Home / Microsoft / AZ-301 / Question 31

Prev Question
Next Question

Question 31

You have an Azure subscription that contains a resource group named RG1.

You create an Azure Active Directory (Azure AD) group named ResearchUsers that contains the user accounts of all researchers.

You need to recommend a solution that meets the following requirements:

The researchers must be allowed to create Azure virtual machines.

The researchers must only be able to create Azure virtual machines by using specific Azure Resource Manager templates.

Solution: On RG1, assign a custom role-based access control (RBAC) role to the ResearchUsers group.

Does this meet the goal?



Explanation (click to expand)

Instead: On RG1, assign the Contributor role to the ResearchUsers group. Create a custom Azure Policy definition and assign the policy to RG1.

Prev Question
Next Question

Load more