Cover

Table of Content

  1.  Administering Role Assignments via the RBAC Policy
  2. Role based Access Control in Azure AD
  3. RBAC Access Configuration
  4. Custom RBAC Role in Azure
  5. Managing Azure Subscription & Resource ManagementTop of Form
  6. Know about Azure Subscription
  7. About Enterprise Agreement Subscription
  8. Support Plans of Azure Subscription
  9. Create Azure Subscription for free:
  10. Global Administrator Permission in Azure
  11. Creating Resource Group
  12. Azure Cost Management
  13. Azure Subscription Policy
  14. About Azure Quota
  15. Azure Resource Tag
  16. Create & Configure Management Groups

 

This eBook is based on Azure Exam AZ 104 that has been collected from different sources and people. For more information about this ebook. Kindly write to deviprasad77058@gmail.com. I will happy to help you.

Copyright 2023 by Devi Prasad

This eBook is a guide and serves as a next part of first guide.

Previous Part MICROSOFT AZURE ADMINISTRATOR EXAM PREP(AZ-104) Part-1 has already been published. This book has been written on the advice of many experts and sources who have good command over Azure, network and cloud computing. They are listed at the end of this book. All images used in this book are taken from the LAB which is created by experts. All rights reserved, including the right to reproduce this book or portions thereof in any form whatsoever. For any query reach out to the author through email.

Administering Role Assignments via the RBAC Policy

This section delves into Azure's Role-Based Access Control (RBAC) roles, the customization of Azure RBAC roles, their application to resources, and the implementation of different RBAC roles through diverse organizational policies like PowerShell, among others.

Role based Access Control in Azure AD

Role-Based Access Control (RBAC) is a system that enables the management and restriction of access to resources within an organization.

Consider a scenario where multiple teams, such as the support team, application team, and DB team, share the same subscription. Allowing unrestricted access to subscriptions poses the risk of inadvertent changes by team members, potentially disrupting the existing environment (production or non-production).

To address such situations, Microsoft Azure introduces the RBAC policy as a solution to control access. For instance, if you want the DB team to exclusively access DB resources, RBAC makes it possible. This ensures that the DB team can only view and interact with DB resources, preventing any unintended modifications to other services. RBAC thus becomes a vital tool for access control.

Following Microsoft Azure's recommended best practice, providing the least role access is advisable. This approach grants users only the specific access they require. RBAC can be applied to groups, applications, resources, and more.

For various services, predefined RBAC roles exist, as illustrated in below figure.

Now, let's delve into each role:

  1. Owner: Owners have complete access to all resources within the subscription, similar to subscription admins.
  2. Contributor: Contributors possess equal access to owners but lack the ability to grant access to others at the subscription level. They can, however, create and manage resources.
  3. Reader: Users in the reader role have read/view permissions for specific resources or subscriptions but are restricted from making changes or creating new resources.
  4. User Access Administrator: This role aids in managing user access to Azure resources.

RBAC Access Configuration

RBAC access configuration can be established for various resources, including Azure resources, Azure subscriptions, and Azure resource groups. This section outlines the steps to implement RBAC in these scenarios.

Subscription Access using RBAC Policy

Learn how to grant access to subscriptions based on organizational policies:

  1. Navigate to the Subscription option.
  2. Click on Access control (IAM), highlighted in below snippet, and select Add role assignment:

After clicking

Impressum

Verlag: BookRix GmbH & Co. KG

Texte: Devi Prasad
Bildmaterialien: Devi Prasad
Cover: Mikku Yadav
Lektorat: Reet Patel
Korrektorat: Raghav Jha
Übersetzung: Reet Patel
Satz: Devi Prasad
Tag der Veröffentlichung: 29.11.2023
ISBN: 978-3-7554-6233-0

Alle Rechte vorbehalten

Nächste Seite
Seite 1 /