As Azure AD forms the foundation for identity in the cloud, authorization becomes the cornerstone of providing service access within Azure and across cloud services. This course teaches the authorization options available with Azure and Azure AD.
Authorization can be a very complex topic when looking at leveraging services across clouds via a centralized identity. In this course, Designing Authorization for Azure AD, you will learn foundational knowledge of authorization with Azure and Azure AD. First, you will learn the key concepts around delegated authorization. Next, you will discover the authorization capabilities for Azure and Azure AD. Finally, you will explore how to integrate applications with Azure AD and control the delegation. When you’re finished with this course, you will have the skills and knowledge of authorization in Azure AD needed to enable you to securely and efficiently leverage Azure and other cloud services in a seamless manner.
John Savill is an 11-time MVP, and he holds many Microsoft certifications
including Azure Infrastructure and Azure Architecture specialist. John is
the author of the popular FAQ for Windows and a senior contributing editor
to Windows IT Pro. John has written eight books on Microsoft technologies
including Mastering Microsoft Azure Infrastructure Services and Mastering
Windows Server 2016 Hyper-V.
Course Overview Hi everyone. My name is John Savill, and welcome to my course, Design Authorization for Microsoft Azure. I'm a Principal Technical Architect at the Dallas Microsoft Technology Center. Authorization in the cloud is key to enabling cross-cloud service access and enabling services to be utilized in a secure, while usable, way. In this course, we're going to look at the key Azure AD authorization capabilities to provide a solution that can be leveraged by users and services in Azure and beyond. By the end of this course, you'll know how to design and implement authorization solutions utilizing Azure AD and Azure services. I hope you will join me on this journey to learn all about the authorization options in Azure with the Design Authorization for Microsoft Azure course, at Pluralsight.
Authorization Foundation Welcome to the Design Authorization with Microsoft Azure course and this first module, Authorization Foundation. My name is John Savill. I'm a Principal Technical Architect at the Dallas Microsoft Technology Center. You can follow me on Twitter at ntfaqguy, and my blog is at savilltech. com where I try and keep people up to date with the latest videos I create and other writings. This course is actually really interesting for me. When you first think about authorization, you think about well it's giving people access to stuff, but in the world of the cloud, it's actually a lot more than that. There's also considerations around services doing things on your behalf. There's a complete set of technologies just around that, so we're going to look at both aspects of authorization in this course. So we're going to start off with an authorization overview; understanding types of authorization; some of the protocols used in the cloud; then we'll dive into some technology-specific solutions, the Azure Resource Manager role-based access control; how I can register applications with Azure Active Directory that are going to need authorization to do things on our behalf; and then the authorization with Azure services. In this first module, we're going to dive into, well, what exactly is authorization; the difference and how they complement between authorization and authentication, both critical; look at the types of authorization; and then understanding the authorization protocols and joy with tokens, and probably some information about me eating candy.
Authorization with Azure Resource Manager and Azure AD Welcome to the Authorization with Azure Resource Manager and Azure Active Directory. In this module, we're going to kick off with a few refreshers on a few topics, like groups and the structure of Azure, and then dive into the Azure Resource Manager role-based access control; using Privileged Identity Manager and Identity Protection; and then really build into conditional access, going to spend a lot of time on conditional access, the types of controls we can use, the policies; look at the Azure Active Directory roles, which also include the Office 365 roles; how we can register applications in Azure Active Directory and the Application Service access; using the Azure Key Vault when applications need to store secrets; and then the options about repudiation.