官术网_书友最值得收藏!

RBAC

With RBAC, you can manage who has access to the different Azure resources inside of your tenant. You can also set what the users can do with different Azure resources.

A best practice for assigning permissions is using the principle of least permissions; this involves giving users the exact permissions they need to do their jobs properly. Users, groups, and applications are added to roles in Azure, and those roles have certain permissions. You can use the built-in roles that Azure offers, or you can create custom roles in RBAC.

The roles in Azure can be added to a certain scope. This scope can be an Azure subscription, an Azure resource group, or a web application. Azure then uses access inheritance; roles that are added to a parent resource give access to child resources automatically. For instance, a group that is added to an Azure subscription gets access to all the resource groups and underlying resources that are in that subscription as well. A user that is added to a virtual machine (VM) only gets access to that particular VM.

Let's start looking at RBAC in detail by first looking at built-in roles.

主站蜘蛛池模板: 连城县| 长宁区| 新安县| 若尔盖县| 黄陵县| 义马市| 乌拉特后旗| 集贤县| 眉山市| 右玉县| 天门市| 桂平市| 水富县| 土默特左旗| 南部县| 元阳县| 东至县| 丹巴县| 胶州市| 巴塘县| 梨树县| 清苑县| 资阳市| 安溪县| 海南省| 乌兰察布市| 达孜县| 昂仁县| 孝义市| 东莞市| 泸西县| 确山县| 陇南市| 茂名市| 龙井市| 盖州市| 同心县| 长沙县| 德阳市| 乐清市| 青海省|