Azurecloud~30 mins

Why identity management is foundational in Azure - See It in Action

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Why identity management is foundational

📖 Scenario: You are setting up a small company's cloud environment on Microsoft Azure. The company wants to make sure only the right people can access their cloud resources securely.

🎯 Goal: Build a simple Azure Active Directory (Azure AD) setup that shows how identity management controls access to cloud resources.

📋 What You'll Learn

Create an Azure AD tenant dictionary with user names and roles

Add a configuration variable for the minimum role required to access resources

Write a function to check if a user has access based on their role

Add a final step to assign access permissions to a resource using the function

💡 Why This Matters

🌍 Real World

Identity management is the foundation of cloud security. It ensures only authorized users can access resources, protecting data and services.

💼 Career

Understanding identity management is essential for cloud administrators and security engineers to design secure cloud environments.

Progress0 / 4 steps

Create Azure AD tenant users dictionary

Create a dictionary called azure_ad_users with these exact entries: 'alice': 'admin', 'bob': 'user', 'carol': 'guest'

Azure

# Create the azure_ad_users dictionary with exact entries
# Your code here

Need a hint?

Use curly braces to create a dictionary with keys as user names and values as roles.

Add minimum role configuration

Create a variable called minimum_role and set it to the string 'user' to represent the minimum role required to access resources.

Azure

azure_ad_users = {'alice': 'admin', 'bob': 'user', 'carol': 'guest'}
# Create minimum_role variable set to 'user'
# Your code here

Need a hint?

Assign the string 'user' to the variable minimum_role.

Write access check function

Write a function called has_access that takes two parameters: user and minimum_role. The function should return True if the user's role in azure_ad_users is equal or higher than minimum_role based on this role hierarchy: 'guest' < 'user' < 'admin'. Otherwise, return False. Use if-else statements to compare roles.

Azure

azure_ad_users = {'alice': 'admin', 'bob': 'user', 'carol': 'guest'}
minimum_role = 'user'
# Define has_access(user, minimum_role) function
# Your code here

Need a hint?

Use a dictionary to assign numeric values to roles for easy comparison.

Assign access permission to resource

Create a dictionary called resource_access with a key 'database' and value as a list of users who have access. Use a for loop with variable user to check each user in azure_ad_users. Add the user to the list if has_access(user, minimum_role) returns True.

Azure

azure_ad_users = {'alice': 'admin', 'bob': 'user', 'carol': 'guest'}
minimum_role = 'user'

def has_access(user, minimum_role):
    role_hierarchy = {'guest': 1, 'user': 2, 'admin': 3}
    user_role = azure_ad_users.get(user, 'guest')
    return role_hierarchy[user_role] >= role_hierarchy[minimum_role]

# Create resource_access dictionary with 'database' key and list of users with access
# Your code here

Need a hint?

Use a for loop to check each user and add them to the resource_access list if they have access.