Azure RBAS and Entra ID Roles Flashcards
What capabilities has a ‘Owner’ role in Azure RBAC?
Grants full access to manage all resources within the scope and also assign roles to users to manage resources within the scope.
Which role allows viewing all resources without making changes?
Reader
What is the responsibility of the ‘Contributor’ role?
Full access to manage all resources except role assignments.
What can the ‘User Access Administrator’ role manage?
Ability to assign roles and set RBAC permissions but can’t make changes to resources.
Which role is specifically used to manage Azure reservations?
Reservations Administrator
What permissions does the ‘Virtual Machine Contributor’ role provide?
Manage VMs, disks, software installation, password resets; excludes network and storage management.
What does the ‘Compute Gallery Artifacts Publisher’ role do?
Publishes gallery artifacts.
Which role allows managing classic networks but not accessing them?
Classic Network Contributor
What actions are allowed by the ‘Storage Blob Data Contributor’ role?
Read, write, and delete blob containers and data.
What is the responsibility of the ‘Backup Contributor’ role?
Manage backup services without creating vaults or assigning access.
Which role can manage Traffic Manager profiles but not control access?
Traffic Manager Contributor
What permissions does the ‘Elastic SAN Owner’ role have?
Full access to Azure Elastic SAN resources and security policies.
What is the role of ‘Desktop Virtualization Workspace Contributor’?
Manage the Desktop Virtualization Workspace.
What actions does ‘Azure Front Door Profile Reader’ role allow?
View profiles and endpoints without making changes.
Which role can create, modify, and delete media accounts in Azure?
Media Services Account Administrator
What permissions does the ‘DNS Zone Contributor’ role allow?
Manage DNS zones and records without controlling access.
What is the responsibility of the ‘SignalR App Server’ role?
Allows app server access to SignalR Service with AAD auth options.
Which role provides permissions to manage storage accounts?
Storage Account Contributor
What does the ‘Classic Storage Account Key Operator Service’ role allow?
List and regenerate keys for Classic Storage Accounts.