ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-204 All Questions

View all questions & answers for the AZ-204 exam
Go to Exam

Exam AZ-204 topic 3 question 12 discussion

Actual exam question from Microsoft's AZ-204
Question #: 12
Topic #: 3
[All AZ-204 Questions]

DRAG DROP -
You are developing a web service that will run on Azure virtual machines that use Azure Storage. You configure all virtual machines to use managed identities.
You have the following requirements:
✑ Secret-based authentication mechanisms are not permitted for accessing an Azure Storage account.
✑ Must use only Azure Instance Metadata Service endpoints.
You need to write code to retrieve an access token to access Azure Storage. To answer, drag the appropriate code segments to the correct locations. Each code segment may be used once or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:

Show Suggested Answer Hide Answer
Suggested Answer:
Azure Instance Metadata Service endpoints "/oauth2/token"
Box 1: http://169.254.169.254/metadata/identity/oauth2/token
Sample request using the Azure Instance Metadata Service (IMDS) endpoint (recommended):
GET 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.azure.com/' HTTP/1.1 Metadata: true
Box 2: JsonConvert.DeserializeObject<Dictionary<string,string>>(payload);
Deserialized token response; returning access code.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-use-vm-token https://docs.microsoft.com/en-us/azure/service-fabric/how-to-managed-identity-service-fabric-app-code
by Santileo at April 10, 2021, 12:11 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
mlantonis
Highly Voted 3 years, 11 months ago
Box 1: http://169.254.169.254/metadata/identity/oauth2/token Sample request using the Azure Instance Metadata Service (IMDS) endpoint (recommended): GET 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.azure.com/' HTTP/1.1 Metadata: true Box 2: JsonConvert.DeserializeObject<Dictionary<string,string>>(payload); Deserialized token response; returning access code. Reference: https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-use-vm-token https://docs.microsoft.com/en-us/azure/service-fabric/how-to-managed-identity-service-fabric-app-code
upvoted 70 times
Knightie
2 years, 9 months ago
IMDS is a REST API that's available at a well-known, non-routable IP address ( 169.254.169.254 ). You can only access it from within the VM. https://docs.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service?tabs=windows
upvoted 7 times
warchoon
2 years, 2 months ago
Powerful Words And The Magic Of Abracadabra :)
upvoted 2 times
...
...
130nk3r5
1 year, 4 months ago
Got this today. Went with answer here. Score 927
upvoted 3 times
...
...
dddddd111
Highly Voted 1 year, 8 months ago
I got this same question. Provided answers are correct. (Note: I failed the exam 20/9/23. I only scored 644 and I felt bad. I think because many questions here in Examtopics are not accurate. I suggest following the most voted answers and don't just not rely on Examtopics answers. At the beginning of the exam, you will be asked which programming languages you want to use. C#/Python. I chose C#. Also, I just want to add that some questions here are really in the actual exams, but the choices are written and formatted differently. Please be aware of that. Goodluck. I feel bad for failing it, but I want to retake next month. I will try Python. T_T
upvoted 18 times
MasonZ
9 months, 1 week ago
Man I respect you for the fact that you are the only one commenting, with honest, that you failed the exam, obviously all other people (or bots) got 925 points and passed the exam. All the best and wish you passed the second attempt :D
upvoted 3 times
...
spahno
1 year, 1 month ago
Hey man, heads up! 644 is a decent score I'd say. Did you pass the test the 2nd time? :)
upvoted 1 times
...
...
Kanasan
Most Recent 1 year, 8 months ago
Correct! https://learn.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-use-vm-token
upvoted 2 times
...
mihailos
1 year, 8 months ago
Got it in exam 28/08/23. Went with proposed answer. Scored 912
upvoted 1 times
...
macobuzi
1 year, 9 months ago
Answer is correct!
upvoted 1 times
...
juanckar
1 year, 10 months ago
This was on the exam (July 2023). Went with proposed. Scored 917
upvoted 3 times
...
juanckar
1 year, 10 months ago
This was on the exam (July 2023). Went with proposed. Scored 917
upvoted 1 times
...
[Removed]
2 years, 1 month ago
Got this in exam today (5 April 2023)
upvoted 4 times
...
Esward
2 years, 3 months ago
It was there in 13 Feb 2023 exam
upvoted 6 times
...
martijn44
2 years, 7 months ago
I was taught to use $IDENTITY_ENDPOINT but indeed that always seems to refer to the 169.254.169.254 address
upvoted 1 times
...
mijkol
2 years, 11 months ago
I get confused because of the IP, I get we shouldn't go for the local one, but why is this an AIPIPA IP adress? is there a reason for that?
upvoted 2 times
...
Rini100
3 years ago
Got this on 20 Apr 2022
upvoted 2 times
...
kondapaturi
3 years, 10 months ago
BOX1 - http://169.254.169.254/metadata/identity/oauth2/token ,To get the metadata from the local service on the machine, the right URL is http://169.254.169.254/metadata/identity/oauth2/token BOX2 – JsonConvert.DeserializeObject<string,string>(payload) You can deserialize the response using the JsonConvert.DeserializeObject method. You can then get a dictionary collection and then get the access key from there.
upvoted 5 times
...
goatlord
3 years, 10 months ago
Correct
upvoted 2 times
...
UnknowMan
3 years, 12 months ago
Correct ! => https://docs.microsoft.com/fr-fr/azure/active-directory/managed-identities-azure-resources/how-to-use-vm-token
upvoted 2 times
...
glam
4 years ago
correct
upvoted 2 times
...
clarionprogrammer
4 years, 1 month ago
It is correct. https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-use-vm-token
upvoted 12 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago