You create the following Azure role definition. {
"Name": "Role1",
"Id": "80808080-8080-8080-8080-808080808080",
IsCustom : false,
"Description": "",
"Actions" : [
"Microsoft.Storage/*/read",
"Microsoft.Network/*/read",
"Microsoft.Compute/*/read",
"Microsoft.Compute/virtualMachines/start/action",
"Microsoft.Compute/virtualMachines/restart/action",
"Microsoft.Authorization/*/read"],
"NotActions": [],
"DataActions": [],
"NotDataActions": [],
"AssignableScopes": []
}
You need to create Role1 by using the role definition.
Which two values should you modify before you create Role1? Each correct answer presents part of solution.
NOTE: Each correct selection is worth one point.
A. IsCustom
B. DataActions
C. Id
D. AssignableScopes
E. Description
Correct Answer: AD
Explanation/Reference:
Explanation:
Part of example:
"IsCustom": true, "AssignableScopes": [
"/subscriptions/{subscriptionId1}",
"/subscriptions/{subscriptionId2}",
"/subscriptions/{subscriptionId3}"
The following shows what a custom role looks like as displayed in JSON format. This custom role can be used for monitoring and restarting virtual machines.
{
"Name": "Virtual Machine Operator", "Id": "88888888-8888-8888-8888-888888888888",
"Id": "88888888-8888-8888-8888-888888888888", "IsCustom": true,
"IsCustom": true, "Description": "Can monitor and restart virtual machines.",
"Description": "Can monitor and restart virtual machines.", "Actions": [
"Microsoft.Storage/*/read",
"Microsoft.Network/*/read",
"Microsoft.Compute/*/read",
"Microsoft.Compute/virtualMachines/start/action",
"Microsoft.Compute/virtualMachines/restart/action",
"Microsoft.Authorization/*/read",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Insights/diagnosticSettings/*",
"Microsoft.Support/*"
],
"NotActions": [], "DataActions": [],
"DataActions": [], "NotDataActions": [],
"NotDataActions": [], "AssignableScopes": [
"/subscriptions/{subscriptionId1}",
"/subscriptions/{subscriptionId2}",
"/subscriptions/{subscriptionId3}"
] }
References:
https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles