ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 5 question 8 discussion

Actual exam question from Microsoft's AZ-500
Question #: 8
Topic #: 5
[All AZ-500 Questions]

SIMULATION -
You need to ensure that User2-1234578 has all the key permissions for KeyVault1234578.
To complete this task, sign in to the Azure portal and modify the Azure resources.

Show Suggested Answer Hide Answer
Suggested Answer: See the explanation below.
You need to assign the user the Key Vault Secrets Officer role.
1. In the Azure portal, type Key Vaults in the search box, select Key Vaults from the search results then select KeyVault1234578. Alternatively, browse to Key
Vaults in the left navigation pane.
2. In the key vault properties, select Access control (IAM).
3. In the Add a role assignment section, click the Add button.
4. In the Role box, select the Key Vault Secrets Officer role from the drop-down list.
5. In the Select box, start typing User2-1234578 and select User2-1234578 from the search results.
6. Click the Save button to save the changes.
by Amit3 at Sept. 22, 2022, 5:01 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Pasapugazh
Highly Voted 2 years, 2 months ago
Given answer is incorrect. Key Vault Secret Officer can only manage secrets in the key vault. Hence we have to assign Key Vault Crypto officer role to manage the keys in the key vault. Tested in lab.
upvoted 19 times
ITFranz
2 days, 19 hours ago
The Key Vault Administrator role should be assigned to a user to manage all key permissions for Azure Key Vault. This role provides the following capabilities: 1. Perform all data plane operations on a key vault and all objects in it, including keys, secrets, and certificates. 2. Manage key permissions, secret permissions, and certificate permissions. 3. Cannot manage key vault resources or manage role assignments.
upvoted 1 times
...
...
Muaamar_Alsayyad
Most Recent 2 years, 1 month ago
firt check if it is accress policy or RBAC, if access policy then use that section. if RBAC then grant "Key Vault Crypto officer" to the user
upvoted 4 times
xRiot007
4 months, 2 weeks ago
You could use both, but for RBAC I think you might need a custom role (Unless Admin has all rights). The easies approach would be to set a policy where you check all the operations, thus giving all rights on KV.
upvoted 1 times
...
...
somenick
2 years, 1 month ago
It is not clear which permission model should be used: Vault access policy or Azure role-based access control.
upvoted 4 times
...
Amit3
2 years, 2 months ago
Step 6 is now Review + Assign.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago