Azure RBAC is Role-based Access Control it is the gateway for any access (access management of Azure resources) and this service will help you to manage the access and to know who has access and what is kind of access he should take it.

RBAC Diagram

How RBAC Works

Based on the above diagram we have some steps for access:

Security principal it is just an object for anything asking for access like (User, Group or service) after that when the security principle ask for access it is directly going for Role assignment and this is a group of access and role definition and scope  or we can say a collection of permissions and it is defined into two thing Role definition and SCOPE, Role definition inside it we have multiple of rules like (owner, contributor, Managed Application) and many other Rules, inside each Rule, we have a list of permissions related to this Rule and for each permission, we can define two things (actions and Nonactions) What he should do and what he shouldn’t do

e.g. you can find below some of the Rules if we selected for example Contributor Rule you will find one it lists of access and permissions

So, what is scope: With a scope, we can assign assess for the user on a specific azure resource at this time the system will know what is the services that this user should use it.

Final scenario for access

when the user tries to access the Azure Services the Security principal once Entered the Active directory will ask the Role assignment What is the Role definition for this user and from the Role definition, we will get the list of access of this user and what is the actions allowed to this user to do it and what is the actions not allowed to this user to do it and from the Scope, we will get the list of azure resource that user has access on it, at this time the system will know what the azure resource allowed for this user and what is the actions he allowed and not allowed to do it, the combination of the Role Definition + Scope = RBAC.

Resources

Keep Following

Cloud Tech Website blog survey

IF you found this blog is helpful and sharing useful content please take few second to do rate the website blog from here

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.