Azure Classroom Series – 17/Sept/2021

Azure AD

  • Azure AD offers identity management solution for cloud
  • Azure AD offers the following pricing plans
    • Free:
      • This offers most basic features, such as support for 500000 objects, single sign on, Azure B2B for external users, support for Azure AD Connect Syncronization, self-service password change, MFA (app authenticator only) and standard security groups
    • Basic:
      • This offers no object limit, has a SLA of 99.9%, self-service password reset, company branding, and support for the application proxy
    • Premium P1:
      • This offers advanced reporting, full MFA, conditional access and Azure AD connect
    • Premium P2:
      • This offers identity protectiona nd privileged identity management
  • Refer Here for the Azure AD Pricing Plans and Refer Here for the Azure documentation comparing features for Azure AD.

Scenario-1

  • Create users dev1,dev2,dev3 and qa1,qa2,qa3 with default roles.
  • Navigate to the groups in Azure AD and create two groups developer and qa Preview
  • Add dev1, dev2 and dev3 to the developers group
  • Add qa1, qa2 and qa3 to the qa group
  • Now Navigate to All Services -> Subscriptions and select your subscription Preview
  • Now select Access Control Preview
  • Now Add the Role Assignments for the QA group
    • Storage Account Contributor
    • Reader Preview
  • Add the the following Role Assignments for the Developers Group
    • Contributor Preview
  • Now log in to azure portal from a different browser (or inprivate mode) as any developer
    • Create a Resource Group understanding Preview
    • Create a Storage Account Preview Preview
    • Now check access in Resource group for developer using Access control section Preview
    • Also check access for developer in the storage account using Access control section
  • Now login into Azure portal from a different browser as any QA and add tags to the storage account
  • Try adding one more tag released: qa to the resource group Preview
  • Add QA users as contributor at the Resource group level
    • by loging in as Developer & observe the failure
    • by loging in to as the normal user (account which you have created) and try to perform the same
    • Now retry adding tags to the resource group.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please turn AdBlock off
Floating Social Media Icons by Acurax Wordpress Designers

Discover more from Direct DevOps from Quality Thought

Subscribe now to keep reading and get access to the full archive.

Continue reading

Visit Us On FacebookVisit Us On LinkedinVisit Us On Youtube