My personal notes
T
My personal notes

    Azure Role-Based Access Control (RBAC)

    It allows the implementation of the [[principle-of-least-privilege]] by defining roles that can be assigned to users.

    Each role has a set of access permissions to resources.

    Using roles allows you to:

    • add (and remove) permissions to users by assigning them a specific role;
    • updating permissions to a set of users by updating the role's permissions.

    Role-based access control is applied to a scope, which is a resource or set of resources that this access applies to.

    Azure RBAC is hierarchicalin that when you grant access at a parent scope, those permissions are inherited by all child scopes.

    Azure Blob Storage
    Also, [[azure-rbac]] is available for both data and management operations, like using RBAC roles to manage access to resources and configurations, and using Microsoft Entra to handle access to blob and queue data operations.
    Azure Functions
    - Done by assigning a role in [[azure-rbac]] or specifying the identity in an access policy, depending on the service to which you're connecting
    Principle of Least Privilege
    In Azure, this can be achieved using [[azure-rbac]].
    Azure DNS
    You can use [[azure-rbac]] to controll access to specific actions.
    AZ-900 - Azure Fundamentals
    - [[azure-rbac]]
    Show Graph Visualisation