You are designing the security for an Azure SQL database.
You have an Azure Active Directory (Azure AD) group named Group1.
You need to recommend a solution to provide Group1 with read access to the database only.
What should you include in the recommendation?
A contained database user allows Azure Active Directory (Azure AD) identities, such as group memberships, to be associated directly with the database. This method leverages Azure AD for authentication while granting permissions at the database level, ensuring that Group1 has the appropriate read access as required. Contained database users improve portability and manageability by not requiring server-level logins or permissions, aligning perfectly with the need to give read-only access to Group1.
https://docs.microsoft.com/en-us/sql/relational-databases/security/contained-database-users-making-your-database-portable?view=sql-server-ver15: "Use contained database users to authenticate SQL Server and SQL Database connections at the database level" A is correct
Should be C since we already have an Azure AD group.
You cannot grant access to database access using RBAC, it must be on the database level, so the correct answer is "contained user access".
This is correct... Please see below: https://docs.microsoft.com/en-us/azure/azure-sql/database/authentication-aad-overview Statement: "Azure AD authentication uses contained database users to authenticate identities at the database level."
This is correct... Please see below: https://docs.microsoft.com/en-us/azure/azure-sql/database/authentication-aad-overview Statement: "Azure AD authentication uses contained database users to authenticate identities at the database level."
indeed contained db user needed