π Part 6 β Identity & Access Design
Where Real Security Actually Begins
Most teams think security = network.
Itβs not.
In cloud, identity is the primary security boundary
π₯ First Principle
Assume network is already compromised β control access through identity
This is the foundation of:
- Zero Trust
- Modern cloud security
β The Most Common Mistake
Teams do:
- open access internally
- broad permissions
- shared credentials
Because:
βItβs inside the VNet, so itβs safeβ
π This thinking is dangerous in cloud
π§ Start With These 4 Questions
1. Who needs access?
- users
- apps
- services
- automation
2. What level of access?
- read
- write
- admin
3. For how long?
- permanent
- temporary
- just-in-time
4. Under what conditions?
- MFA required?
- trusted device?
- location-based?
π· Core Identity Components
1. Microsoft Entra ID (Tenant Level)
This is your identity backbone
- users
- groups
- applications
- service principals
2. RBAC (Role-Based Access Control)
Defines who can do what
Example Roles
- Reader
- Contributor
- Owner
- Custom roles
Where applied/Scope?
- Management Group
- Subscription
- Resource Group
- Resource
π₯ Golden Rule
Assign roles to groups β never directly to users
3. PIM (Privileged Identity Management)
Controls privileged access
Instead of:
- permanent admin access β
Use:
- Just-in-time access β
- approval workflow β
- time-bound roles β
For Example:
Cloud Admin:
- No permanent Owner role
- Requests access via PIM
- Gets 2-hour window
- MFA enforced
4. Conditional Access
Defines when and how access is allowed
Example Policies
- Require MFA for all admins
- Block access from unknown countries
- Allow access only from compliant devices
5. Managed Identities
Identity for applications (no credentials)
Example
- App accesses Key Vault
- VM accesses storage
π No passwords needed
6. Service Principals
Identity for automation/tools
Example
- Terraform
- CI/CD pipelines
π Zero Trust Model
Principles
- Verify explicitly
- Use least privilege
- Assume breach
What this means
- No implicit trust
- No βinternal = safeβ
- Identity is always verified
Real-World Design
Admin Access
- PIM enforced
- MFA mandatory
- audited access
Developer Access
- scoped to their app
- no production by default
Application Access
- via managed identities
- no hardcoded secrets
External Access
- tightly controlled
- conditional access enforced
β οΈ Common Mistakes
β Direct user role assignments
π leads to chaos
β Over-permission
- Owner everywhere
- Contributor everywhere
β No PIM
π permanent admin risk
β Hardcoded secrets
π major security risk
β Ignoring identity logs
π no visibility
π§ Architect Thinking
You donβt ask:
βWho needs access?β
You ask:
βWhat is the minimum access required, under what conditions, for how long?β
Identity is the new perimeter β design it like your primary security control
π How It Connects
| Layer | Role |
|---|---|
| Network | Controls traffic |
| Identity | Controls access |
| Policy | Enforces compliance |
What Comes Next
Now we move into:
π‘οΈ Security & Governance (Policy, Defender, Compliance)
Because:
- Identity controls access
- Governance controls behavior
| β¬ Back to Series Home | β¬ Back to: Network Design β‘ | Next: Security & Governance β‘ |