Designing and Implementing Microsoft DevOps Solutions — Question 72
You have an Azure Pipelines pipeline named Pipeline1 and a user named User1. Pipeline1 contains a temporary final stage named final1.
You need to ensure that User1 can delete final1 when testing is complete. The solution must follow the principle of least privilege.
At which level should you grant permissions to User1?
Answer options
- A. pipeline
- B. organization
- C. stage
- D. project
Correct answer: A
Explanation
Granting permissions at the pipeline level allows User1 to specifically manage final1 without giving broader access that might come from higher levels like organization or project. If permissions are set at the organization or project level, User1 would have more access than necessary, violating the least privilege principle. Setting permissions at the stage level would not provide the required access to delete the final stage.