azure:az-104_2024:identity_and_access_management

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
azure:az-104_2024:identity_and_access_management [2024/10/16 17:17] – [Global Admin Elevated Access] mmuzeazure:az-104_2024:identity_and_access_management [2025/11/29 17:48] (current) mmuze
Line 126: Line 126:
    * This setting gives the user the User Access Administrator role for the root scope that is inherited by all management groups/subscriptions.    * This setting gives the user the User Access Administrator role for the root scope that is inherited by all management groups/subscriptions.
    * Although it's a per-user settings it is enabled from the tenant blade, not the user properties blade.    * Although it's a per-user settings it is enabled from the tenant blade, not the user properties blade.
-   * Also, it results in an Azure role being assigned to the user, not a Entra Id/Administrative role being assigned.+   * Also, it results in an Azure role being assigned to the user, not a Entra Id/Administrative role being assigned. <color :#fff200>So, it might seem a little counterintuitive for the role to get assigned from tenant blade, but this a special case of bootstrapping the ability to assign RBAC roles.</color> 
 + 
 +====== Multi-factor Authentication (MFA) ====== 
 +  * Conditional Access based MFA is also call Per-Authentication MFA in contrast to Per-User MFA. 
 + 
 +====== Conditional Access ====== 
 +  * [[https://learn.microsoft.com/en-us/entra/identity/conditional-access/overview]] 
  • azure/az-104_2024/identity_and_access_management.1729099026.txt.gz
  • Last modified: 2024/10/16 17:17
  • by mmuze