Step-By-Step: Enabling Custom Role Based Access Control in Azure
During the preparation of the Ignite The Tour conference, Neil Peterson and I along with the whole Cloud Ops Advocate team, were looking at issues that IT/Ops professionals are facing when looking at hybrid environments and migrating workloads to the cloud. In this post we will cover RBAC. More specifically, custom RBAC, because built in roles may not always cover every situation so you can customize the RBAC so they are tailored to your specific needs.
Can I use Azure Just in Time (JIT) RBAC without PIM e.g. as a standalone solution
Hello I saw a video show PIM (Privilaged Access Management) and part of it Showed using Just In Time administration to allow a user (after MFA authentication) to elevate to admin to do some work for a set period of time). I need to know more about JIT for RBAC whereby I want to for example give someone the ability to elevate their role (to contributor for example) via MFA or some kind of admin approval, so they can perform a task then their contributor role expires (without necessarily using PIM). However I am having great difficultly finding vidoes, documentation (prefer good videos if available) showing how to set this up and make it work with a few examples and what level of Azure subscription you need to allow JIT RBAC Can someone please advise and point me towards some good vidoes or blog articles on this please Thanks __AAnotherUserCMMC Recovery (RE) Domain Overview and Strategy
One of the key areas where the Cybersecurity Maturity Model Certification (CMMC) expands on NIST 800-171 is system recovery, specifically the ability to recover from any event that compromises the integrity and availability of data. Backups are called out in the Recovery (RE) Domain and include the requirement to backup all content, not just CUI and other critical content. Further, testing backups is now a requirement and likely to be validated during a CMMC assessment.
Intune Permissions
Hi, I am using roles within Intune and would like to grant access to the "enrollment issues"-view for some HelpDesk guys. https://endpoint.microsoft.com/#blade/Microsoft_Intune_DeviceSettings/DevicesMonitorMenu/enrollmentFailures) But I don't get which permission is responsible to enable that view. I can not find anything in the documentation. thanks Sebastian
RBAC Intune - Can not see devices
Hi @all :-), I have defined a custom role for our admins in different departments (see screenshot). The administrators are in a group, the group is assigned to that role. Scope groups are assigned (users and devices in the department) and scope tags are set. But the department admin can not access the device list (not authorized). What permission is missing? I hope someone can give me a hint. 🙂
