IAM

Question 1

What does IAM stand for ?

Answer 1

Identity and Access Management ?

Question 2

What is IAM

Answer 2

It determines who can do what, on which resources.

Question 3

IAM Component - Who ?

Answer 3

Users are stored in Azure Active Directory (ADD), the who manages identities.

Question 4

IAM Component - What ?

Answer 4

Azure uses Role-Based Access Controls (RBAC) to provide fine-grained access management to Azure resources.

Question 5

IAM Component - Resources ?

Answer 5

This is the scope, what resources do the identities have access to.

Question 6

What is Azure Active Directory ?

Answer 6

This is a cloud-based identity service.

Question 7

What is a Security Principle ?

Answer 7

A Security principle is an identity.

Question 8

What is Azure RBAC?

Answer 8

Access is controlled by roles, and roles are assigned to security principles/identity.

Roles are just a collection of permissions.

Question 9

What is the scope ?

Answer 9

The set of resources that are available to an identity.

• Roles are granted to various levels of the resource hierarchy.
• Lower levels inherit roles from higher levels.
• This helps centralise management.

Question 10

What are the hallmarks of Azure Active Directory?

Answer 10

• One per tenant (company)
• Provides Identity - “Who are you”
• Identity = Security Principle
• Manage end users (people) or applications.
• Email format (end users)

Question 11

What can be an identity in Azure ?

Answer 11

• Users can be identities.
• Applications can be identities.
• Programmatic methods of access can be identities