Azure Classroomnotes 27/Aug/2022

Scenario 5: Exercise:

  • Create a custom rbac with contributor permissions but user/group should not be able to delete
    • Virtual Machines
    • Disks
    • SQL Databases
    • SQL Servers
    • Storage Accounts
    • Azure Kubernetes Cluster
  • Refer Here for the policy
  • Note: We have observed the issue when there are inherited roles from above level conflicting with roles at current level. So we need to check out with deny assignments which have more priority than role assignments.

Creating, Updating and listing policies using Azure CLI

  • Install Azure CLI Refer Here
  • Refer Here For installing Azure CLI and Powershell
  • Azure CLI Commands will be in the format of
az <service>  [sub-service] <action> [args]
az group list

az group delete
az sql create
  • Since we are working with roles Refer Here
  • CLI Commands by default return json, but other formats such as table are also supported

* For better CLI output formatting use json tree viewers Refer Here

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About continuous learner

devops & cloud enthusiastic learner