VNET Service Endpoints for Azure SQL & Storage

It’s finally here, it has arrived:  Azure Virtual Network Service Endpoints. This was a long requested “Enterprise feature”. Let’s look at what this is and how to use it. Please note that at the time of this writing (end-of-September 2017) this feature is available only in a few region in Public Preview: Azure Storage: WestCentralUS, … More VNET Service Endpoints for Azure SQL & Storage

Automating Role Assignment in Subscriptions & Resource Groups

Azure supports a Role Based Access Control (RBAC) system.  This system links identity (users & groups) to roles. RBAC is enforced at the REST API access level, which is the fundamental access in Azure:  it can’t be bypassed. In this article, we’ll look at how we can automate the role assignation procedure. This is useful … More Automating Role Assignment in Subscriptions & Resource Groups

Managing Azure AD Application members in Portal

One of Azure AD’s powerful concept is the application.  It gives context to an authentication as we explained in this article. An application can also be used as an authorization barrier since we can manage an application members.  This is optional as by default, everyone in a tenant has access to its application.  But if … More Managing Azure AD Application members in Portal

Automating Azure AD

In the previous article, we explored how to interact (read / write) to an Azure AD tenant using Microsoft Graph API. In the article before that, we looked at how to authenticate a user without using Azure AD web flow. Those were motivated by a specific scenario:  replacing a LDAP server by Azure AD while … More Automating Azure AD

Using Microsoft Graph API to interact with Azure AD

In my last article, I showed how to authenticate on Azure AD using a user name / password without using the native web flow. The underlying scenario was to migrate an application using an LDAP server by leveraging an Azure AD tenant. The logical continuation of that scenario is to use the Microsoft Graph API … More Using Microsoft Graph API to interact with Azure AD