You are a data engineer at your company and you are assigned to several ML projects.
You need to be able to create and run ML experiments, create and delete computes in several workspaces, Which default role should you be assigned to?
Click on the arrows to vote for the correct answer
A. B. C. D.Answer: C.
Option A is incorrect because Azure ML workspace comes with three default roles: Owner, Contributor, Reader.
Data-engineer is not one of them.
A role like this can be created as a custom role, but if you need a default role, the Contributor should be used.
Option B is incorrect because the Reader is one of the three default roles which are created while a workspace is created.
As its name suggests, it only provides read privileges to workspace objects, i.e.
it isn't sufficient for data scientists who want to create and run experiments.
Option C is CORRECT because in order to be able to manage ML experiments end-to-end, you need the Contributor role.
This provides you with the ability to create experiments, attach computes, run experiments and deploy web services, without granting unnecessary privileges.
Option D is incorrect because the Owner role grants full access to the workspace, which, in a large organization, should be limited to certain users, not to be exposed for those who only need user-level privileges.
Reference:
As a data engineer, you need to be able to create and run machine learning experiments, create and delete compute resources in multiple workspaces. For this, you need access to the appropriate permissions and roles within the Azure environment.
The four roles mentioned in the question are:
A. Data-engineer B. Reader C. Contributor D. Owner
The default role that would give the data engineer the appropriate permissions is the Contributor role. The Contributor role allows the data engineer to create and manage all resources, except for the access control itself.
The Contributor role can be granted at the subscription level, resource group level, or individual resource level. It allows the data engineer to perform actions such as creating virtual machines, deploying services, and managing access control.
The Data-engineer role is not a default role in Azure, but a custom role that can be created. This role is designed specifically for data engineers and provides permissions to perform data engineering tasks, such as creating and managing data pipelines and databases.
The Reader role is a read-only role and does not have the permissions required to create or delete compute resources.
The Owner role is the highest level of access and grants full control over all resources in the subscription, including the ability to manage access control. This role is typically reserved for the owner of the subscription or a highly trusted administrator.
Therefore, the best option for a data engineer who needs to create and manage compute resources in multiple workspaces is the Contributor role.