Manage Access to Azure With Role-Based Access Control

The hands-on lab is part of these learning paths

AZ-500 Exam Preparation: Microsoft Azure Security Technologies
course-steps 11 certification 1 lab-steps 3
AZ-103 Exam Preparation: Microsoft Azure Administrator
course-steps 15 certification 6 lab-steps 8
AZ-203 Exam Preparation: Developing Solutions for Microsoft Azure
course-steps 20 certification 1 lab-steps 7
Architecting Microsoft Azure Solutions
course-steps 10 certification 6 lab-steps 5
Azure Services for Security Engineers
course-steps 8 certification 4 lab-steps 3
more_horiz See 3 more

Lab Steps

Logging into the Microsoft Azure Portal
Connecting to the Virtual Machine (RDP)
Viewing the PowerShell Script
Connecting to Azure via PowerShell
Creating a Custom Role in PowerShell
Simulating the Custom Role User Experience
Finding Permissions for Custom Roles

Ready for the real environment experience?

Max Duration1h 15m
star star star star star-half


Lab Overview

The 'principle of least privilege' states that security of resources is improved when workers only have the access they need to perform their job roles. Azure provides fine-grained role-based access control (RBAC) mechanisms to secure your cloud environment. In this Lab, you will follow the principle of least privilege for users as you manage access to Azure with RBAC. You will use Azure PowerShell to create a custom role, learn how to assign roles to users, and get tips on how to define your own custom roles.

Lab Objectives

Upon completion of this Lab you will be able to:

  • Create custom roles using Azure PowerShell
  • Investigate user access control errors
  • Develop custom roles using the Azure Portal and PowerShell

Lab Prerequisites

You should be familiar with:

  • Basic Azure resources, such as Subnets, Virtual Machines, and Network Security Groups

Lab Environment

Before completing the Lab instructions, the environment will look as follows:

After completing the Lab instructions, the environment should look similar to:

About the Author

Learning paths7

Logan has been involved in software development and research since 2007 and has been in the cloud since 2012. He is an AWS Certified DevOps Engineer - Professional, AWS Certified Solutions Architect - Professional, Microsoft Certified Azure Solutions Architect Expert, MCSE: Cloud Platform and Infrastructure, Google Cloud Certified Associate Cloud Engineer, Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), Linux Foundation Certified System Administrator (LFCS), and Certified OpenStack Administrator (COA). He earned his Ph.D. studying design automation and enjoys all things tech.