SC-300 · Question #282
SC-300 Question #282: Real Exam Question with Answer & Explanation
Sign in or unlock SC-300 to reveal the answer and full explanation for question #282. The question stem and answer options stay visible for context.
Question
You have an Azure subscription named Sub1 that contains a resource group named RG1. RG1 contains an Azure Cosmos DB database named DB1 and an Azure Kubernetes Service (AKS) cluster named AKS1. AKS1 uses a managed identity. You need to ensure that AKS1 can access DB1. The solution must meet the following requirements: - Ensure that AKS1 uses the managed identity to access DB1. - Follow the principle of least privilege. Which role should you assign to the managed identity of AKS1?
Options
- AFor Sub1, assign the Owner role.
- BFor DB1, assign the Azure Cosmos DB Account Reader Role role.
- CFor RG1, assign the Azure Cosmos DB Data Reader Role role.
- DFor RG1, assign the Reader role.
Unlock SC-300 to see the answer
You've previewed enough free SC-300 questions. Unlock SC-300 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.