Andrew Wilson's Blog

{ ... Plan - Architect - Develop - Reflect - Improve - Repeat ... }

Azure Role Based Access Control (RBAC) | Removing Orphaned Role Assignments

Problem Space Deploying solutions into Azure that rely on Role Based Access often involve us creating IaC automation for the assignment of roles, such as: A services access to Key Vault A services access to a Key Vault specific secret A services access to a storage account A services access to a Service Bus Queue or Topic In many of these instances we may wish to leverage the source resource identity (System Assigned Managed Identity) for the assigned access.

Posted by Andrew Wilson on Thursday, July 4, 2024

Azure RBAC Key Vault | Role Assignment for Specific Secret

Background Azure role-based access control (Azure RBAC) provides fine grained control over access to Azure resources. Azure RBAC is founded on top of the Azure Resource Manager which allows us to provide access authorisation at differing scope levels ranging from the Management Group through to individual resources. With RBAC enabled key vaults we can manage access to the resource and data stored in the vault. We can also manage access for individual keys, secrets, and certificates.

Posted by Andrew Wilson on Wednesday, November 22, 2023

avatar

Andrew Wilson
Husband - Father - Principal Consultant at Black Marble.

Has a passion for creating software [especially solution integrations] that help others execute their jobs faster and more efficiently.

QUICK LINKS
FEATURED TAGS
api-management apim apim-policy arm az-cli azure azure-devops azure-portal bicep biztalk biztalk-deployment-framework btdf dsc fluent-ui git iac keyvault logic-app logic-app-standard nerd-fonts office-ui-fabric ohmyposh powershell rbac react rest-client roles sso storage-account strong-name-key swagger typescript vs-code webpack windows-terminal winget winget-configuration yaml-pipeline