Question 249 of 296 from exam AZ-400: Designing and Implementing Microsoft DevOps Solutions

Question 249 of 296 from exam AZ-400: Designing and Implementing Microsoft DevOps Solutions

Question

DRAG DROP -

Your company has a project in Azure DevOps.

You plan to create a release pipeline that will deploy resources by using Azure Resource Manager templates. The templates will reference secrets stored in Azure

Key Vault.

You need to recommend a solution for accessing the secrets stored in the key vault during deployments. The solution must use the principle of least privilege.

What should you include in the recommendation? To answer, drag the appropriate configurations to the correct targets. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Select and Place:

Explanations

Box 1: An Azure Key Vault access policy

Box 2: RBAC -

Management plane access control uses RBAC.

The management plane consists of operations that affect the key vault itself, such as:

-> Creating or deleting a key vault.

-> Getting a list of vaults in a subscription.

-> Retrieving Key Vault properties (such as SKU and tags).

-> Setting Key Vault access policies that control user and application access to keys and secrets.

https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-tutorial-use-key-vault