Microsoft Exam SC-300 Topic 2 Question 116 Discussion

Actual exam question for Microsoft's SC-300 exam

Question #: 116
Topic #: 2

You have an Azure subscription named Sub1 that contains a resource group named RG1. RG1 contains an Azure Cosmos DB database named DB1 and an Azure Kubernetes Service (AKS) cluster named AKS1. AKS1 uses a managed identity.

You need to ensure that AKS1 can access DB1. The solution must meet the following requirements:

* Ensure that AKS1 uses the managed identity to access DB1.

* Follow the principle of least privilege.

Which role should you assign to the managed identity of AKS1.

AFor R61, assign the Azure Cosmos DB Data Reader Role role.

BFor Sub1. assign the Owner role.

CFor RG1, assign the Reader role.

DFor DB1, assign the Azure Cosmos DB Account Reader Role role.

Show Suggested Answer

Suggested Answer: A

by Estrella at Jul 07, 2025, 10:00 AM

Limited Time Offer

25%

Off

Get Premium SC-300 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Mabel

17 hours ago

Option A seems the most logical choice. Assigning the Azure Cosmos DB Data Reader Role to the managed identity of AKS1 would allow it to access the DB1 database while following the principle of least privilege.

upvoted 0 times

...