Authentication and authorization Flashcards
Identity services
Authentication:
Make sure you are you
Confirming identity
first step to authenticate
Authorization:
Comes after authentication
do you get access
Granular control
Access Management:
Access Management is critical to ensure only the right people and process has access
Azure active directory
AAD Pre-requisites
Tenant
Subscriptions
Hybrid Cloud Architecture
Exam Tips: see the video
Microsoft Active directory is not the same as Azure Active directory
AAD Service pre-requisites
- Mandatory: you cannot have an Azure account without an AAD service
- First user: Every Azure account needs a first user and this user is in the initial AAD instance.
Tenant:
Organization: A tenant represents the organization
Dedicated AAD: A tenant is a dedicated instance of AAD that an organization receives when signing up for Azure
Separate: Each tenant is distinct and completely separate from other tenants.
Max 500 tenants:
Each user can be a member or guest upto 500 azure AD tenants
Subscription;
Billing Entity:
all resources within a subscription are billed together
Cost Separation:
You can have multiple subscriptions within a tenant to separate costs
Payment:
If a subscription isn’t paid, all the resources and services associated with the subscription stop
Hybrid Cloud architecture:
When you are using hybrid cloud architecture AAD can help to manage your users both in on-prem and azure cloud
Multi Factor Authentication
Something you know
Something you have
Something you are
two factor authentication:
Username/password : one factor authentication
passcode you have known sent to your mobile phone
MFA is recommended as default
SSO single sing on
one pair of credentials for multiple applications
Azure Active directory seamless single sign on
Enable SSO in AAD
Seamlessly use all applications without logging in
Single username and password
Read the summary
see the video
