Complete the code to assign a role to a user using Azure RBAC.
az role assignment create --assignee [1] --role "Reader" --scope /subscriptions/00000000-0000-0000-0000-000000000000
The assignee must be a user or service principal identity, such as an email address, to assign a role in RBAC.
Complete the code to create an access policy for an Azure Key Vault.
az keyvault set-policy --name MyKeyVault --object-id [1] --secret-permissions get listThe object-id is the unique identifier of the user or service principal for whom the access policy is set.
Fix the error in the command to assign a role at the resource group level.
az role assignment create --assignee user@example.com --role [1] --scope /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup
The role parameter must be a valid Azure role name like Contributor, Reader, or Owner.
Fill both blanks to create an access policy that grants secret permissions.
az keyvault set-policy --name MyVault --object-id [1] --[2]-permissions get list
The object-id identifies the user, and the permission type must be either key, secret, or certificate. Here, secret-permissions are granted.
Fill all three blanks to assign the Reader role to a user at a subscription scope.
az role assignment create --assignee [1] --role [2] --scope [3]
The assignee is the user email, the role is Reader, and the scope is the subscription ID path.