0
0
Azurecloud~10 mins

Custom role definitions in Azure - Interactive Code Practice

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Practice - 5 Tasks
Answer the questions below
1fill in blank
easy

Complete the code to define the role name in the custom role JSON.

Azure
{
  "Name": "[1]",
  "IsCustom": true,
  "Description": "Can manage resources",
  "Actions": ["Microsoft.Resources/*/read"],
  "NotActions": [],
  "AssignableScopes": ["/subscriptions/12345678-1234-1234-1234-123456789abc"]
}
Drag options to blanks, or click blank then click option'
AReader
BContributor
CCustomRole
DOwner
Attempts:
3 left
💡 Hint
Common Mistakes
Using a built-in role name instead of a custom name.
Leaving the Name field empty.
2fill in blank
medium

Complete the code to specify the correct action permission for reading resources.

Azure
{
  "Actions": ["[1]"],
  "NotActions": []
}
Drag options to blanks, or click blank then click option'
AMicrosoft.Storage/accounts/write
BMicrosoft.Resources/*/read
CMicrosoft.Compute/virtualMachines/start/action
DMicrosoft.Network/virtualNetworks/delete
Attempts:
3 left
💡 Hint
Common Mistakes
Choosing actions that allow write or delete permissions instead of read.
Selecting very specific actions instead of a broad read permission.
3fill in blank
hard

Fix the error in the AssignableScopes field by completing the scope string correctly.

Azure
{
  "AssignableScopes": ["[1]"]
}
Drag options to blanks, or click blank then click option'
A/subscriptions/12345678-1234-1234-1234-123456789abc
B/subscription/12345678-1234-1234-1234-123456789abc
Csubscriptions/12345678-1234-1234-1234-123456789abc
D/subscriptions/1234-5678-9012-3456
Attempts:
3 left
💡 Hint
Common Mistakes
Missing the leading slash.
Misspelling 'subscriptions' as 'subscription'.
Omitting the slash before 'subscriptions'.
4fill in blank
hard

Fill both blanks to complete the custom role JSON with correct description and assignable scope.

Azure
{
  "Description": "[1]",
  "AssignableScopes": ["[2]"]
}
Drag options to blanks, or click blank then click option'
ACan manage virtual machines
BCan read storage accounts
C/subscriptions/abcdef12-3456-7890-abcd-ef1234567890
D/subscriptions/12345678-1234-1234-1234-123456789abc
Attempts:
3 left
💡 Hint
Common Mistakes
Using a description that doesn't match the role's permissions.
Using an invalid or incorrect subscription ID in AssignableScopes.
5fill in blank
hard

Fill all three blanks to complete the custom role JSON with name, action, and assignable scope.

Azure
{
  "Name": "[1]",
  "Actions": ["[2]"],
  "AssignableScopes": ["[3]"]
}
Drag options to blanks, or click blank then click option'
AVMOperator
BMicrosoft.Compute/virtualMachines/start/action
C/subscriptions/98765432-1234-5678-9012-abcdefabcdef
DMicrosoft.Storage/storageAccounts/read
Attempts:
3 left
💡 Hint
Common Mistakes
Mixing up action permissions with role names.
Using invalid subscription IDs or missing slashes in assignable scopes.