New Skills

New Training: Manage Access Control

by Team Nuggets
New Training: Prepare for the AZ-500 Certification Exam picture: A
Follow us
Published on March 24, 2021

In this 8-video skill, CBT Nuggets trainer Daniel Sasse guides you through the minefield of ensuring appropriate Azure access for users, devices, and applications. Watch this new Azure training.

Watch the full course: Microsoft Certified: Azure Security Engineer Associate

This training includes:

  • 8 videos

  • 52 minutes of training

You’ll learn these topics in this skill:

  • Configure Custom RBAC Roles

  • Identify the Appropriate Role

  • Apply Principle of Least Privilege

  • Interpret Permissions

  • Create App Registrations

  • Configure App Registration Permission Scopes

  • Manage App Registration Permission Consent

  • Manage API Access to Azure Subscriptions and Resources

How to Apply the Principle of Least Privilege in Azure

The principle of least privilege (POLP) is an important means in preventing computer security attacks. By granting only the permissions necessary to complete a set of tasks, you can limit the surface of attacks. Microsoft Azure allows you to apply POLP through its role-based access control (Azure RBAC) found in Azure Management Groups, Azure Active Directory (now known as Entra) Groups and Azure Privileged Identity Management.

At the heart of Azure RBAC lies three components: security principals, role definitions and scope.

A security principal is an entity requiring permissions, such as a user, a group, a Service Principal or a Managed Identity. You apply permissions to them using Azure Active Directory Groups.

A role definition is the set of permissions that you apply to a defined security principal. You can define this through Azure Resource Roles and Azure Active Directory Administrator Roles.

Finally, a scope defines what Azure resources applies to a particular role definition. You can define this through Azure Management Groups.


Ultimate Security Cert Guide

By submitting this form you agree to receive marketing emails from CBT Nuggets and that you have read, understood and are able to consent to our privacy policy.


Don't miss out!Get great content
delivered to your inbox.

By submitting this form you agree to receive marketing emails from CBT Nuggets and that you have read, understood and are able to consent to our privacy policy.

Recommended Articles

Get CBT Nuggets IT training news and resources

I have read and understood the privacy policy and am able to consent to it.

© 2024 CBT Nuggets. All rights reserved.Terms | Privacy Policy | Accessibility | Sitemap | 2850 Crescent Avenue, Eugene, OR 97408 | 541-284-5522