CloudAcademy

Manage Access to Azure With Role-Based Access Control

The hands-on lab is part of these learning paths

AZ-101 Exam Preparation: Microsoft Azure Integration and Security
course-steps 11 certification 1 lab-steps 5
Training for Architecting Microsoft Azure Solutions
course-steps 10 certification 5 lab-steps 5
Azure Services for Security Engineers
course-steps 3 certification 1 lab-steps 3 quiz-steps 3
Microsoft 70-533 Certification Preparation (Retired)
course-steps 15 certification 1 lab-steps 8 quiz-steps 8
more_horiz See 2 more

Lab Steps

keyboard_tab
lock
Logging into the Microsoft Azure Portal
lock
Connecting to the Virtual Machine (RDP)
lock
Viewing the PowerShell Script
lock
Connecting to Azure via PowerShell
lock
Creating a Custom Role in PowerShell
lock
Simulating the Custom Role User Experience
lock
Finding Permissions for Custom Roles

Ready for the real environment experience?

DifficultyBeginner
Duration1h
Students746

Description

Lab Overview

The 'principle of least privilege' states that security of resources is improved when workers only have the access they need to perform their job roles. Azure provides fine-grained role-based access control (RBAC) mechanisms to secure your cloud environment. In this Lab, you will follow the principle of least privilege for users as you manage access to Azure with RBAC. You will use Azure PowerShell to create a custom role, learn how to assign roles to users, and get tips on how to define your own custom roles.

Lab Objectives

Upon completion of this Lab you will be able to:

  • Create custom roles using Azure PowerShell
  • Investigate user access control errors
  • Develop custom roles using the Azure Portal and PowerShell

Lab Prerequisites

You should be familiar with:

  • Basic Azure resources, such as Subnets, Virtual Machines, and Network Security Groups

Lab Environment

Before completing the Lab instructions, the environment will look as follows:

After completing the Lab instructions, the environment should look similar to:

About the Author

Students27437
Labs74
Courses7
Learning paths4

Logan has been involved in software development and research since 2007 and has been in the cloud since 2012. He is an AWS Certified DevOps Engineer - Professional, AWS Certified Solutions Architect - Professional, MCSE: Cloud Platform and Infrastructure, Google Cloud Certified Associate Cloud Engineer, Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), Linux Foundation Certified System Administrator (LFCS), and Certified OpenStack Administrator (COA). He earned his Ph.D. studying design automation and enjoys all things tech.