Forum Discussion
AAD Conditional Access policies vs Control Access RBAC
Hi f0cus_13,
You are right. Azure and Azure AD are mixed to each other every now and then. Azure AD is a directory with users, groups, devices, applications and etc. It has for example capabilities to manage user access to different applications as Azure Management or Office 365 applications with Conditional Access policies. If we think access control overall this affects to the authentication part of access process.Azure RBAC is Azure's capability to make more granual access control to resources, resource groups, subscriptions etc. Azure RBAC connects Azure AD users (who has access) to roles (what access they have) to the scope (where they have access to). If we think access control overall this affects to the authorization part of access process.
For your case you can give access to VNET or Sentinel with Azure RBAC, not with Conditional Access. You can require MFA or managed device or whatever from user to access to application Azure Management with Conditional Access.
/Markus
Hi f0cus_13,
You are right. Azure and Azure AD are mixed to each other every now and then. Azure AD is a directory with users, groups, devices, applications and etc. It has for example capabilities to manage user access to different applications as Azure Management or Office 365 applications with Conditional Access policies. If we think access control overall this affects to the authentication part of access process.
Azure RBAC is Azure's capability to make more granual access control to resources, resource groups, subscriptions etc. Azure RBAC connects Azure AD users (who has access) to roles (what access they have) to the scope (where they have access to). If we think access control overall this affects to the authorization part of access process.
For your case you can give access to VNET or Sentinel with Azure RBAC, not with Conditional Access. You can require MFA or managed device or whatever from user to access to application Azure Management with Conditional Access.
/Markus