305 Flashcards
Describe what an Azure Tenant is?
An Azure Tenant is a container for managing identity and security for an organization. It refers to the instance of Azure Active Directory (Azure AD) that is specific to an organization and allows them to manage users, groups, roles, and applications, as well as integrate with external service.
A tenant in Azure is a container for management groups, subscriptions, resource groups, and resources.
Describe what an Azure Subscription is?
- An Azure Subscription is a container for Resource Groups and Resources and is a container for RBAC and Costs
- An Azure Subscription is a container for resources, and it is linked to an Azure account for billing purposes. Subscriptions define the boundaries for billing, resource allocation, and administrative control. It is also where policies and role-based access control (RBAC) are applied to manage resource access and governance.
Is it possible to associate a subscription with two Azure Tenants?
No, an Azure Subscription can only be associated with a single Tenant.
- Is it possible to associate three Azure Subscriptions with one Azure Tenants?
Yes, an Azure Tennant can have many subscriptions associated with it.
List all the Azure Identity types available in Azure Entra Id?
Users
Managed Identity
Service Principles
Groups
Device Identities
When would you use Managed identity?
When you wnat a service in Azure to access another service in Azure.
Describe a use case where you would use an Azure Entra ID Service Principle?
Where you have an Application that wants to access Azure Resources.
You create an Azure Service Principle by registering the application with Azure Entra ID and then making the Azure Entra ID Service principle assocated with the application. The service principle is then used by using the Service principle with RBAC to assign privileges to access Azure resources.
Describe what an Azure Entra ID User is?
An Azyre Entra ID User is either an internal or external user. Internal users are users thet are Members, and external users are Guests. Internal users belong to the Azure Entra Id domain or part pf the on-prem domain thet is synced with Azure Entra ID.
What is an Azure dynamic group?
An Azure Entra ID Group is a container for Users and Devices; this container can be assigned roles for both Azure Entra ID and Azure resources.
Describe what an Azure Entra ID Group is used for?
An Azure Entra ID Group is a container for both Devices and users to manage these Users and Devices as groups, where roles for both Azure Entra ID and Azure Resources can be assigned. This type of group is what we call an assigned group, meaning its manually managed by an administrator.
I require a way to manage groups of users automatically. When a user is created in Azure Entra ID, the user is automatically assigned to one of several groups. Each group represents an organization’s departments; we have accountancy, manufacturing, and HR. The user should be assigned to the relevant group based on properties like department. How can we achieve this?
We can set up dynamic groups for the departments in our organization and have the
Can I use dynamic groups on a standard subscription?
No. Azure Active Directory (Azure AD) Premium P1 or Premium P2 subscription.
What is the topmost level in Azure?
Azure teanant?
Can I assign a subscription to more than a single tenant?
No, a subscription can only be assigned to a single tenant.
How cna I have Azure SQL prefrom multi-master writes?
You can’t, but you could opt for CosmoDB.
Can I associate two subscriptions with a single tenant?
Yes, 100%
I want to create a group of users to whom I can assign permissions. How can I do this?
Use Azure Group under Entra ID.
I have an application, and I wnat to ab able to access Azure services; what do I require to access the Azyre service?
Register the application with Azure Entra ID and set up a service principle.
What is an assigned group in Azure
Admin or owner decides on membership; you manually control the member shop
I have added groups of users, and I want an easy way to automatically sign off on permissions for these groups; how can I do this?
Use dynamic groups and set up the attributes to automatically add new users to the dynamic group, then assign permission to the group.
What is a security group?
It depends. There are two types of security groups in Azure: an Azure network security group and an Azure ID security group.
What is a hybrid environment?
A hybrid environment consists of one or more Azure accounts and one or more on-prem data centers or locations.
What is a hybrid identity?
Is an identity that is used in both in Azure and on-prem
What is Azure AD B2B Connect (Entra ID B2B Connect)
It enables you toy use external identities by connecting with