Microsoft Azure Architect Design: Azure AD & RBAC Design

Azure 2019    |    Expert
  • 20 Videos | 1h 22m 45s
  • Includes Assessment
  • Earns a Badge
Likes 18 Likes 18
In this 20-video course, discover how to apply knowledge of Azure Active Directory (AD) objects, settings, and role-based access control (RBAC) role assignments to address business needs, in preparation for AZ-301: Microsoft Azure Architect Design certification exam. Begin with a look at Azure AD and identity management planning, then recall various strategies for applying access control. Create a new Azure AD tenant, and Azure AD users and groups using the portal and PowerShell. Use command-line interface (CLI) to create an Azure AD user and join a Windows 10 device to Azure AD. Define how RBAC is used in Azure; assign built-in RBAC roles at different scopes; create deny RBAC assignments; and create a custom RBAC role with CLI. Then assign a custom RBAC role, and use PowerShell to remove a custom RBAC role and a RBAC role assignment. Enable self-service password reset and self-service group management to reduce the help desk burden; create an Azure AD enterprise application configuration, and audit Azure AD and sign-in logs. The exercise involves designing Azure AD and RBAC.

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    recognize when Azure AD configurations best meet business needs
    recall various strategies for applying access control
    create a new Azure AD tenant
    use the portal to create Azure AD users and groups
    use PowerShell to create Azure AD users and groups
    use the CLI to create an Azure AD user
    join a Windows 10 device to Azure AD
    define how RBAC is used in Azure
    assign built-in RBAC roles at different scopes
  • create deny RBAC assignments
    create a custom RBAC role using the CLI
    assign a custom RBAC role
    use PowerShell to remove a custom RBAC role
    use PowerShell to remove a RBAC role assignment
    enable SSPR to reduce the help desk burden
    enable SSGM to reduce the help desk burden
    create an Azure AD enterprise application configuration
    audit Azure AD and sign-in logs
    create a new Azure AD tenant, create an Azure AD user and group, assign a built-in RBAC role, and enable Self-Service Password Reset

IN THIS COURSE

  • Playable
    1. 
    Course Overview
    2m 11s
    UP NEXT
  • Playable
    2. 
    Azure AD and Identity Management Planning
    7m 39s
  • Locked
    3. 
    Access Control Strategies
    4m 42s
  • Locked
    4. 
    Azure AD Tenants
    2m 51s
  • Locked
    5. 
    Azure AD User and Group Portal Management
    3m 42s
  • Locked
    6. 
    Azure AD User and Group PowerShell Management
    2m 35s
  • Locked
    7. 
    Azure AD User and Group CLI Management
    2m 17s
  • Locked
    8. 
    Azure AD-Joined Devices
    2m 37s
  • Locked
    9. 
    Role-Based Access Control
    6m 18s
  • Locked
    10. 
    Built-In RBAC Role Assignments
    3m 47s
  • Locked
    11. 
    RBAC Deny Assignments
    3m 22s
  • Locked
    12. 
    Custom RBAC Role Creation
    3m 27s
  • Locked
    13. 
    Custom RBAC Role Assignment
    3m 7s
  • Locked
    14. 
    Remove a Custom RBAC Role
    2m 57s
  • Locked
    15. 
    Remove an RBAC Role Assignment
    2m 39s
  • Locked
    16. 
    Self Service Password Reset
    2m 57s
  • Locked
    17. 
    Self Service Group Management