Azure Active Directory Contd

Azure RBAC (Role Based Access Control)

• Custom Role Syntax Refer Here
• To Create Resources Azure used Resource Provider. This Resource Provider will have versions.
• The functionality of the Resource are defined in terms of Actions.
• Resource Providers can be Registered or UnRegistered at Subscription level.
  
• For Operations by resource Provider Refer Here

Activity 1: Create a Custom Role to View, Create and Delete Virtual Machines and App Service

• Lets try writing the json for this

{
    "Name": "activity1mar23",
    "IsCustom": true,
    "Description": "Custom Role to View, Create and Delete Virtual Machines and App Service",
    "Actions": [
        "Microsoft.Compute/virtualMachines/read",
        "Microsoft.Compute/virtualMachines/write",
        "Microsoft.Compute/virtualMachines/delete",
        "Microsoft.Web/serverfarms/Read",
        "Microsoft.Web/serverfarms/Write",
        "Microsoft.Web/serverfarms/Delete"
    ],
    "AssignableScopes": ["/"]

}

• Refer Here for the changes

Actvity 2: Create a custom role to do every thing on Virtual Machine and Read Azure SQL

• We have written a role Refer Here for changes
• In the next session lets work on creating roles from cli and verifying this.