Introduction

  • 1 minute

Azure Administrators need to secure access to their Azure resources like virtual machines (VMs), websites, networks, and storage. Administrators need mechanisms to help them manage who can access their resources, and what actions are allowed. Organizations that do business in the cloud recognize that securing their resources is a critical function of their infrastructure.

In this module, your business is investigating how to ensure their corporate data and assets are protected. They want secure protection that enables them to control access to their data and resources by specifying roles and access privileges for employees and business partners. You're responsible for researching how to use role-based access control (RBAC) to accomplish these tasks. You need to ensure the company assets are protected, and also support user access to the resources.

The goal of this module is to understand the features and use cases for Azure role-based access control (RBAC). You learn how to create role definitions and role assignments, and find and use built-in Azure RBAC roles. Additionally, you explore how to use RBAC to manage access to subscriptions. You also review the differences between Azure RBAC and Entra ID roles.

Learning objectives

In this module, you learn how to:

  • Understand the concepts and principles of Azure RBAC.
  • Create role definitions and role assignments.
  • Identify differences between Azure RBAC and Microsoft Entra roles.
  • Use RBAC to manage access to resources.
  • Review and select the best built-in Azure role for a scenario.

Prerequisites

  • Familiarity with Azure. Having a general understanding of Azure services, concepts, and terminology that helps you grasp RBAC more effectively.

  • Identity concepts. A basic understanding of Microsoft Entra ID, which is Microsoft's cloud-based identity and access management service, is essential. Knowledge of concepts like users, groups, roles, and permissions are helpful.

  • Azure Resource Management. Understanding how resources are organized, deployed, and managed provides context for RBAC implementation.

  • Access Control Models. Knowledge of access control models, such as discretionary access control (DAC) and mandatory access control (MAC). This knowledge helps you understand the principles behind RBAC and its advantages over traditional access control mechanisms.