Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.

Exam AZ-104 topic 2 question 2 discussion

Actual exam question from Microsoft's AZ-104
Question #: 2
Topic #: 2
[All AZ-104 Questions]

You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com and an Azure Kubernetes Service (AKS) cluster named AKS1.
An administrator reports that she is unable to grant access to AKS1 to the users in contoso.com.
You need to ensure that access to AKS1 can be granted to the contoso.com users.
What should you do first?

  • A. From contoso.com, modify the Organization relationships settings.
  • B. From contoso.com, create an OAuth 2.0 authorization endpoint.
  • C. Recreate AKS1.
  • D. From AKS1, create a namespace.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
Reference:
https://kubernetes.io/docs/reference/access-authn-authz/authentication/

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
AlleyC
Highly Voted 1 year, 10 months ago
Selected Answer: B
Answer is correct B Cluster administrators can configure Kubernetes role-based access control (Kubernetes RBAC) based on a user's identity or directory group membership. Azure AD authentication is provided to AKS clusters with OpenID Connect. OpenID Connect is an identity layer built on top of the OAuth 2.0 protocol https://docs.microsoft.com/en-us/azure/aks/managed-aad
upvoted 65 times
tweedo
1 year, 8 months ago
This seems to be a correct answer in scope of listed answers, but please mind that AKS now supports direct integration with AAD, the method using OAuth 2.0 is considered legacy: https://docs.microsoft.com/en-us/azure/aks/azure-ad-integration-cli
upvoted 28 times
...
jackdryan
1 year, 1 month ago
B is correct
upvoted 2 times
...
...
TDsysadmin
Highly Voted 1 year, 6 months ago
In 20/08/2022 exam
upvoted 13 times
...
Iron_Man_111
Most Recent 1 week, 4 days ago
Still confuse between A and B. Can someone provide more reasons to go for A or B whatever you feel the correct answer ?
upvoted 1 times
...
tashakori
2 weeks ago
B is right
upvoted 1 times
...
18c2076
2 weeks, 2 days ago
as of late 2023 / early 2024 Azure Kubernetes Service is NO LONGER part of the exam. This question is defunct. Please review the MS provided documentation regarding the AZ104 exam: https://learn.microsoft.com/en-us/credentials/certifications/resources/study-guides/az-104
upvoted 3 times
...
mojo86
2 weeks, 2 days ago
Creating an OAuth 2.0 authorization endpoint is not directly related to granting access to the AKS cluster for users in the contoso.com Azure AD tenant. In the context of Azure AD integration with AKS, the OAuth 2.0 authorization endpoint is typically used for applications to authenticate and obtain access tokens to access Azure resources, including AKS clusters, on behalf of a user. This is more relevant for application developers who are building applications that need to interact with AKS or other Azure services. For your scenario, where you want to grant access to the AKS cluster to users in the contoso.com Azure AD tenant, you should focus on registering the AKS cluster with Azure AD and then assigning the appropriate permissions to the users or groups in the Azure AD tenant.
upvoted 1 times
mojo86
2 weeks, 2 days ago
Therefore the answer is A
upvoted 1 times
...
...
Saimons
1 month, 3 weeks ago
AKS should no longer be part of the exam
upvoted 1 times
...
Wojer
2 months, 2 weeks ago
now you can upgrade kubernetus configuration to "Azure AD and Kubernetus RBAC" or "Azure AD and Azure RBAC" in a "Cluster Configuration" tab
upvoted 1 times
...
jay223
4 months, 2 weeks ago
Selected Answer: B
Answer B is correct
upvoted 1 times
...
JonHanes
5 months, 4 weeks ago
This one had me confused between B and C, asking the Bing AI resulted in the following: The question does leave out some important details that would help determine the most appropriate answer. For instance, it doesn’t specify whether Azure RBAC is enabled on the AKS cluster. If Azure RBAC is not enabled, then the cluster would need to be recreated with Azure RBAC enabled (Option C). However, if Azure RBAC is already enabled and the cluster is integrated with Azure AD, then creating an OAuth 2.0 authorization endpoint could be a valid first step (Option B). The question also doesn’t specify whether the users are part of the same Azure AD tenant as the AKS cluster or if they are external users. If they are external users, additional steps might be needed to grant them access to the AKS cluster.
upvoted 2 times
...
AMEHAR
7 months, 1 week ago
Selected Answer: B
B is correct
upvoted 1 times
...
Misty39
7 months, 2 weeks ago
Selected Answer: A
but the question states, what is THE FIRST THING U DO?
upvoted 1 times
...
kamalpur
8 months, 1 week ago
This question is explained below https://youtu.be/RHa5E__7rYQ
upvoted 1 times
ShaileeP
7 months, 1 week ago
You are a bot! You put the same link in all questions. Please stop promoting your channel
upvoted 10 times
...
...
dhivyamohanbabu
9 months, 1 week ago
Correct Answer: b
upvoted 2 times
...
dhivyamohanbabu
9 months, 1 week ago
Correct answer B
upvoted 2 times
...
chihota
9 months, 1 week ago
Answer is A
upvoted 2 times
...
Angurajesh
9 months, 4 weeks ago
A. From contoso.com, modify the Organization relationships settings. By modifying the Organization relationships settings in the contoso.com Azure AD tenant, you can establish the necessary trust relationship between the tenant and AKS1. This enables users in contoso.com to authenticate and access AKS1. Once you have modified the Organization relationships settings, the administrator will be able to grant access to AKS1 to the users in contoso.com by assigning appropriate roles or permissions within AKS1.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...