Exam AZ-400 topic 4 question 8 discussion

web app must retrieve the secrets from KV. The solution stops short of that. It only create MI. It is missing the next step. The next step is go to KeyVault, access policies - click create, select permissions, select web app MI, click next and save. Do you agree?

1. Turn on System assigned managed identity for az400-123456789-main. (Based on role-based access control (RBAC) instead of access policy) 2. At the key vault az400-123456789-kv1, go to: Access control (IAM) > Add role assignment > Choose Key Vault Secrets User > choose assign access to managed identity > Click select members > Select the app system managed identity

about the permissions to select question says "of least privilege" the question 9 of topic 4 "You create a Microsoft ASP.NET Core application. You plan to use Azure Key Vault to provide secrets to the application as configuration data. You need to create a Key Vault access policy to assign secret permissions to the application. The solution must use the principle of least privilege. Which secret permissions should you use?" the right answer is Get only , so in this lab in the section of Secret permissions only check Get and nothing else

the permissions should be in secrets section , list and get

NO LAB on 6/21 - 9 am IST - 1 Case study , 6 new Q 1 YES NO series was new - 3 Q - I answered all No , because 2 will No and 1 Y JOB A depends JOB B JOB B on JOB C JOB C on JOB D who is dependent , who can run parallel 3 yes/ no

I followed the next steps in my own subscription: Create a web app set the identity in on, copy the identity id create a keyvault enable access policies because RBAC are set as default (you need to be user access admin or owner) go to add a new access policy select the permissions set the app identity id by pasting the identity id in the search box click on review and create and that's all

I saw this question in the lab along with other 7 questions