In this video, learn how to configure Azure AD authentication for Azure Storage. Azure AD authentication enables enforcement of specific data access permissions to users and service identities from their Azure AD tenant using the role-based access control (RBAC).
- [Instructor] The AZ-500 exam may test your knowledge … of configuring Azure Active Directory … authentication for Azure Storage … which is a relatively new feature … in the long history of Azure and extends our options, … which today, we're limited to Shared Key … and SAS tokens as authorization mechanisms. … So Azure Active Directory authentication … would allow us to use a variety of built-in roles to assign … permissions at the resource group level, for example. … So I could assign the Storage Blob Data Contributor … permissions for all storage accounts … within a resource group. … I could take that a step more granular … and assign permissions at the storage account level … or even all the way down to the container level, … allowing activity only to a specific container … within a storage account. … And the Azure AD authentication feature … supports managed service identities … which means I can grant permissions … to an automatically managed identity in Azure AD … associated with a virtual machine …
- Configuring security policies
- Enabling data authentication and auditing
- Configuring security for storage accounts
- Configuring Azure AD authentication
- Configuring security for Cosmos DB and Azure Data Lake