You have an Azure subscription that contains a user-assigned managed identity named Managed1 in the East US Azure region. The subscription contains the resources shown in the following table.
Which resources can use Managed1 as their identity?
Answer D is correct I think. see link
"In short, yes you can use user assigned managed identities in more than one Azure region. The longer answer is that while user assigned managed identities are created as regional resources the associated service principal (SP) created in Microsoft Entra ID is available globally"
https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/managed-identities-faq
Storage accounts can't use Managed Identities (https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/managed-identities-status). Correct answer is C
after checking Microsoft co-pilot, it said Managed identities in Azure allow resources like virtual machines, web apps, and function apps to authenticate to other Azure services, including storage accounts, without needing to manage credentials.
C is correct
https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/managed-identities-status
https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/managed-identities-faq
Dude, that second link says that "In short, yes you can use user assigned managed identities in more than one Azure region"
So that means 'D' is correct.
A is the answer
-Storage accounts do not use managed identities directly. Managed identities will be used by -applications or services to access storage securely.
- Despite any managed identity residing in Entra Id and being globally available, user assigned managed identity can only be used in the region it was created in and can be shared amongst multiple resources. So VM1 cannot be used by the user created managed identity in East US.
-Azure app service in East can leverage the user-assigned managed identity.
Copliot:
You have an Azure subscription that contains a user-assigned managed identity named Managed1 in the East US Azure region. The subscription contains the resources shown in the following table.
Name Type Location
vm1 virtual machine west us
storage1 storage account east us
webapp1 azure app service app east us
Which resources can use Managed1 as their identity?
A. WebApp1 only
B. storage1 and WebApp1 only
C. VM1 and WebApp1 only
D. VM1, storage1, and WebApp1
Given that Managed1 is in the East US region, only resources in the same region can use it. Therefore, the correct answer is:
B. storage1 and WebApp1 only
If you have any more questions or need further clarification, feel free to ask!
A storage account is not an actor, that is, it doesn't initiate any connection to another cloud service. Rather it is passive and allows access from other services. The storage account would have a RBAC role allowing other managed identities to accces it, but there is no need for a storage account to have its own managed identity.
Read it again: "You must have a user-assigned managed identity already configured and associated with your search service, and the identity must have a role-assignment on Azure Storage." Storage needs to add the managed identity into an RBAC role, it doesn't need the identity itself.
This is from ChatGPT.
To determine which resources can use the Managed1 user-assigned managed identity, we need to consider that a user-assigned managed identity can only be assigned to resources in the same Azure region where it was created.
Managed1 is in the East US region, so it can only be assigned to resources that are also in the East US region.
Looking at the table:
VM1 is in the West US region, so it cannot use Managed1.
storage1 is in the East US region, so it can use Managed1.
WebApp1 is in the East US region, so it can use Managed1.
Therefore, the correct answer is:
B. storage1 and WebApp1 only.
Storage accounts can't use Managed Identities (https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/managed-identities-status)
The question is tricky and not about Region or Subscription but that services included in the scenario
B is correct Answer: The resources that can use Managed1 are those also in the East US region. Therefore, storage1 and WebApp1 in East US can use Managed1 as their identity
D is the answer, user assigned managed identity can be used in other regions: https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/managed-identities-faq
D. VM1, storage1, and WebApp1
Copilot says: User-assigned managed identities can be used by multiple resources in Azure, and they are not restricted to a specific region. Therefore, **Managed1** can be used by **VM1**, **Storage1**, and **WebApp1** as their identity, regardless of the region they are in. The correct answer is: D. VM1, storage1, and WebApp1
How the hell are people supposed to get this question right in an proctored semi closed book exam, if us here, with access to Internet/Google/ChatGPT/CoPilot, can't even find the right answer :-D
Yes, Azure Storage accounts can use managed identities. Managed identities for Azure resources provide an automatically managed identity for applications and Azure resources to use when connecting to resources that support Azure Active Directory (Azure AD) authentication.
https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/overview see the video starting from M 10 storage account also can.
Explain how to add a user assigned managed identity:
https://microsoftlearning.github.io/Secure-storage-for-Azure-Files-and-Azure-Blob-Storage/Instructions/Labs/LAB_04_storage_web_app.html
Answer D is correct I think. see link
"In short, yes you can use user assigned managed identities in more than one Azure region. The longer answer is that while user assigned managed identities are created as regional resources the associated service principal (SP) created in Microsoft Entra ID is available globally"
https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/managed-identities-faq
So, the resources that can use Managed1 as their identity are:
VM1
WebApp1 (Azure App Service app)
note :
1- the Storage account dont have managed identity
2- managed identity assigned to all region
Therefore, the correct answer is B. storage1 and WebApp1 only.
This section is not available anymore. Please use the main Exam Page.SC-300 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
wheeldj
Highly Voted 1 year agoAleFerrillo
11 months, 4 weeks agohml_2024
7 months, 2 weeks agoAlcpt
11 months agoNICKTON81
Highly Voted 1 year agoPanama469
9 months, 3 weeks agoAcTiVeGrEnAdE
Most Recent 1 day, 22 hours agobardock100
2 months ago_marc
2 months, 2 weeks agoOskarma
3 months, 1 week agotest123123
3 months, 3 weeks ago_marc
2 months, 2 weeks agoc3e0fc1
4 months, 3 weeks agohml_2024
8 months agoTony416
7 months, 4 weeks agojarattdavis
9 months, 3 weeks agojim85
10 months, 2 weeks agoNotanAdmin
11 months, 2 weeks agobpaccount
1 year agoNotanAdmin
11 months, 2 weeks agoklayytech
1 year agospatrick
1 year agowheeldj
1 year agoklayytech
1 year ago