New AzRoleDefinition InputFile PATH TO YOUR FILE customrbacjson 4 Navigate to

New azroledefinition inputfile path to your file

This preview shows page 98 - 110 out of 127 pages.

New-AzRoleDefinition -InputFile “<PATH-TO-YOUR-FILE>\customrbac.json”4.Navigate to your Subscription and open the “Access Control (IAM)”5.Select the “Roles” tab6.Verify that your new custom Role is listed
Background image
99 ©2019 Skylines Academy, LLC All rights reservedAzure Lab Guide7.Navigate to your “Skylines-RG” Resource Group8.Click on the “Access Control (IAM)” blade9.Click the “+ Add Role Assignment” button10.Configure the settings for your new role assignment a.Role: Skylines Custom RBAC b.Assign access to: Azure AD user, group, or service principal c.Select a user from your list of Azure AD users 11.Click “Save”
Background image
100 ©2019 Skylines Academy, LLC All rights reservedAzure Lab Guide
Background image
101 ©2019 Skylines Academy, LLC All rights reservedAzure Lab GuideAzure Policy 1.Within the Azure Portal, select “All Services”, search for and select “Policy”2.Within Azure Policy, select “Definitions” and click the “+ Policy Definition” button 3.Input the values for your new custom Policy a.Definition Location: your subscription b. Name: Skylines-CustomPolicy c.Category: CustomPolicy
Background image
102 ©2019 Skylines Academy, LLC All rights reservedAzure Lab Guided.Policy Rule: Modify the “effect” value from “audit” to “deny”4.Click “Save”Skylines-CustomPolicy
Background image
103 ©2019 Skylines Academy, LLC All rights reservedAzure Lab Guide5.Navigate to “Assignments” within Azure Policy and click the “Assign policy” button
Background image
104 ©2019 Skylines Academy, LLC All rights reservedAzure Lab Guide6.Configure settings for your new Policy assignment a.Scope: your subscription b.Policy Definition: Search for and select your newly created Policy c.Assignment Name: Skylines-CustomPolicy Skylines-CustomPolicy
Background image
105 ©2019 Skylines Academy, LLC All rights reservedAzure Lab Guided.Allowed Locations: Select a few Azure Regions that you work with regularly (i.e. Central US, East US, North Central US, South Central US) 7.Once all values are configured, click “Assign”Skylines-CustomPolicy Skylines-CustomPolicy
Background image
106 ©2019 Skylines Academy, LLC All rights reservedAzure Lab Guide8.To test your newly created Policy, create a new Storage Account in an Azure Region outside of the options selected above (i.e. Australia East) 9.During Resource Validation you will receive an error that the new Storage Account has been disallowed by Policy and you will be unable to complete deployment
Background image
107 ©2019 Skylines Academy, LLC All rights reservedAzure Lab Guide10.Navigate back to Azure Policy and select “Compliance”11.View the compliance state your newly created Azure Policy (note: Compliance state may take some time for the initial run to complete) Virtual Networks 1.Navigate to the “Skylines-RG” Resource Group and select the “Skylines-Vnet-1”Skylines-Custompolicy
Background image
108 ©2019 Skylines Academy, LLC All rights reservedAzure Lab Guide2.Navigate to the “Peerings” blade and select “+ Add”Skylines-AS Skylines-NSG SkylinesVM1 SkylinesVM1-nic SkylinesVM2 SkylinesVM2-nic Skylines-Vnet-1 Skylines-Vnet-2 SkylinesVM22 SkylinesVM1
Background image
109 ©2019 Skylines Academy, LLC All rights reservedAzure Lab Guide3.Configure the Peering settings a.
Background image
Image of page 110

You've reached the end of your free preview.

Want to read all 127 pages?

  • Winter '14
  • IP address, ©2019 Skylines Academy, Azure Lab Guide

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture