Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Microsoft Exam AZ-500 Topic 6 Question 72 Discussion

Actual exam question for Microsoft's AZ-500 exam
Question #: 72
Topic #: 6
[All AZ-500 Questions]

Lab Task

Task 4

You need to ensure that when administrators deploy resources by using an Azure Resource Manager template, the deployment can access secrets in an Azure key vault named KV31330471.

Show Suggested Answer Hide Answer
Suggested Answer: A

Grant permission to the application that is used to deploy the resources to access the secrets in the key vault. You can use the Azure portal, Azure PowerShell, or the Azure CLI to do this. You need to assign theKey Vault Secrets Userrole to the application at the scope of the key vault or individual secrets.

Enable template deployment for the key vault. You can use the Azure portal, Azure PowerShell, or the Azure CLI to do this. You need to set theenabledForTemplateDeploymentproperty of the key vault to true.

Reference the secrets in the template by using their resource ID. You can use the listSecrets function to get the resource ID of a secret in the key vault. You need to specify the name of the key vault and the name of the secret as parameters.

Deploy the template by using Azure PowerShell, Azure CLI, or REST API. You can use the New-AzResourceGroupDeployment cmdlet, the az deployment group create command, or the Deployments - Create Or Update REST API to do this. You need to provide the template file or URI and any required parameters.


Contribute your Thoughts:

Brittni
2 months ago
This should be a piece of cake. As long as I don't accidentally lock myself out of the key vault, I'm good to go!
upvoted 0 times
...
Elvera
2 months ago
Haha, KV31330471? Sounds like someone had a little too much fun naming that key vault. Gotta love the Azure team's sense of humor.
upvoted 0 times
Chun
25 days ago
Haha, yeah, the Azure team must have had a good laugh coming up with that name. It definitely stands out!
upvoted 0 times
...
Rebeca
1 months ago
I wonder if there's a story behind the name KV31330471. Maybe it's a secret code or something.
upvoted 0 times
...
Elin
1 months ago
Yeah, that key vault name is definitely a mouthful. But hey, at least it's unique!
upvoted 0 times
...
...
Joni
2 months ago
Wait, do I need to create a new key vault or just use the one named KV31330471? I better double-check the instructions.
upvoted 0 times
...
Samira
2 months ago
Ugh, another key vault integration task? At least it's not as tricky as that last one with the managed identities.
upvoted 0 times
Lavina
1 months ago
Let's just follow the steps provided and get it done.
upvoted 0 times
...
Marti
2 months ago
Yeah, but at least this one seems more straightforward than the last task.
upvoted 0 times
...
Emilio
2 months ago
I know, key vault integrations can be a pain sometimes.
upvoted 0 times
...
...
Lewis
2 months ago
I believe we need to grant the necessary permissions to the deployment identity in Azure AD and then reference the key vault in the ARM template.
upvoted 0 times
...
Noah
2 months ago
Do you have any idea on how to ensure the deployment can access secrets in the key vault?
upvoted 0 times
...
Lewis
3 months ago
I agree, accessing secrets in Azure key vault can be tricky.
upvoted 0 times
...
Noah
3 months ago
I think this lab task is challenging.
upvoted 0 times
...
Gene
3 months ago
Looks straightforward, just need to configure the key vault access policy and link it to the ARM template. No sweat!
upvoted 0 times
Francesco
2 months ago
Then link it to the ARM template. Easy peasy!
upvoted 0 times
...
Lorenza
3 months ago
Configure the key vault access policy first.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77