官术网_书友最值得收藏!

RBAC

With RBAC, you can manage who has access to the different Azure resources inside of your tenant. You can also set what the users can do with different Azure resources.

A best practice for assigning permissions is using the principle of least permissions; this involves giving users the exact permissions they need to do their jobs properly. Users, groups, and applications are added to roles in Azure, and those roles have certain permissions. You can use the built-in roles that Azure offers, or you can create custom roles in RBAC.

The roles in Azure can be added to a certain scope. This scope can be an Azure subscription, an Azure resource group, or a web application. Azure then uses access inheritance; roles that are added to a parent resource give access to child resources automatically. For instance, a group that is added to an Azure subscription gets access to all the resource groups and underlying resources that are in that subscription as well. A user that is added to a virtual machine (VM) only gets access to that particular VM.

Let's start looking at RBAC in detail by first looking at built-in roles.

主站蜘蛛池模板: 资中县| 田阳县| 香格里拉县| 利津县| 恩施市| 原阳县| 新和县| 太和县| 通道| 厦门市| 阿拉善右旗| 青岛市| 本溪| 罗甸县| 炉霍县| 永年县| 赤城县| 招远市| 台东县| 陵川县| 珠海市| 牙克石市| 越西县| 永年县| 夏津县| 青阳县| 剑河县| 长岭县| 大化| 盐池县| 牟定县| 宁晋县| 新巴尔虎右旗| 延津县| 南岸区| 丹江口市| 东乌珠穆沁旗| 松江区| 济源市| 台北市| 灵寿县|