Reputation: 622
What is the difference between IAM and Azure AD on the azure cloud?
What is the difference between IAM and Azure AD on the azure cloud?
They don't make it clear.
Upvotes: 23
Views: 34980
Answers (5)
Reputation: 9
Azure AD(AAD) is a specific service within Azure that provides identity and access management capabilities, while identify and access management (IAM) is a broader concept that refers to the management of digital identities and access to resources.
For more details, please to see: https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-ops-guide-iam
Upvotes: 1
Reputation: 325
Azure AD is for Authentiction - User must prove who they are using a Username and Password IAM (RBAC) is for Authorization - a User is assigned a role or permissions to use a specific resource.
Upvotes: 5
Reputation: 3
Identify and access management (IAM) is called RBAC (Role-Based Access Control). This is used to grant level of access such as reader , contributor , owner to Azure resources and hence perform role assignment.
Azure AD is identity management solution for Azure. It is a live directory or a database that stores the user accounts and their password.
Upvotes: 0
Reputation: 58898
Identity Access Management is what they call the Role-Based Access Control system in Azure subscriptions. Basically, it allows you to give users certain roles on subscriptions, resource groups, or individual resources.
Azure AD is a more general identity management solution. It allows you to manage users and applications, users' access to those applications and more. Calling it the "same as on-prem AD" is not really quite right, since their features differ quite a lot. The general purpose is similar to on-prem AD of course.
Logically Azure subscriptions exist within one Azure AD (they are linked to one). But having your user account in Azure AD does not give you access to Azure subscriptions! In addition to a user having to be a member (or invited guest user) of the AAD assigned to the subscription, you also have to use the RBAC (IAM) system to assign roles for users.
Upvotes: 15
Reputation: 13974
What is the difference between IAM and Azure AD on the azure cloud?
Azure IAM is Azure Role-Based Access control (RBAC). Work for Azure subscription, to manage Azure resources.
Using RBAC, you can segregate duties within your team and grant only the amount of access to users that they need to perform their jobs. Instead of giving everybody unrestricted permissions in your Azure subscription or resources, you can allow only certain actions. For example, use RBAC to let one employee manage virtual machines in a subscription, while another can manage SQL databases within the same subscription.
Azure AD same as on-prem AD, create users to access or manage some applications.
Azure IAM same as Active directory group(have some permissions), Azure AD users in this group will have those permissions.
Upvotes: 4
Related Questions
- What is the difference between an Azure tenant and Azure subscription?
- What Is The Difference Between An Azure Tenent, Azure Directory and Azure Active Directory?
- What is the difference between Azure AD Graph API and Microsoft Graph API
- In Microsoft Azure , what is the difference between Azure AD device and MSOL device
- Difference between Azure AAD Tenant & Organization
- IAM or AD in azure
- What is the difference between Azure Active Directory and Azure Active Directory Domain Services?
- Difference between adfs and azure AD
- Does Azure have IAM?
- What is the difference between Azure ACS and Azure AD B2C?