(Unit 5 of 8) Azure Role-Based Access Control (RBAC)

Question 1

What is the PRINCIPLE OF LEAST PRIVILEGE ?

Answer 1

You should only grant access up to the level needed to complete a task.

Question 2

What is Azure RBAC?

Answer 2

Instead of defining access for individuals, RBAC allows common access rules for certain groups.

Example: New IT hire gets same access as others in IT group

Question 3

How is role-based access control applied to resources?

Answer 3

Role-based access control is applied to a scope, which is a resourceor set of resources that this access applies to.

Question 4

What is included in a SCOPE regarding RBAC?

Answer 4

1. A management group (a collection of multiple subscriptions).
2. A single subscription.
3. A resource group.
4. A single resource.

Question 5

Azure RBAC is ____ ?

Answer 5

Heirachical

Question 6

What happens when access is granted to a PARENT scope?

Answer 6

Those permissions are inherited by all child scopes

Question 7

Give examples of RBAC scope access inheritance (1)

Answer 7

1. Owner assigned to managment group allows user to manage all SUBS in the management group

Question 8

Give examples of RBAC scope access inheritance (2)

Answer 8

1. Reader role to a group at the subscription scope, the members of that group can view every resource group and resource within the subscription.

Question 9

How is RBAC enforced?

Answer 9

1. Enforced on any action initiated against a resource passing through AZ resource manager (ARM)