This post is the first in ‘The Azure Bakery’ series; this part is about Azure Active Directory. Click here for the introduction to the series.
This post is the first in ‘The Azure Bakery’ series; this part is about Azure Active Directory. [Click here_](https://itnext.io/the-azure-bakery-series-introduction-277be6b7cdd3?source=friends_link&sk=5a0f506c63bd47be964728d462ace005) for the introduction to the series._
When you sign up for a Microsoft cloud service, such as Azure, the tenant, an Azure Active Directory instance is created. The Azure Active Directory tenant represents your organization. It’s the first layer of our Azure cake.
Image by Robin Smorenburg on Robino
Every Azure environment is built on top of an Azure Active Directory
(Azure AD) tenant. Azure AD is Microsoft’s cloud-based identity and access management service.
What is needed when engineering and deploying your solution? There’s a lot to it. Today, we look at Azure AD from a fundamental perspective by looking at identity and security basics.
To access and manage your Azure environment, we need an identity; this is essential for authentication and authorization. Authentication is the process of verifying who you are, whereas authorization determines what you can and cannot do.
Ensure the identity has the needed permissions for fulfilling only the role it’s supposed to do and not more. This way, if the identity falls into the wrong hands, the amount of damage is limited. This approach is called role-based access control (RBAC) and follows the principle of least privilege. There are three identity types.
*User accounts: *Theyenable users and administrators to log in and work with Azure. When authenticating, the user needs to enter a username and password. Preferably followed by a second form of authentication, this is called multi-factor authentication.
*Service principals: *They allow applications and automation tools to access and work with resources within Azure. Authentication is handled by a combination of the application identifier and a secret key or certificate.
*Managed identities: *They provide an identity for resources. The identities can be used, for example, to access other resources, like the secret keys inside an Azure Key Vault. You don’t need to manage credentials; Azure manages these.
Azure provides over 1O00 cloud-services that enable you to do everything form running existing applications on Virtual Machines(VMs) to exploring new software paradigms.
Microsoft Azure Tutorial will give you a complete walkthrough to Microsoft Azure management console and help you use it to explore services it has to.
Microsoft recently announced the general availability of Azure Attestation, a unified solution for remotely verifying the trustworthiness of a platform and the integrity of the binaries running inside it.
Azure Synapse Analytics can be called the service of these two worlds in terms of technology, security and performance from a single point.
Recently Microsoft launched its Azure Space initiative as a further push of cloud computing towards space. This initiative by the public cloud vendor consists of several products and partnerships to position Azure as a critical player in the space- and satellite-related connectivity and compute part of the cloud market.