Microsoft Azure Fundamentals AZ-900 Practice Exam 2025 – Complete Study Resource

The correct method for assigning permissions to users for creating resources in Azure is role-based access control (RBAC). RBAC is a powerful access management tool that helps you define roles and assign those roles to users, groups, or service principals, thereby controlling their access to Azure resources.

With RBAC, you can designate specific roles that encapsulate the needed permissions. For instance, there are built-in roles such as "Owner," "Contributor," and "Reader," each providing different levels of access. The "Contributor" role, for example, allows users to create and manage all types of Azure resources but does not grant access to manage permissions.

By utilizing RBAC, organizations can ensure that users have the appropriate permissions based on their job responsibilities, minimizing the risk of unauthorized access and ensuring compliance with governance policies. This granularity of control is essential for effective resource management in Azure.

The other choices provided, while related to resource governance in Azure, serve different purposes. Initiatives group policies to enforce a set of rules but do not assign permissions. Policies themselves help to enforce rules across resources but again are not focused on assigning user permissions. Resource groups are organizational units for managing resources and do not inherently control user permissions.