to provide access to resources in your Azure Cosmos DB account to a client that cannot be trusted with the primary key. Azure Cosmos DB resource tokens provide a safe alternative that enables clients to read, write, and delete resources in your Azure Cosmos DB account according to the permissions you've granted, and without need for either a primary or read only key.

Yes D is the one

D. a resource token and an Access control (IAM) role assignment

D IAM and Resource Token

appeared on 11th Oct 2022