You have an Azure subscription.
You configure the subscription to use a different Azure Active Directory (Azure AD) tenant.
What are two possible effects of the change? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
Click on the arrows to vote for the correct answer
A. B. C. D.AB
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-how-subscriptions-associated-directoryWhen you change the Azure Active Directory (Azure AD) tenant associated with an Azure subscription, there are a few possible effects depending on the resources in the subscription. Let's go through each option:
A. Role assignments at the subscription level are lost. Changing the Azure AD tenant associated with a subscription can cause role assignments at the subscription level to be lost. This is because Azure AD is the identity and access management (IAM) system used by Azure, and roles are assigned based on Azure AD user and group identities. If the new Azure AD tenant does not have the same users and groups as the previous tenant, role assignments at the subscription level will need to be reconfigured.
B. Virtual machine managed identities are lost. Managed identities for Azure resources are used to authenticate to Azure services without requiring credentials to be stored in code or configuration files. If you change the Azure AD tenant associated with a subscription, virtual machine managed identities could be lost. This is because managed identities are created using Azure AD and are tied to the Azure AD tenant associated with the subscription. If the new Azure AD tenant does not have the same users and groups as the previous tenant, virtual machine managed identities will need to be recreated.
C. Virtual machine disk snapshots are lost. Changing the Azure AD tenant associated with a subscription should not affect virtual machine disk snapshots. Virtual machine disk snapshots are stored in Azure Storage, which is not directly tied to Azure AD. However, it is possible that there could be issues with accessing the snapshots if the Azure AD user or group identities used to access the storage account are not present in the new Azure AD tenant.
D. Existing Azure resources are deleted. Changing the Azure AD tenant associated with a subscription should not cause existing Azure resources to be deleted. Azure resources are tied to the subscription and not directly to the Azure AD tenant. However, if the new Azure AD tenant does not have the same users and groups as the previous tenant, access to existing resources may need to be reconfigured.
So, the correct answers are A and B.