[email protected] prospectivecustomer @live.com Roles and Role
Assignments Owner = [email protected] Owner =
[email protected] Azure Active Directory Users & Groups
Sync 2500+ Pre-Integrated SAAS Apps Microsoft Online Services
Microsoft Azure IAAS/PAAS Company In-House Developed Cloud Apps
Managed Identity Active Directory [email protected][email protected] Roles-Based Access Control Self-Service Groups
Management B2B Access Management Conditional Access (MFA, Device
Health, Network) Attribute Based Access Control Managed Access to
Daemon Services Secure Sharing with Consumer Accounts Self-Service
Password Management
Slide 5
Slide 6
Slide 7
RG S R R R R R R Role Assignment Role = Reader Subject = AAD
Group Scope = Subscription Role Assignment Role = Owner Subject =
AAD User Scope = Resource Role Assignment Role = Contributor
Subject = AAD User Scope = Resource Group Access Inheritance
Slide 8
Slide 9
Slide 10
Slide 11
Azure On-Premises Sector 1 Sector 2.. Region NA Region SA
Division Mktg.. Division Sales.. Project 1 Project 2.. Subscription
per Sector Resource Group per Project Tags Region, Division,
Project Standard VNet per Division in separate resource group
Billing Tracked per Division Subnet On standard Vnet assigned to
each Project Users, Groups and Password Sync Active Directory
Express Route(s) IT Director Office Azure Active Directory
Infrastructure Admins and Support Project Team Roles Network Admins
Owners of Subscriptions VNet Contributors of standard VNet RGs
Virtual Machine Contributors of Project RGs and standard VNet RGs
Appropriate Role on Project RGs