Notifications
Clear all
Topic starter
09/06/2022 9:13 am
You have an Azure subscription that contains a user account named User1.
You need to ensure that User1 can assign a policy to the tenant root management group.
What should you do?
- A . Assign the Owner role to User1, and then instruct User1 to configure access management for Azure resources.
- B . Assign the Global administrator role to User1, and then instruct User1 to configure access management for Azure resources.
- C . Assign the Global administrator role to User1, and then modify the default conditional access policies.
- D . Assign the Owner role to User1, and then modify the default conditional access policies.
Suggested Answer: A
Explanation: To assign a policy to the tenant root management group you have to be an administrator of an Azure subscription. To make a user an administrator of an Azure subscription, assign them the Owner role at the subscription scope. After that assignment user can configure access management for Azure resources.
Reference:
https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal
Explanation: To assign a policy to the tenant root management group you have to be an administrator of an Azure subscription. To make a user an administrator of an Azure subscription, assign them the Owner role at the subscription scope. After that assignment user can configure access management for Azure resources.
Reference:
https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal