Designing and implementing Azure role-based access control and a POSIX-like access control list for Data Lake Storage Gen2
This section also deals with restricting data access to unauthorized users and satisfies the following requirement of our sample IAC requirements:
Not everyone should have access to all the data. It should be on a need-to-know basis.
Azure uses and recommends the principle of least privilege, which means assigning the least possible privilege required to accomplish a task. Let's see how RBAC and ACLs help to achieve this goal.
Restricting access using Azure RBAC
Azure Role-Based Access Control (Azure RBAC) is an authorization system that controls who can access what resources in Azure. Azure RBAC works hand in hand with Azure AAD. Let's try to understand the basics of RBAC before getting into the details.
RBAC has three components: