16 Questions
What is RBAC?
Role-based access control
Who can RBAC access be granted to?
Users, groups, service principals, and managed identities
What is the scope of Azure RBAC?
Azure Resource Manager (ARM) deployment model
What is a role in RBAC?
Definition of allowed and/or denied actions
How is RBAC configured?
By selecting a role and associating it with a security principal
What takes precedence in RBAC when there are overlapping assignments?
Most privileged access right
What do RBAC role definitions contain?
List of permissions or declared permissions
What is the purpose of Azure AD administrative roles?
To allow or restrict admins to perform identity tasks
What is the limit of custom roles per directory?
5,000
Who can create or remove role assignments in Azure?
People with Owner or User Access Administrator built-in roles
How can custom roles be created?
From existing built-in roles, starting from scratch, or with a JSON file
What is required to create a custom role?
Write permissions on all items in a scope
How can Deny Assignments be controlled?
By applying a resource lock for resources created through Azure Blueprints
What is a Security Principal in Azure?
An identity that gets permissions
In what ways can Role Assignments be created and listed?
Portal, Azure AD PowerShell, or Microsoft Graph API
Why would someone clone a built-in role?
To make small tweaks to permissions
Learn about role-based access control (RBAC) in Azure, which allows you to manage entities with access to Azure resources and define their actions. Understand how RBAC access can be granted to different types of entities like users, groups, service principals, and managed identities through role assignments. Explore how Azure RBAC is used for managing resources in the Azure Resource Manager (ARM) deployment model.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free