http://www.dushyantgill.com/blog/contact Managed Identity [email protected] Owner = [email protected] [email protected] Active Directory [email protected] [email protected] Owner = [email protected] Owner = [email protected] Owner = [email protected] 2500+ Pre-Integrated SAAS Apps Managed Identity Users & Groups Sync Active Directory [email protected] [email protected] Azure Active Directory Roles and Role Assignments [email protected] prospectivecustomer @live.com • Roles-Based Access Control • Self-Service Groups Management • B2B Access Management • Conditional Access (MFA, Device Health, Network) • Attribute Based Access Control • Managed Access to Daemon Services • Secure Sharing with Consumer Accounts • Self-Service Password Management Microsoft Online Services Owner = [email protected] Owner = [email protected] Microsoft Azure IAAS/PAAS Company In-House Developed Cloud Apps R RG S R R RG R Role Assignment RG R Role Assignment Role = ‘Owner’ Subject = AAD User Scope = Resource Role = ‘Reader’ R Subject = AAD Group Scope = Subscription Role Assignment Role = ‘Contributor’ Subject = AAD User Scope = Resource Group http://www.dushyantgill.com/blog/2015/02/08/keep-a-tab-on-access-settings-of-your-azuresubscriptions/ On-Premises Active Directory Users, Groups and Password Sync Azure Azure Active Directory Owners of Subscriptions Subscription per Sector .. Sector 1 Sector 2 Region NA Region SA .. Division Mktg Division Sales ..Tracked per Division IT Director’ Office VNet Contributors of “standard” VNet RGs Network Admins Infrastructure Admins and Support Virtual Machine Contributors of Project RGs and “standard” VNet RGs Appropriate Role on Project RGs Project Team Roles Express Route(s) “Standard” VNet per Division in separate resource group Resource Group per Project Project 1 Project 2 .. Billing Tags Region, Division, Project Subnet On “standard” Vnet assigned to each Project http://www.dushyantgill.com/blog/2015/04/26/say-goodbye-to-key-management-manageaccess-to-azure-storage-data-using-azure-ad/ 2) Read Secret (Storage Account Key) 1) Authenticate Azure AD User/Service 3) Access Storage Account with Key Storage Account Key Vault Write Secret (New Storage Account Key) Scheduled Job Running in Azure Automation Storage Account Regenerate Storage Account Key http://www.dushyantgill.com/blog/2015/02/28/attribute-based-access-control-for-azure/ http://www.dushyantgill.com/blog/contact http://myignite.microsoft.com
© Copyright 2026 Paperzz