Kategori: security
-
Mastering Azure Virtual Network Manager for Security and Efficiency
The Azure Virtual Network Manager (AVNM) transforms the task of altering network infrastructure into a simplified process. It enables users to configure network topologies, change hubs, and implement security rules efficiently. The interface allows for quick modifications. AVNM manages security admin rules centrally, ensuring network owners cannot override them. Additionally, it deploys User-Defined Routes (UDR)…
-
Azure Virtual Network Manager – A game changer or just a costly upgrade?
Intro Managing networks in Azure can pose significant challenges due to the multitude of resources involved. Maintaining control over these resources further amplifies the complexity. The entire system hinges on the network functioning as intended. Add security into the mix, and you’re dealing with a highly complex, high-risk component of your architecture. Azure Virtual Network…
-
Navigating the Challenges of Policy as Code in Azure: Part 2
Previously, I have written about some challenges around policy as code. You can find the previous blog here. There I discuss some problems I see with policy as code in general. Now I’m going to delve a little deeper into the problem and look even more at what Microsoft gives us and what we might…
-
How to get custom condition as IaC for the role Role Based Access Control Administrator
TL;DR The new Azure Role, “Role Based Access Control Administrator,” allows for granular control over role assignments. This blog post details the creation of a Terraform module to implement this functionality. The process involves understanding the functionality via the Azure portal, writing the code, and dealing with unsupported functions in the azurerm provider from Terraform…
-
Analyzing User Privileges in Azure based on activity
Maintaining control over users with directory roles is a challenge in itself. However, a more informed approach involves examining their usage based on activity logs. This provides a comprehensive view of how these roles are being utilized by the respective users. Executing this script offers an overview of the users and their activities over the…
-
Azure Landing Zones: Enhancing Security and Simplifying Resource Management with Access Packages
What is Access Packages? Access packages are a powerful feature of Microsoft Entra ID that can help organizations manage identity and access lifecycle at scale. Access packages must be in a container called a catalog, which defines what resources you can add to your access package. If you don’t specify a catalog, your access package…
-
Protecting Your Organization’s Resources with Microsoft Entra’s (Azure AD’s) Powerful Tools
In today’s digital age, protecting your organization’s resources is more important than ever. With the rise of cyber threats and data breaches, it’s crucial to have the right tools in place to manage access and enforce security policies. Microsoft Entra ID (Azure Active Directory (Azure AD)) offers a range of powerful features to help you…
Håvard Løkensgard 