Configure custom Azure RBAC
- When most organizations consider using the public cloud, they are concerned about two things:
- Ensuring that when people leave the organization, they lose access to resources in the cloud
- Striking the right balance between autonomy and central governance
- Azure AD and RBAC make it simple for you to achieve out these goals
Configure subscription and resource permissions
- You can create additional subscriptions for your account in Azure
- To create Azure subscriptions under your organization's Enterprise Agreement (EA), you must have the Account Owner role for your organization
Identify external accounts that have Azure management access
- Azure Security Center is a unified infrastructure security management system that strengthens the security posture of your datacenters, and provides advanced threat protection across your hybrid workloads
- Azure Policy is a service in Azure that you use to create, assign, and manage policies
Transfer Azure subscriptions between Azure AD tenants
- Typically, large organizations assign Azure subscriptions to various business units of the company
- Occasionally, organizations need to transfer the subscription between owners and Azure AD tenants
- Azure provides a process for transferring the ownership of an Azure subscription
Manage API access to Azure subscriptions and resources
- When you publish APIs through Azure API Management, it's common to secure access to those APIs by using subscription keys
- Client applications that need to consume the published APIs must include a valid subscription key in HTTP requests when they make calls to those APIs
- API Management also supports other mechanisms for securing access to APIs, including the following examples:
OAuth 2.0
- Client certificates
- IP whitelisting
Top comments (1)
Nice article! Will you cover Azure Security Center next? It's another great tool for keeping your Azure implementation safe. :)