Chapter 10: Azure Data Explorer Security
As recently as 6 years ago, the emphasis on public cloud security was not what it is today. I remember that, at one point, disk encryption was not available on storage accounts. Then, it became an option that could be enabled, and today, it is enabled by default.
One of the biggest concerns with the public cloud is ensuring that our data and resources are not accessible to just about anyone on the internet. In this chapter, we will learn how to secure our Azure Data Explorer (ADX) instances using identity management and how to perform network filtering on unwanted traffic and bad actors.
We will begin by introducing some of the basic terminology and concepts you should be familiar with, such as the principle of least privilege and role-based access control (RBAC). Next, we will explore the concepts of identity management with Azure Active Directory (AAD). We will also learn about the differences between security principals, users, groups...