Edit Questions and Answers in Azure QnA Resource
Question
You have a chatbot application that uses Azure QnA resource to answer questions in multiple languages.
Given the global presence, you would want users from all regions to participate in improving the questions and answers in your knowledge database.
This brings up the requirement to grant access to all users, for them to edit questions and answers.
Since you control access through RBAC, which role would you choose per the requirement while maintaining minimum privileges for the task.
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D. E.Correct Answer: C.
Option A is incorrect because the owner has access to all functionalities.
This would bring up security concerns.
Option B is incorrect because the contributor gets access to all functionalities, except the ability to add new members to the roles.
This is a powerful role and should be avoided to grant to all users.
Option C is correct because QnA Maker Editor role provides access to following KB functionalities for your QnA resource:
Export/Download.
Test.
Update KB.
Export KB.
Import KB.
Replace KB.
Create KB.
You can grant this role to all users for them to contribute to the change required for better user experience.
Option D is incorrect because Cognitive Service User additionally provides access to publish the resource.
However,you would want to follow the review and approval process before publishing the QnA resource.
Option E is incorrect because QnA Maker Read role only grants access to export, download and test the knowledge base.
Reference:
To learn more about Azure RBAC for QnA resources, use the link given below:
When it comes to granting access to users for editing the QnA knowledge base, the role of choice should be the one that provides the minimum privileges required for the task. This ensures that users have access to only the resources they need to perform their tasks, minimizing the risk of unauthorized access or misuse of resources.
Out of the given options, the role that best fits this requirement is the QnA Maker Editor role (Option C). This role provides users with the ability to edit the QnA knowledge base and manage its contents, including adding, deleting, and updating questions and answers. The role is specific to the QnA Maker resource and is designed to provide the minimum privileges required for content editing.
The Owner role (Option A) provides full access to all resources in the Azure subscription, including QnA Maker. This role is not recommended for granting access to users who only need to edit the QnA knowledge base as it provides more privileges than necessary.
The Contributor role (Option B) allows users to manage resources within a specific scope, such as a resource group or a subscription. However, it is not specific to QnA Maker, and granting this role to users may give them more privileges than required for content editing.
The Cognitive Service User role (Option D) provides access to Azure Cognitive Services, including QnA Maker, but it only allows users to use the service and not edit its contents.
The QnA Maker Read role (Option E) allows users to view the contents of the QnA knowledge base but does not provide editing privileges.
In summary, the QnA Maker Editor role provides the minimum privileges required for users to edit the QnA knowledge base while ensuring that they have access only to the resources they need to perform their tasks.
