{"id":208,"date":"2026-04-03T22:46:40","date_gmt":"2026-04-04T01:46:40","guid":{"rendered":"https:\/\/proglab.com.br\/?page_id=208"},"modified":"2026-05-23T18:29:25","modified_gmt":"2026-05-23T21:29:25","slug":"recommend-a-solution-for-authorizing-access-to-azure-resources","status":"publish","type":"page","link":"https:\/\/proglab.com.br\/?page_id=208","title":{"rendered":"Recommend a solution for authorizing access to Azure resources"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">The diagram you see here is a must know for understanding how access is authorized in Azure. <\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"453\" src=\"https:\/\/proglab.com.br\/wp-content\/uploads\/2026\/04\/image-46-1024x453.png\" alt=\"\" class=\"wp-image-737\" srcset=\"https:\/\/proglab.com.br\/wp-content\/uploads\/2026\/04\/image-46-1024x453.png 1024w, https:\/\/proglab.com.br\/wp-content\/uploads\/2026\/04\/image-46-300x133.png 300w, https:\/\/proglab.com.br\/wp-content\/uploads\/2026\/04\/image-46-768x340.png 768w, https:\/\/proglab.com.br\/wp-content\/uploads\/2026\/04\/image-46.png 1115w\" sizes=\"auto, (max-width: 706px) 89vw, (max-width: 767px) 82vw, 740px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Start with the concept of a <strong>security principal<\/strong>: This could be a user, a group, a service principal, or a managed identity. So remember those.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/learn.microsoft.com\/en-us\/training\/modules\/design-authentication-authorization-solutions\/9-two-design-service-principals\/?ns-enrollment-type=learningpath&amp;ns-enrollment-id=learn.wwl.design-identity-governance-monitor-solutions\">Design service principals for applications<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/learn.microsoft.com\/en-us\/training\/modules\/design-authentication-authorization-solutions\/9-one-design-managed-identities\/?ns-enrollment-type=learningpath&amp;ns-enrollment-id=learn.wwl.design-identity-governance-monitor-solutions\">Design managed identities<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Then you&#8217;ve got <strong>role assignments<\/strong> which link identities to role definitions. These are basically your permission so you&#8217;ll need to know how those are set up within there.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Next up is the <strong>scope<\/strong>. This is all about where the access policies are applied. So practice going through and doing these things.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">And who gets access is a great question. What can they do? And where can they do it is key to understanding the exam. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">One of the things you want to keep in mind is expect to see the structure shown in your exam, especially in questions about <strong>RBAC<\/strong>, role based access control, and general access control.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Links:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/role-based-access-control\/built-in-roles\">https:\/\/learn.microsoft.com\/en-us\/azure\/role-based-access-control\/built-in-roles<\/a><br><br><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/active-directory\/governance\/identity-governance-applications-prepare\">https:\/\/learn.microsoft.com\/en-us\/azure\/active-directory\/governance\/identity-governance-applications-prepare<\/a><br><br><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/security-center\/security-center-just-in-time\">https:\/\/docs.microsoft.com\/en-us\/azure\/security-center\/security-center-just-in-time<\/a><br><br><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/hybrid\/connect\/how-to-connect-pta\">https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/hybrid\/connect\/how-to-connect-pta<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/id-governance\/entitlement-management-overview\">https:\/\/learn.microsoft.com\/en-us\/entra\/id-governance\/entitlement-management-overview<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/learn.microsoft.com\/en-us\/training\/modules\/manage-security-controls-identity-access\/44-entitlement-management\">https:\/\/learn.microsoft.com\/en-us\/training\/modules\/manage-security-controls-identity-access\/44-entitlement-management<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/learn.microsoft.com\/en-us\/training\/modules\/plan-implement-entitlement-management\/2-define-access-packages\">https:\/\/learn.microsoft.com\/en-us\/training\/modules\/plan-implement-entitlement-management\/2-define-access-packages<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The diagram you see here is a must know for understanding how access is authorized in Azure. Start with the concept of a security principal: This could be a user, a group, a service principal, or a managed identity. So remember those. Design service principals for applications Design managed identities Then you&#8217;ve got role assignments &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/proglab.com.br\/?page_id=208\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Recommend a solution for authorizing access to Azure resources&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"parent":169,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-208","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/proglab.com.br\/index.php?rest_route=\/wp\/v2\/pages\/208","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/proglab.com.br\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/proglab.com.br\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/proglab.com.br\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/proglab.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=208"}],"version-history":[{"count":9,"href":"https:\/\/proglab.com.br\/index.php?rest_route=\/wp\/v2\/pages\/208\/revisions"}],"predecessor-version":[{"id":815,"href":"https:\/\/proglab.com.br\/index.php?rest_route=\/wp\/v2\/pages\/208\/revisions\/815"}],"up":[{"embeddable":true,"href":"https:\/\/proglab.com.br\/index.php?rest_route=\/wp\/v2\/pages\/169"}],"wp:attachment":[{"href":"https:\/\/proglab.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=208"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}