RBAC Flashcards
What does the Contributor role do?
Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC, manage assignments in Azure Blueprints, or share image galleries.
What does the Owner Role do?
Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.
What does the Reader role do?
View all resources, but does not allow you to make any changes.
What does RBAC administrator do?
Manage access to Azure resources by assigning roles using Azure RBAC. This role does not allow you to manage access using other ways, such as Azure Policy.
What does User Access Control Administrator do?
Lets you manage user access to Azure resources.
What are the three elements of an Azure Role?
security principal, role definition, and scope.
What is Security Prinicpal?
an object that represents a user, group, service principal, or managed identity that is requesting access to Azure resources.
What is Role Definition?
Collection of permissions
What is Scope?
The set of Resources a Role applies to.
What is a Role Assignment?
Attaching a role to a user, group, or Service Principal
How does Azure handle denying access to a Resource?
Deny assignments are attached to a user, group, or Service Principal at a particular Scope.
Where is RBAC data stored?
RBAC data is stored globally