Your company has an Azure Stack integrated system that utilizes an Azure AD domain titled fabrikam.com as the identity provider.
The system is having a tenant subscription containing a number of resources.
In fabrikam.com, you add a new user as UserA.
User A complains that when he signs in to the user portal, it displays no resources.
To make the UserA see the resources on the user portal, you decide to assign the "Reader" role to UserA.
Will it resolve the issue?
Click on the arrows to vote for the correct answer
A. B.Correct Answer: A
With the Reader role, a user can see everything, but can't modify anything.
Assigning the reader role will make the userA in the given scenario see resources in a tenant subscription.
Reference:
To know more about Setting Access Permissions using RBAC, please visit the below-given link:
The decision to assign the "Reader" role to UserA to resolve the issue depends on several factors, including the role assignments in the subscription and the scope of the resources.
When a user signs in to the Azure Stack user portal, they can only view the resources that they have access to based on their role assignments. The "Reader" role grants read-only access to resources within a subscription, meaning that the user can view, but not modify, the resources.
If UserA has not been assigned any roles in the subscription, they will not see any resources on the user portal, even if resources exist. Assigning the "Reader" role to UserA will enable them to view the resources within the subscription, provided the resources have not been restricted to a more restrictive scope.
If UserA has already been assigned a role in the subscription, such as "Contributor" or "Owner", then assigning the "Reader" role may not resolve the issue, as it will only grant read-only access to the resources.
In summary, if UserA has not been assigned any roles in the subscription, assigning the "Reader" role should resolve the issue of them not seeing any resources on the user portal. However, if UserA already has a more permissive role assignment, then assigning the "Reader" role may not be sufficient to resolve the issue.