Microsoft Azure Security Technologies (AZ-500)

Disable ads (and more) with a membership for a one time $4.99 payment

Study for the Microsoft Azure Security Technologies (AZ-500) exam. Prepare with well-structured questions and detailed explanations. Enhance your understanding and improve your readiness for the certification exam!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

What effect requires a managed identity when configuring an Azure policy?

  1. AuditIfNotExist

  2. DeployIfNotExist

  3. Disabled

  4. EnforceOPAConstraint

The correct answer is: DeployIfNotExist

The requirement for a managed identity when configuring an Azure policy specifically relates to the "DeployIfNotExist" effect. This effect is utilized to ensure that certain resources are in place by automatically deploying them when they are found to be missing. For this action to succeed, the policy must be able to perform deployment operations, which requires permissions to act on resources within Azure. A managed identity is an identity that is automatically managed by Azure and provides an identity for applications to use when connecting to resources that support Azure Active Directory authentication. This is particularly important for the "DeployIfNotExist" effect because the policy needs to authenticate to create or deploy the specified resources without requiring the developer or administrator to handle credentials or secret management. In contrast, other effects, such as "AuditIfNotExist" and "Disabled," do not require the same level of permission because they are used for auditing or simply deactivating a policy rather than creating resources. "EnforceOPAConstraint" is not a standard effect tied to this requirement. The automatic management of identity and permissions encapsulated in Azure's managed identity feature facilitates seamless and secure resource management, which is essential when using the "DeployIfNotExist" effect in Azure policies.

More Questions Like This