Azure Tutorials Series - Identity and Access | Azure AD

-

 In previous article we learnt about Azure securities, Let's learn about Azure Identity and access in this article. We will cover authentication, authorisation, Azure active directory(AD) and RBAC.

Identity and Access Management in Azure

  • Ability to allow roles or permissions to access limited pool of resources
  • Azure Active Directory helps enables authorisation and authentication for the privileges.
  • Authentication vs authorisation
    • Authentication(AuthN) - Verifies the identity of a person
    • Authorization(AuthZ) - Verifies what all priviliges user has

Azure Active Directory  

  • Called Azure AD
  • Cloud based identity service
  • No SLA for free tier, Standard and Premium get 99.9%
  • Can be used stand alone or can be synced with existing on-prem active directory
  • Services includes -
    • Multi Factor Authentication
    • Single sign on
    • Application Management
    • Business to Business(B2B) identity services
    • Business to customer(B2C) identity services
    • Device Management
Roles in Azure
  • Roles in Azure are categorised as 
    • Classic roles
    • azure roles(RBAC)
    • Azure AD roles
Before RBAC got introduced, there were only 3 roles -
  • Account administrator - One per Azure account
  • Service Administrator - One per Azure subscription
  • Co-administrator - 200 per subscription

Role-based Access Control 

  • Provides fine grained access management for Azure resources
  • Roles can be of various types, such as 'read-only' or 'contributor'.
  • Roles are inherited by the child, provided at the higher level.
  • Four fundamental Azure roles are -
    • Owner
    • Contributor
    • Reader
    • User Access administrator

Azure AD Roles

  • On tenant level
  • Person who signs up for Azure AD tenant, gets the role of Global Administrator, who can do anything.
  • Other user roles are - User Administrator, billing administrator

Comments

Post a Comment

Popular posts from this blog

Azure Tutorials Series - Azure Networking

-
Image
In this article, we will learn about Azure networking concepts such as architecture, microservices, virtual networks, VPNs, subnet, VPN gateways and most importantly Network Security Group(NSG). All these terms are to be understood if you appearing for AZ900 Microsoft Azure Fundamentals exam. Azure Networking In previous articles we have learnt about Micro- services and how they work, these are alos loosely coupled architecture. Some of the features includes Independent components interact with each other with the help of queues Can be updated and deployed independently Highly scalable Supports Asynchronous messaging N-tier Architecture Supports loosely coupled architecture Application divided into multiple tiers such that higher tier can access lower tier but not vice versa Tiers are re-usable and can be updated or replaced easily without any hassle. Three-tier in general Web Tier(front end) Application tier(back end) Data tier(Storage) Virtual Network Isolated network shared by few g
Read more

Coforge Interview Questions | Automation Testing profile

-
Image
In this article we will cover recent Coforge Interview questions asked for testing profile.  Date of Interview - 19th December 2020 Mode of Interview - Web conference through TEAMS Interviewer - Rahul Sharma Round - L1 Coforge Interview Questions | Automation testing profile Round L1 Tell me about your project I have been working as a QA for XYZ company from 5.4 years, during this tenure,  I have learnt about Manual testing, Selenium, Database testing, TestNg, framework designing and API testing. What is a webdriver? A webdriver is a an automation framework that allows executing our tests in different browsers. It also supports headless execution using HtmlUnit driver. What are hooks? @Before and @After are called Hooks, they are used before and after any test scenario. How would you like your automation framework to be designed? How can you use data properties in Test NG framework? Explain Access specifiers? Access modifiers define the visibility of the class. There are four different
Read more

Testing in CI/CD

-
If you are part of testing fraternity you would have heard CI/CD numerous times by now. It's the talk of the software testing town. In this article, we will cover the basics of CI/CD, what actually it is and how it is implemented in software testing. What is continuous integration? In simple terms, development teams can integrate their code into a shared repository. This helps in maintaining code quality and identifying potential issues with the local version of the code at an early stage. What is continuous delivery? Everything that is being continuously merged by the development team, is continuously deployed to the live environment. Continuous delivery is often coined as ‘Continuous Deployment’ as well. Since most developers work in parallel, continuously integrating their code into one repository would mean that the master branch is continuously updated with new features. In order to ensure that there is no compromise in the code quality with so many changes
Read more