Designing an Azure Data Solution (legacy) — Question 11

You are designing the security for an Azure SQL database.
You have an Azure Active Directory (Azure AD) group named Group1.
You need to recommend a solution to provide Group1 with read access to the database only.
What should you include in the recommendation?

Answer options

Correct answer: A

Explanation

The correct answer is A, a contained database user, as it allows you to create a user within the database that can be granted specific permissions, such as read access. Option B, a SQL login, provides broader access that may not be restricted to read-only. Option C, an RBAC role, applies to Azure resources but not directly to database permissions. Option D, a shared access signature, is used for Azure storage resources and does not apply to SQL database access.