Nobody understand the (Azure) Cloud

%3CLINGO-SUB%20id%3D%22lingo-sub-1013111%22%20slang%3D%22en-US%22%3ERe%3A%20Nobody%20understand%20the%20(Azure)%20Cloud%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1013111%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F108979%22%20target%3D%22_blank%22%3E%40Taen%20keren%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Emaybe%20this%20helps%3A%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsecurity%2Ffundamentals%2Fshared-responsibility%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsecurity%2Ffundamentals%2Fshared-responsibility%3C%2FA%3E%3C%2FP%3E%3CP%3Eand%20this%3A%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsecurity%2Ffundamentals%2Foverview%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsecurity%2Ffundamentals%2Foverview%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1013082%22%20slang%3D%22en-US%22%3ENobody%20understand%20the%20(Azure)%20Cloud%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1013082%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3ESubj.%20quote%20from%20a%20movie%26nbsp%3B%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%3ETrying%20to%20%E2%80%98understand%E2%80%99%20and%20pass%20on%20What%20Azure%20and%20the%20%E2%80%98Concepts%E2%80%99%20is%20(besides%20all%20the%20IaaS%2C%20PaaS%2C%20SaaS)%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%3EThere%E2%80%99s%20a%20lot%20more%20than%20this%20of%20course%20%3A)%3C%2Fimg%3E%20-%20but%20can%20it%26nbsp%3B%20be%20'boiled'%20down%20to%20this%20quick%20explanation%3A%3CBR%20%2F%3E%3CBR%20%2F%3EAzure%20is%20%E2%80%98Subscription%E2%80%99%20based%20(one%20or%20more%20subscriptions)%20-%20a%20lot%20of%20services%20is%20offered%20in%20Azure%20-%20allows%20to%20deployed%20various%20%E2%80%98resources%2Fgroups%E2%80%99%20which%20have%20more%20than%201%20or%20more%20resources%20-%20access%20to%20these%20should%20be%20%E2%80%98controlled%E2%80%99%20with%20an%20RBAC%20model%3C%2FSPAN%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CBR%20%2F%3E%3CSPAN%3E1)%20the%20Security%20resides%20in%20the%20Deployed%20%E2%80%98resource%E2%80%99%20as%20MS%20secure%20the%20overall%20Platform%3F%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%3E2)%20if%20a%20firewall%20is%20deployed%20as%20a%20%E2%80%98resource%E2%80%99%20-then%20besides%20which%20ports%20that%20are%20opened%20-%20it%E2%80%99s%20still%20about%20who%20has%20access%20to%20the%20%E2%80%98resource%E2%80%99%3F%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%3E3)%20If%20a%20VM%20is%20deployed%20as%20a%20resource%20the%20%E2%80%98security%E2%80%99%20is%20still%20%E2%80%98Who%20has%20access%E2%80%99%3F%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%3E4)Traditional%20%E2%80%98pen-test%E2%80%99%20are%20%E2%80%98obsolete%E2%80%99%20in%20regards%20to%20Azure%20Ressources%3F%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FP%3E%3CP%3E%3CSPAN%3Ecan%20anyone%20assist%3F%20-%20Maybe%20with%20some%20easy%20reading%2Fdrawing%20links%3F%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1013082%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EData%20%2B%20Storage%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EProtection%20%26amp%3B%20Recovery%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Highlighted
Super Contributor

Subj. quote from a movie 

Trying to ‘understand’ and pass on What Azure and the ‘Concepts’ is (besides all the IaaS, PaaS, SaaS)

There’s a lot more than this of course :) - but can it  be 'boiled' down to this quick explanation:

Azure is ‘Subscription’ based (one or more subscriptions) - a lot of services is offered in Azure - allows to deployed various ‘resources/groups’ which have more than 1 or more resources - access to these should be ‘controlled’ with an RBAC model 


1) the Security resides in the Deployed ‘resource’ as MS secure the overall Platform?

2) if a firewall is deployed as a ‘resource’ -then besides which ports that are opened - it’s still about who has access to the ‘resource’?

3) If a VM is deployed as a resource the ‘security’ is still ‘Who has access’?

4)Traditional ‘pen-test’ are ‘obsolete’ in regards to Azure Ressources?

can anyone assist? - Maybe with some easy reading/drawing links?

1 Reply