DP-203 Design and implement data storage • Set 7
DP-203 Design and implement data storage Practice Test 7 — 15 questions with explanations. Free, no signup.
You need to assign permissions to a service principal so that it can write data to a specific container in Azure Data Lake Storage Gen2, but not delete blobs. The above JSON shows the built-in role 'Storage Blob Data Contributor'. The role includes delete permission in DataActions. What should you do?
Refer to the exhibit.
{
"RoleName": "Storage Blob Data Contributor",
"Type": "BuiltInRole",
"Description": "Allows for read, write, and delete access to Azure Storage containers and blobs.",
"Actions": [
"Microsoft.Storage/storageAccounts/blobServices/containers/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/write",
"Microsoft.Storage/storageAccounts/blobServices/containers/delete"
],
"NotActions": [],
"DataActions": [
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete"
],
"NotDataActions": [],
"AssignableScopes": ["/subscriptions/..."]
}