Reputation: 79
Resource-Based Policies in Azure
I found that Azure RBAC Role Assignment is the equivalent of AWS Identity-Based Policies, where I can assign roles to a user, a group or a service principle. But what is the Azure equivalent of AWS Resource-Based Policies? How can i assign roles to a resource?
For example if I want to give a Function permission to read from SQL DB , or to a scheduled job a permission to read Blob Storage contents and create a new Cosmos DB document. How can I do it Azure?
Is that was service principal came for? But service principal is only for web applications.
Upvotes: 3
Views: 293
Answers (1)
Reputation: 72171
You would need to use Managed Identities for Azure Resources for that. They would be the Azure analogue for that.
Also, literally any application can use service principal authentication, not just web applications
Upvotes: 2
Related Questions
- How to create Azure Policy?
- Role-Base Access Control in Azure web and database
- Azure RBAC Permission
- Azure RBAC Custom Roles
- How do we define azure policy rules for dependent resources?
- Azure Resource Group Access
- Azure Access Control for Resource Groups
- Blocking RBAC inheritance
- Resource based authorization with Azure AD?
- Role-based access control in Azure API App