Watch videos with subtitles in your language, upload your videos, create your own subtitles! Click here to learn more on "how to Dotsub"

TC-028-temp

0 (0 Likes / 0 Dislikes)
>> In this video, we're going to talk about role based access control, also known as RBAC, R-B-A-C, and how it can make your Azure resources more secure. Virtual machines, websites, networks, and storage, all of these are critical resources for any organization using the cloud, and when it comes to protecting these resources, security is paramount. Of course these precious assets need to be locked down, but it's your job to grant your employees and partners the access they need to perform their jobs. You can also use RBAC to grant access from one resource to another. In Azure, role based access control, again RBAC, is an authorization system that will help you manage who and what has access to all your Azure resources, what these people can do with those resources, and where they have access. So to start, the way you control access to resources is to create a role assignment. This is how permissions are enforced, and to create a role assignment, you need three elements, a security principal, a role definition, and a scope. Let's think of these elements as the who, the what, and the where. A security principal is just a fancy name for a user, a group, or an application that you want to grant access to. But it's important to remember this is not just for people, one application can be a principal that has access to another resource. The what you determine a security principal can do is specified with a role definition. Role definition is a collection of permissions, sometimes just called a role for short. It lists the permissions that can be performed, such as read, write, and delete. Azure has several of these built in roles that you can use, such as owner or virtual machine contributor. And finally, where. This is the access given, and we call this a scope. In Azure, you can specify a scope at multiple levels, such as, a management group, a subscription, a resource group, or an individual resource, and those permissions are inherited to sub-levels. So once you've determined the who, the what, and the where, then you combine these elements to grant access with a role assignment. You create a role assignment using the Azure Portal, Azure PowerShell, or some other methods, and that's it. Using RBAC to create role assignments to grant access to Azure resources is pretty straightforward. Just remember, role assignments consist of a security principal, a role, and a scope, and you'll be good to go. We hope this gives you a better understanding of how to protect your Azure resources, and why RBAC is a pretty powerful tool that will make your life easier and your organization more secure.

Video Details

Duration: 2 minutes and 38 seconds
Country:
Language: English
License: Dotsub - Standard License
Genre: None
Views: 6
Posted by: csintl on Aug 29, 2018

TC-028-temp

Caption and Translate

    Sign In/Register for Dotsub above to caption this video.