Administering Relational Databases on Microsoft Azure — Question 38

You have an Azure AD tenant and a logical Microsoft SQL server named SQL1 that hosts several Azure SQL databases.

You plan to assign Azure AD users permissions to the databases automatically by using Azure Automation.

You need to create the required Automation accounts.

Which two accounts should you create? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Answer options

• A. From the Azure Active Directory admin center create a service principal.
• B. From the Azure Active Directory admin center, create a user-assigned managed identity for SQL1.
• C. On SQL1, create a SQL user in the databases.
• D. On SQL1, create a SQL login.
• E. From the Azure Active Directory admin center, create an external identity.

Correct answer: A, C

Explanation

The correct answers are A and C. Creating a service principal (A) in Azure AD allows for automation scripts to authenticate and interact with Azure resources securely. Additionally, creating a SQL user in the databases (C) is necessary to grant the Azure AD users access to the specific databases. The other options do not directly contribute to the required permissions for Azure AD users in this context.