SlideShare a Scribd company logo

Lock down access to Azure using identity

Download as PPTX, PDF
M
Microsoft Tech Community

Azure’s identity and access functionality provides a comprehensive set of controls for managing access to the cloud. In this session, learn how to use conditional access to limit who can sign-in to the Portal, PowerShell, and CLI, use privileged identity management for “Just In Time” owner access, use Managed Service Identity instead of having to create and manage Service Principals by hand, and use Azure AD to sign-in to Virtual Machines so you can stop managing local accounts. Also, get a sneak peek at the feature roadmap for controlling access to Azure resources.

Technology
1 of 10
Alice Global Admin Bob Subscription Owner Charlene Dev/Ops Robot (Robot) People in this story…
Operation Example Get a token for Azure Resource Manager curl 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02- 01&resource=https://management.azure.com/' -H Metadata:true Read a VM in Azure Resource Manager curl 'https://management.azure.com/subscriptions/80c696ff-5efa-4909-a64d- f1b616f423ca/resourceGroups/SALES- PROD/providers/Microsoft.Compute/virtualMachines/SALES-FE-01?api-version=2017-12-01' -H "Content-Type: application/json" -H Authorization:"Bearer <ACCESSTOKEN>" Get a token for Azure Storage curl 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02- 01&resource=https://storage.azure.com/' -H Metadata:true Read a blob in Azure Storage curl 'https://<STORAGE-ACCOUNT>.blob.core.windows.net/<CONTAINER>/<BLOB>' -H "x-ms- version: 2017-11-09" -H "Authorization: Bearer <ACCESSTOKEN>" Get a token for Azure Key Vault curl 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02- 01&resource=https://vault.azure.net' -H Metadata:true Read a secret from Azure Key Vault curl 'https://<VAULT-URL>/secrets/<SECRET>?api-version=2016-10-01' -H "Authorization: Bearer <ACCESSTOKEN>"
http://aka.ms/azureiam
Lock down access to Azure using identity
Lock down access to Azure using identity

Recommended

100 ways to use Yammer
100 ways to use Yammer100 ways to use Yammer
100 ways to use YammerMicrosoft Tech Community
 
10 Yammer Group Suggestions
10 Yammer Group Suggestions10 Yammer Group Suggestions
10 Yammer Group SuggestionsMicrosoft Tech Community
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessMicrosoft Tech Community
 
Building mobile apps with Visual Studio and Xamarin
Building mobile apps with Visual Studio and XamarinBuilding mobile apps with Visual Studio and Xamarin
Building mobile apps with Visual Studio and XamarinMicrosoft Tech Community
 
Best practices with Microsoft Graph: Making your applications more performant...
Best practices with Microsoft Graph: Making your applications more performant...Best practices with Microsoft Graph: Making your applications more performant...
Best practices with Microsoft Graph: Making your applications more performant...Microsoft Tech Community
 
Interactive emails in Outlook with Adaptive Cards
Interactive emails in Outlook with Adaptive CardsInteractive emails in Outlook with Adaptive Cards
Interactive emails in Outlook with Adaptive CardsMicrosoft Tech Community
 
Unlocking security insights with Microsoft Graph API
Unlocking security insights with Microsoft Graph APIUnlocking security insights with Microsoft Graph API
Unlocking security insights with Microsoft Graph APIMicrosoft Tech Community
 
Break through the serverless barriers with Durable Functions
Break through the serverless barriers with Durable FunctionsBreak through the serverless barriers with Durable Functions
Break through the serverless barriers with Durable FunctionsMicrosoft Tech Community
 

Recommended

100 ways to use Yammer
100 ways to use Yammer100 ways to use Yammer
100 ways to use YammerMicrosoft Tech Community
 
10 Yammer Group Suggestions
10 Yammer Group Suggestions10 Yammer Group Suggestions
10 Yammer Group SuggestionsMicrosoft Tech Community
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessMicrosoft Tech Community
 
Building mobile apps with Visual Studio and Xamarin
Building mobile apps with Visual Studio and XamarinBuilding mobile apps with Visual Studio and Xamarin
Building mobile apps with Visual Studio and XamarinMicrosoft Tech Community
 
Best practices with Microsoft Graph: Making your applications more performant...
Best practices with Microsoft Graph: Making your applications more performant...Best practices with Microsoft Graph: Making your applications more performant...
Best practices with Microsoft Graph: Making your applications more performant...Microsoft Tech Community
 
Interactive emails in Outlook with Adaptive Cards
Interactive emails in Outlook with Adaptive CardsInteractive emails in Outlook with Adaptive Cards
Interactive emails in Outlook with Adaptive CardsMicrosoft Tech Community
 
Unlocking security insights with Microsoft Graph API
Unlocking security insights with Microsoft Graph APIUnlocking security insights with Microsoft Graph API
Unlocking security insights with Microsoft Graph APIMicrosoft Tech Community
 
Break through the serverless barriers with Durable Functions
Break through the serverless barriers with Durable FunctionsBreak through the serverless barriers with Durable Functions
Break through the serverless barriers with Durable FunctionsMicrosoft Tech Community
 
Multiplayer Server Scaling with Azure Container Instances
Multiplayer Server Scaling with Azure Container InstancesMultiplayer Server Scaling with Azure Container Instances
Multiplayer Server Scaling with Azure Container InstancesMicrosoft Tech Community
 
Explore Azure Cosmos DB
Explore Azure Cosmos DBExplore Azure Cosmos DB
Explore Azure Cosmos DBMicrosoft Tech Community
 
Media Streaming Apps with Azure and Xamarin
Media Streaming Apps with Azure and XamarinMedia Streaming Apps with Azure and Xamarin
Media Streaming Apps with Azure and XamarinMicrosoft Tech Community
 
DevOps for Data Science
DevOps for Data ScienceDevOps for Data Science
DevOps for Data ScienceMicrosoft Tech Community
 
Real-World Solutions with PowerApps: Tips & tricks to manage your app complexity
Real-World Solutions with PowerApps: Tips & tricks to manage your app complexityReal-World Solutions with PowerApps: Tips & tricks to manage your app complexity
Real-World Solutions with PowerApps: Tips & tricks to manage your app complexityMicrosoft Tech Community
 
Azure Functions and Microsoft Graph
Azure Functions and Microsoft GraphAzure Functions and Microsoft Graph
Azure Functions and Microsoft GraphMicrosoft Tech Community
 
Ingestion in data pipelines with Managed Kafka Clusters in Azure HDInsight
Ingestion in data pipelines with Managed Kafka Clusters in Azure HDInsightIngestion in data pipelines with Managed Kafka Clusters in Azure HDInsight
Ingestion in data pipelines with Managed Kafka Clusters in Azure HDInsightMicrosoft Tech Community
 
Getting Started with Visual Studio Tools for AI
Getting Started with Visual Studio Tools for AIGetting Started with Visual Studio Tools for AI
Getting Started with Visual Studio Tools for AIMicrosoft Tech Community
 
Using AML Python SDK
Using AML Python SDKUsing AML Python SDK
Using AML Python SDKMicrosoft Tech Community
 
Mobile Workforce Location Tracking with Bing Maps
Mobile Workforce Location Tracking with Bing MapsMobile Workforce Location Tracking with Bing Maps
Mobile Workforce Location Tracking with Bing MapsMicrosoft Tech Community
 
Cognitive Services Labs in action Anomaly detection
Cognitive Services Labs in action Anomaly detectionCognitive Services Labs in action Anomaly detection
Cognitive Services Labs in action Anomaly detectionMicrosoft Tech Community
 
Speech Devices SDK
Speech Devices SDKSpeech Devices SDK
Speech Devices SDKMicrosoft Tech Community
 
LinkedIn Learning presents: Securing web applications in ASP.NET Core 2.1
LinkedIn Learning presents: Securing web applications in ASP.NET Core 2.1LinkedIn Learning presents: Securing web applications in ASP.NET Core 2.1
LinkedIn Learning presents: Securing web applications in ASP.NET Core 2.1Microsoft Tech Community
 
Building document processes using Adobe + Microsoft
Building document processes using Adobe + MicrosoftBuilding document processes using Adobe + Microsoft
Building document processes using Adobe + MicrosoftMicrosoft Tech Community
 
Work with files everywhere: Store files, extend user experiences, and build b...
Work with files everywhere: Store files, extend user experiences, and build b...Work with files everywhere: Store files, extend user experiences, and build b...
Work with files everywhere: Store files, extend user experiences, and build b...Microsoft Tech Community
 
Office Add-in Design Toolkit
Office Add-in Design ToolkitOffice Add-in Design Toolkit
Office Add-in Design ToolkitMicrosoft Tech Community
 
Interactive emails in Outlook with Adaptive Cards
Interactive emails in Outlook with Adaptive CardsInteractive emails in Outlook with Adaptive Cards
Interactive emails in Outlook with Adaptive CardsMicrosoft Tech Community
 
Real-World Solutions with PowerApps: ALM via Microsoft Flow & PowerShell
Real-World Solutions with PowerApps: ALM via Microsoft Flow & PowerShellReal-World Solutions with PowerApps: ALM via Microsoft Flow & PowerShell
Real-World Solutions with PowerApps: ALM via Microsoft Flow & PowerShellMicrosoft Tech Community
 
Build five-star apps with App Center crash reports
Build five-star apps with App Center crash reportsBuild five-star apps with App Center crash reports
Build five-star apps with App Center crash reportsMicrosoft Tech Community
 
Extending DevOps with serverless Logic Apps
Extending DevOps with serverless Logic AppsExtending DevOps with serverless Logic Apps
Extending DevOps with serverless Logic AppsMicrosoft Tech Community
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxnull - The Open Security Community
 

More Related Content

More from Microsoft Tech Community

Multiplayer Server Scaling with Azure Container Instances
Multiplayer Server Scaling with Azure Container InstancesMultiplayer Server Scaling with Azure Container Instances
Multiplayer Server Scaling with Azure Container InstancesMicrosoft Tech Community
 
Media Streaming Apps with Azure and Xamarin
Media Streaming Apps with Azure and XamarinMedia Streaming Apps with Azure and Xamarin
Media Streaming Apps with Azure and XamarinMicrosoft Tech Community
 
Real-World Solutions with PowerApps: Tips & tricks to manage your app complexity
Real-World Solutions with PowerApps: Tips & tricks to manage your app complexityReal-World Solutions with PowerApps: Tips & tricks to manage your app complexity
Real-World Solutions with PowerApps: Tips & tricks to manage your app complexityMicrosoft Tech Community
 
Ingestion in data pipelines with Managed Kafka Clusters in Azure HDInsight
Ingestion in data pipelines with Managed Kafka Clusters in Azure HDInsightIngestion in data pipelines with Managed Kafka Clusters in Azure HDInsight
Ingestion in data pipelines with Managed Kafka Clusters in Azure HDInsightMicrosoft Tech Community
 
Getting Started with Visual Studio Tools for AI
Getting Started with Visual Studio Tools for AIGetting Started with Visual Studio Tools for AI
Getting Started with Visual Studio Tools for AIMicrosoft Tech Community
 
Mobile Workforce Location Tracking with Bing Maps
Mobile Workforce Location Tracking with Bing MapsMobile Workforce Location Tracking with Bing Maps
Mobile Workforce Location Tracking with Bing MapsMicrosoft Tech Community
 
Cognitive Services Labs in action Anomaly detection
Cognitive Services Labs in action Anomaly detectionCognitive Services Labs in action Anomaly detection
Cognitive Services Labs in action Anomaly detectionMicrosoft Tech Community
 
LinkedIn Learning presents: Securing web applications in ASP.NET Core 2.1
LinkedIn Learning presents: Securing web applications in ASP.NET Core 2.1LinkedIn Learning presents: Securing web applications in ASP.NET Core 2.1
LinkedIn Learning presents: Securing web applications in ASP.NET Core 2.1Microsoft Tech Community
 
Building document processes using Adobe + Microsoft
Building document processes using Adobe + MicrosoftBuilding document processes using Adobe + Microsoft
Building document processes using Adobe + MicrosoftMicrosoft Tech Community
 
Work with files everywhere: Store files, extend user experiences, and build b...
Work with files everywhere: Store files, extend user experiences, and build b...Work with files everywhere: Store files, extend user experiences, and build b...
Work with files everywhere: Store files, extend user experiences, and build b...Microsoft Tech Community
 
Interactive emails in Outlook with Adaptive Cards
Interactive emails in Outlook with Adaptive CardsInteractive emails in Outlook with Adaptive Cards
Interactive emails in Outlook with Adaptive CardsMicrosoft Tech Community
 
Real-World Solutions with PowerApps: ALM via Microsoft Flow & PowerShell
Real-World Solutions with PowerApps: ALM via Microsoft Flow & PowerShellReal-World Solutions with PowerApps: ALM via Microsoft Flow & PowerShell
Real-World Solutions with PowerApps: ALM via Microsoft Flow & PowerShellMicrosoft Tech Community
 
Build five-star apps with App Center crash reports
Build five-star apps with App Center crash reportsBuild five-star apps with App Center crash reports
Build five-star apps with App Center crash reportsMicrosoft Tech Community
 
Extending DevOps with serverless Logic Apps
Extending DevOps with serverless Logic AppsExtending DevOps with serverless Logic Apps
Extending DevOps with serverless Logic AppsMicrosoft Tech Community
 

More from Microsoft Tech Community (20)

Multiplayer Server Scaling with Azure Container Instances
Multiplayer Server Scaling with Azure Container InstancesMultiplayer Server Scaling with Azure Container Instances
Multiplayer Server Scaling with Azure Container Instances
 
Explore Azure Cosmos DB
Explore Azure Cosmos DBExplore Azure Cosmos DB
Explore Azure Cosmos DB
 
Media Streaming Apps with Azure and Xamarin
Media Streaming Apps with Azure and XamarinMedia Streaming Apps with Azure and Xamarin
Media Streaming Apps with Azure and Xamarin
 
DevOps for Data Science
DevOps for Data ScienceDevOps for Data Science
DevOps for Data Science
 
Real-World Solutions with PowerApps: Tips & tricks to manage your app complexity
Real-World Solutions with PowerApps: Tips & tricks to manage your app complexityReal-World Solutions with PowerApps: Tips & tricks to manage your app complexity
Real-World Solutions with PowerApps: Tips & tricks to manage your app complexity
 
Azure Functions and Microsoft Graph
Azure Functions and Microsoft GraphAzure Functions and Microsoft Graph
Azure Functions and Microsoft Graph
 
Ingestion in data pipelines with Managed Kafka Clusters in Azure HDInsight
Ingestion in data pipelines with Managed Kafka Clusters in Azure HDInsightIngestion in data pipelines with Managed Kafka Clusters in Azure HDInsight
Ingestion in data pipelines with Managed Kafka Clusters in Azure HDInsight
 
Getting Started with Visual Studio Tools for AI
Getting Started with Visual Studio Tools for AIGetting Started with Visual Studio Tools for AI
Getting Started with Visual Studio Tools for AI
 
Using AML Python SDK
Using AML Python SDKUsing AML Python SDK
Using AML Python SDK
 
Mobile Workforce Location Tracking with Bing Maps
Mobile Workforce Location Tracking with Bing MapsMobile Workforce Location Tracking with Bing Maps
Mobile Workforce Location Tracking with Bing Maps
 
Cognitive Services Labs in action Anomaly detection
Cognitive Services Labs in action Anomaly detectionCognitive Services Labs in action Anomaly detection
Cognitive Services Labs in action Anomaly detection
 
Speech Devices SDK
Speech Devices SDKSpeech Devices SDK
Speech Devices SDK
 
LinkedIn Learning presents: Securing web applications in ASP.NET Core 2.1
LinkedIn Learning presents: Securing web applications in ASP.NET Core 2.1LinkedIn Learning presents: Securing web applications in ASP.NET Core 2.1
LinkedIn Learning presents: Securing web applications in ASP.NET Core 2.1
 
Building document processes using Adobe + Microsoft
Building document processes using Adobe + MicrosoftBuilding document processes using Adobe + Microsoft
Building document processes using Adobe + Microsoft
 
Work with files everywhere: Store files, extend user experiences, and build b...
Work with files everywhere: Store files, extend user experiences, and build b...Work with files everywhere: Store files, extend user experiences, and build b...
Work with files everywhere: Store files, extend user experiences, and build b...
 
Office Add-in Design Toolkit
Office Add-in Design ToolkitOffice Add-in Design Toolkit
Office Add-in Design Toolkit
 
Interactive emails in Outlook with Adaptive Cards
Interactive emails in Outlook with Adaptive CardsInteractive emails in Outlook with Adaptive Cards
Interactive emails in Outlook with Adaptive Cards
 
Real-World Solutions with PowerApps: ALM via Microsoft Flow & PowerShell
Real-World Solutions with PowerApps: ALM via Microsoft Flow & PowerShellReal-World Solutions with PowerApps: ALM via Microsoft Flow & PowerShell
Real-World Solutions with PowerApps: ALM via Microsoft Flow & PowerShell
 
Build five-star apps with App Center crash reports
Build five-star apps with App Center crash reportsBuild five-star apps with App Center crash reports
Build five-star apps with App Center crash reports
 
Extending DevOps with serverless Logic Apps
Extending DevOps with serverless Logic AppsExtending DevOps with serverless Logic Apps
Extending DevOps with serverless Logic Apps
 

Recently uploaded

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 

Recently uploaded (20)

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 

Lock down access to Azure using identity

  • 1.
  • 2.
  • 3.
  • 5.
  • 6. Operation Example Get a token for Azure Resource Manager curl 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02- 01&resource=https://management.azure.com/' -H Metadata:true Read a VM in Azure Resource Manager curl 'https://management.azure.com/subscriptions/80c696ff-5efa-4909-a64d- f1b616f423ca/resourceGroups/SALES- PROD/providers/Microsoft.Compute/virtualMachines/SALES-FE-01?api-version=2017-12-01' -H "Content-Type: application/json" -H Authorization:"Bearer <ACCESSTOKEN>" Get a token for Azure Storage curl 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02- 01&resource=https://storage.azure.com/' -H Metadata:true Read a blob in Azure Storage curl 'https://<STORAGE-ACCOUNT>.blob.core.windows.net/<CONTAINER>/<BLOB>' -H "x-ms- version: 2017-11-09" -H "Authorization: Bearer <ACCESSTOKEN>" Get a token for Azure Key Vault curl 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02- 01&resource=https://vault.azure.net' -H Metadata:true Read a secret from Azure Key Vault curl 'https://<VAULT-URL>/secrets/<SECRET>?api-version=2016-10-01' -H "Authorization: Bearer <ACCESSTOKEN>"
  • 7.