In this tutorial I demonstrate Azure Active Directory user account creation, group creation and access management configuration.
Environments and Technologies Used
Microsoft Azure Cloud Platform
Resources Used
- Azure Resource Groups
- Access Control (IAM)
Video Demonstrations
1. Configure and Observe Tenant-Level Global Reader
- Create a user within Azure Active Directory (AAD) (username: globalreaderjohn)
- Assign Tenant-Level Global Reader
- In a new browser/incognito, log in as globalreaderjohn and observe result of being a Tenant Level “Global Reader” (Users, Active Directory)
- Close browser/incognito when satisfied
2. Configure and Observer Subscription Reader
- Back in main browser, create another user within AAD (username: subreaderjane)
- Assign Subscription-Level Reader
- In a new browser/incognito, log in as subreaderjane and observe result of being a Subscription Level “Global Reader” (Subscriptions, Resource Groups)
- Close browser/incognito when satisfied
3. Configure and Observe Resource Group Contributor (like an admin)
- Back in main browser, create another user within AAD (username: rgcontributordave)
- Create a new resource group called “Permissions-Tester”
- Assign Resource Group-level Contributor and Subscription Level Reader
- For our resource group “Permissions-Tester” assign Contributor Permissions
- In a new browser/incognito, log in as rgcontributordave and observe result of being a Subscription Level Reader and Resource Group-level Contributor
- Observe the result of being a Resource Group Level Contributor (Storage Account Creation)
