Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft AZ-500 Exam - Topic 6 Question 72 Discussion

Actual exam question for Microsoft's AZ-500 exam
Question #: 72
Topic #: 6
[All AZ-500 Questions]

Lab Task

Task 4

You need to ensure that when administrators deploy resources by using an Azure Resource Manager template, the deployment can access secrets in an Azure key vault named KV31330471.

Show Suggested Answer Hide Answer
Suggested Answer: A

Grant permission to the application that is used to deploy the resources to access the secrets in the key vault. You can use the Azure portal, Azure PowerShell, or the Azure CLI to do this. You need to assign theKey Vault Secrets Userrole to the application at the scope of the key vault or individual secrets.

Enable template deployment for the key vault. You can use the Azure portal, Azure PowerShell, or the Azure CLI to do this. You need to set theenabledForTemplateDeploymentproperty of the key vault to true.

Reference the secrets in the template by using their resource ID. You can use the listSecrets function to get the resource ID of a secret in the key vault. You need to specify the name of the key vault and the name of the secret as parameters.

Deploy the template by using Azure PowerShell, Azure CLI, or REST API. You can use the New-AzResourceGroupDeployment cmdlet, the az deployment group create command, or the Deployments - Create Or Update REST API to do this. You need to provide the template file or URI and any required parameters.


by Davida at Sep 14, 2024, 01:41 PM

Limited Time Offer

25%

Off

Get Premium AZ-500 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Tu
4 months ago
I thought key vault access was more complicated than that.
upvoted 0 times
...
Levi
4 months ago
Make sure to use the right permissions for the service principal!
upvoted 0 times
...
Glory
4 months ago
Wait, can you really access secrets directly from ARM templates?
upvoted 0 times
...
Narcisa
4 months ago
Totally agree, it's essential for security!
upvoted 0 times
...
Fidelia
5 months ago
You need to set up access policies for the key vault.
upvoted 0 times
...
Annamae
5 months ago
I'm a bit confused about whether we need to use a managed identity or a service principal for the deployment. I feel like we covered both options.
upvoted 0 times
...
Kenia
5 months ago
This reminds me of a practice question where we had to configure a template to pull secrets from a key vault. I hope I can apply that knowledge here.
upvoted 0 times
...
Taryn
5 months ago
I think we need to set up the access policies for the key vault, but I can't recall if it was under the "Access Policies" or "Networking" section.
upvoted 0 times
...
Jacquline
5 months ago
I remember we practiced something similar about accessing key vaults in our last session, but I'm not entirely sure about the exact permissions needed.
upvoted 0 times
...
Doug
5 months ago
This looks straightforward enough. I'll just need to double-check that I've got the key vault name and permissions set up correctly.
upvoted 0 times
...
Dawne
5 months ago
No problem, I've done something like this before. I'll start by adding the key vault reference to the ARM template and then configure the access policies.
upvoted 0 times
...
Paris
5 months ago
I'm a bit confused on how to grant the deployment access to the key vault secrets. I'll need to review the documentation on that.
upvoted 0 times
...
Miesha
5 months ago
Okay, I think I know how to approach this. I just need to make sure I have the right permissions set up in the key vault.
upvoted 0 times
...
Margarett
6 months ago
Hmm, this seems like a tricky one. I'll need to think through the steps carefully to make sure I don't miss anything.
upvoted 0 times
...
Malcolm
6 months ago
Okay, I've got this. A well-designed ICQ should be able to identify the strengths and weaknesses of the internal control system, and it should include more than just simple yes or no answers. So the answer must be D.
upvoted 0 times
...
Brittni
1 year ago
This should be a piece of cake. As long as I don't accidentally lock myself out of the key vault, I'm good to go!
upvoted 0 times
...
Elvera
1 year ago
Haha, KV31330471? Sounds like someone had a little too much fun naming that key vault. Gotta love the Azure team's sense of humor.
upvoted 0 times
Chun
1 year ago
Haha, yeah, the Azure team must have had a good laugh coming up with that name. It definitely stands out!
upvoted 0 times
...
Rebeca
1 year ago
I wonder if there's a story behind the name KV31330471. Maybe it's a secret code or something.
upvoted 0 times
...
Elin
1 year ago
Yeah, that key vault name is definitely a mouthful. But hey, at least it's unique!
upvoted 0 times
...
...
Joni
1 year ago
Wait, do I need to create a new key vault or just use the one named KV31330471? I better double-check the instructions.
upvoted 0 times
...
Samira
1 year ago
Ugh, another key vault integration task? At least it's not as tricky as that last one with the managed identities.
upvoted 0 times
Lavina
1 year ago
Let's just follow the steps provided and get it done.
upvoted 0 times
...
Marti
1 year ago
Yeah, but at least this one seems more straightforward than the last task.
upvoted 0 times
...
Emilio
1 year ago
I know, key vault integrations can be a pain sometimes.
upvoted 0 times
...
...
Lewis
1 year ago
I believe we need to grant the necessary permissions to the deployment identity in Azure AD and then reference the key vault in the ARM template.
upvoted 0 times
...
Noah
1 year ago
Do you have any idea on how to ensure the deployment can access secrets in the key vault?
upvoted 0 times
...
Lewis
2 years ago
I agree, accessing secrets in Azure key vault can be tricky.
upvoted 0 times
...
Noah
2 years ago
I think this lab task is challenging.
upvoted 0 times
...
Gene
2 years ago
Looks straightforward, just need to configure the key vault access policy and link it to the ARM template. No sweat!
upvoted 0 times
Francesco
1 year ago
Then link it to the ARM template. Easy peasy!
upvoted 0 times
...
Lorenza
2 years ago
Configure the key vault access policy first.
upvoted 0 times
...
...

Save Cancel