HOTSPOT -
You have an Azure subscription that contains the resources shown in the following table.
The subscription contains the virtual machines shown in the following table.
Which identities can be assigned the Owner role for RG1, and to which virtual machines can you assign Managed2? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Box 1 Managed1,Managed2,VM1,VM2 and VM3 only Box 2 VM1,VM2,VM3 and VM4
Can you explain how you arrived at this?
guessing vaaws logic is: Box 1: any identity (not vm4) box 2: any vm in any region while the answer given by ET seems to be: box 1: only identities in eastUS, where the RG lives box 2: only VMs in westus where Managed2 lives
Identities are not related to region and a VM can have both a User and System assigned managed Identity.
guessing vaaws logic is: Box 1: any identity (not vm4) box 2: any vm in any region while the answer given by ET seems to be: box 1: only identities in eastUS, where the RG lives box 2: only VMs in westus where Managed2 lives
Identities are not related to region and a VM can have both a User and System assigned managed Identity.
i agree with u in box 1, but if all vms except vm4 have ids assigned only vm4 must be valid (box 2)
the question's wording is really poor
i correct myself, because it's the dumbest question i've ever seen here goshh; the first must be just the two defined managed ids
i correct myself, because it's the dumbest question i've ever seen here goshh; the first must be just the two defined managed ids
the question's wording is really poor
i correct myself, because it's the dumbest question i've ever seen here goshh; the first must be just the two defined managed ids
i correct myself, because it's the dumbest question i've ever seen here goshh; the first must be just the two defined managed ids
In the Question #40 - Topic 2 (https://www.examtopics.com/discussions/microsoft/view/95539-exam-sc-300-topic-2-question-40-discussion/) it is stated that you cannot assign a role to a virtual machine, so: Box 1: Managed1 only Box 2: VM1, VM2, VM3, and VM4
In a lab setup, you can assign owner Permissions to an RG from M1/M2/Vm1/Vm2 You do not see Vm3 because M1 is already assigned and does not appear twice in the drop down list. You can assign one or more user managed IDs to a VM across regions. So Vm1/2/3/4.
I Agree Er_01. 1. The two MI and the two VMs with system-assigned MIs 2. All the VMs, as they can have more than one MI.
I Agree Er_01. 1. The two MI and the two VMs with system-assigned MIs 2. All the VMs, as they can have more than one MI.
Come now guys, instead of guessing, for block 1: deploy 2 vms in 2 rgs, in 2 different regions and then enable their SAMI's and try link as owners to a single rg. You will find that you can link the SAMI's from the 2 different regions to the same rg as owners. Hence VM1 & VM2 are correct. VM3 is using the functional UAMI1, so that will work. Only vm4 wont work as it has not UAMI nor SAMI identity. Hence , UAMI1, UAMI2, VM1 & VM2 & VM3 (using UAMI1) will work. ONLY VM4 will not work. This is simple architect work. for block 2, UAMIs are global and are not limited by region. So everything is game. V1 - V4
Great explanation! Saved me from having to research and end up doing the same. Thank you!
Box1:Managed1, Managed2, VM1, and VM2 only I agree that VM3 shouldn't count here since its identity is actually 'Managed1' Box2: VM1, VM2, VM3, VM4 This article confirms that managed identities can be used across geos: https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/managed-identities-faq
In Box 1, your comment makes sense, but in Azure it allows you do exactly that.
Ignore my previous comment. What I tested was assigning both User and System Identity to a VM. That works. VM3 only has User assigned Identity and will not show up. So I agree with Sneekygeeks answer. VM3 would only show IF it also had System-assigned managed Identity, which it does not.
Ignore my previous comment. What I tested was assigning both User and System Identity to a VM. That works. VM3 only has User assigned Identity and will not show up. So I agree with Sneekygeeks answer. VM3 would only show IF it also had System-assigned managed Identity, which it does not.
Tested in lab. Box1 Managed1,Managed2,VM1,VM2 and VM3 only System-assigned identitys is not region restricted, User-assigned is not aswell. When you add the VM1 with a system assigned identitys on as an owner on the RG. You can see in the RG RBAC permissions that the VM is added and it is created like an enterprise application. Box2 All VMs. Since user/system isn't restricted.
Tested this with my Azure subscription. IMHO the Box1 answer should be: Managed1, Managed2, VM1, and VM2 only. My reasoning: Since VM3’s identity is Managed1 and not VM3, you will not see VM3 in the owner role list. Virtual machine itself is not an identity. System-assigned managed identity is tied to one resource, and uses the name of the resource, so in this case VM1's and VM2's manged identities are named VM1 & VM2. User-assigned managed identity can be tied to multiple resources, so you will have to name it yourself. In this case the VM3's identity is Managed1. VM4 does not have identity at all, so you will not see it in owner role list. Please test the this in your tenant or lab and correct me if I'm wrong.
Box1: Managed1, Managed2, VM1, and VM2 only VM3 uses Managed1 so we use the Identity (Managed1) instead of the resource (VM3) VM4 doesn't have an Identity Box2: all VMs You can assign (User Assigned) Managed Identities to VMs that already have System Assigned Managed Identities You can test this in a lab like I did.
Box1: Managed1, Managed2, VM1, and VM2 only Box2: VM1, VM2, VM3, VM4
This is from ChatGPT. Box 1 = Managed1 only Box 2 = VM2 and VM4
Yeah, AI is confusing sometimes. Copilot gave me the same answer, and then I asked it why can we not include VM3/East as I wanted to understand better, and it starts..... Actually, ... and then changes it's mind and say's we can.
for the question regarding assigning the Owner role for RG1 (which is in East US), only Managed1 (which is also in East US) can be considered. Managed2 cannot be assigned the Owner role for RG1 as it is in West US.Regarding which virtual machines can be assigned to Managed2, since Managed2 is located in West US, it can only be assigned to VM2 and VM4, both of which are also in West US.Therefore, the correct answers are:Identities with Owner role: Managed1 only. Virtual machines assigned to Managed2: VM2 and VM4 only.
Hmm, so I guess this will be have to be a lucky shot at the exam as nobody agrees.
1: The Owner role in Azure can be assigned to: Since all managed identities and VMs with system-assigned identities can have roles assigned to them, the correct answer is: Managed1, Managed2, VM1, VM2, and VM3 2: Managed identities can only be assigned to VMs in the same location. Managed2 is in West US. The following VMs are in West US: VM2 and VM4 only
Going with give answers. Best explanation as to why is submitted below by contributer "Alcpt" Box 1 Managed1,Managed2,VM1,VM2 and VM3 only Box 2 VM1,VM2,VM3 and VM4