Azure Virtual Machine Provisioning Solution
Question
You have an Azure subscription.
You need to recommend a solution to provide developers with the ability to provision Azure virtual machines. The solution must meet the following requirements:
-> Only allow the creation of the virtual machines in specific regions.
-> Only allow the creation of specific sizes of virtual machines.
What should you include in the recommendation?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.B
The correct answer for this scenario is D. Role-based access control (RBAC).
Role-based access control (RBAC) is an Azure feature that helps you manage who has access to Azure resources, what they can do with those resources, and what areas they can access. RBAC is used to grant permissions to users, groups, and applications at a certain scope, such as a subscription or resource group. It provides a set of built-in roles that allow for specific permissions on resources, and these roles can also be customized to meet specific needs.
To fulfill the given requirements, RBAC can be used to restrict the ability to create virtual machines to specific regions and sizes. This can be done by creating a custom role that only allows virtual machine creation in certain regions and sizes, and assigning this role to the developers who need to create the virtual machines. This ensures that developers only create virtual machines that meet the specified criteria.
Azure Resource Manager templates (option A) are used to deploy infrastructure as code, and can be used to create virtual machines with specific configurations. However, they do not provide the ability to restrict the regions or sizes in which the virtual machines can be created.
Azure Policy (option B) is used to enforce rules and compliance requirements for resources within an Azure subscription. While it can be used to enforce rules related to virtual machine creation, it does not provide the ability to restrict the regions or sizes in which the virtual machines can be created.
Conditional access policies (option C) are used to control access to cloud apps based on specific conditions, such as device compliance or location. They are not used to manage permissions for specific resources, such as virtual machines.
In summary, RBAC is the recommended solution to provide developers with the ability to provision Azure virtual machines, while meeting the specified requirements of only allowing creation in specific regions and sizes.
