CloudAcademy

Manage Access to Azure With Role-Based Access Control

The hands-on lab is part of these learning paths

Architecting Microsoft Azure Solutions: 70-535 Exam Preparation

course-steps 10 certification 5 lab-steps 5

Azure Services for Security Engineers

course-steps 3 lab-steps 3 quiz-steps 3

Implementing Microsoft Azure Solutions–70-533 Certification Preparation

course-steps 14 certification 1 lab-steps 8 quiz-steps 10

Lab Steps

keyboard_tab
lock
Logging into the Microsoft Azure Portal
lock
Connecting to the Virtual Machine (RDP)
lock
Viewing the PowerShell Script
lock
Connecting to Azure via PowerShell
lock
Creating a Custom Role in PowerShell
lock
Simulating the Custom Role User Experience
lock
Finding Permissions for Custom Roles

Ready for the real environment experience?

DifficultyBeginner
Duration1h
Students395

Description

Lab Overview

The 'principle of least privilege' states that security of resources is improved when workers only have the access they need to perform their job roles. Azure provides fine-grained role-based access control (RBAC) mechanisms to secure your cloud environment. In this Lab, you will follow the principle of least privilege for users as you manage access to Azure with RBAC. You will use Azure PowerShell to create a custom role, learn how to assign roles to users, and get tips on how to define your own custom roles.

Lab Objectives

Upon completion of this Lab you will be able to:

  • Create custom roles using Azure PowerShell
  • Investigate user access control errors
  • Develop custom roles using the Azure Portal and PowerShell

Lab Prerequisites

You should be familiar with:

  • Basic Azure resources, such as Subnets, Virtual Machines, and Network Security Groups

Lab Environment

Before completing the Lab instructions, the environment will look as follows:

After completing the Lab instructions, the environment should look similar to:

About the Author

Students8078
Labs60
Courses6
Learning paths3

Logan has been involved in software development and research for over eleven years, including six years in the cloud. He is an AWS Certified DevOps Engineer - Professional, MCSE: Cloud Platform and Infrastructure, and Certified Kubernetes Administrator (CKA). He earned his Ph.D. studying design automation and enjoys all things tech.