You are the architect of the ACME banking group. You have been tasked to manage role-based access control (RBAC) within the ACME.com Azure tenant. Within the ACME.com tenant, there are two subscriptions: one for production labeled ?Prod_US? and one non-prod labeled ?Sandbox?. ACME has the following requirements:
Requirement 1: You need to assign RBAC access to a third party so that they have to view the resources within the production subscription only.
Requirement 2: You need to assign RBAC access internally to the Azure team so that they are only allowed to manage backups but not remove any backups on both subscriptions.
Requirement 3: You need to assign RBAC access to the Dev manager so that he can manage user access to resources.
Requirement 4: You need to assign RBAC access to the lead Azure engineer to ensure he has the correct permissions to test failover operations quarterly.
What RBAC role should you assign for requirement 2?
The Backup Operator role for both subscriptions is correct. The Backup operator role allows you to manage backup services except for the removal of backups, vault creation, and giving access to others. The Backup Contributor role is incorrect as this role lets you manage the backup service including the removal of backups.