Habeeb Yakubu’s Post

Microsoft MVP | Snr. Technical Consultant at Avanade | Azure, Power Platform and Dynamics 365.

Managed Identities are really cool as they eliminate the need for remembering or storing credentials - keys & secrets.❌ They make authentication & authorization seamless between any two resources that support Microsoft Entra ID (Azure AD). The authorization side is enforced by the target resource based on the roles that you assign to the managed identity. For instance, If you are working with an Azure Logic App that needs to read from a Blob storage. You don't need to use the storage account access keys to authenticate. You can easily: ✅ Create a managed identity for the Azure Logic App ✅ Assign roles/permissions that are required to perform action on the Blob storage. ✅ Specify the managed identity as the authentication method in your Logic App. Microsoft handles the rest. Same process applies for Azure Functions, you just need to use its managed identity in the code. The Azure.Identity package provides everything required to implement this. There are lots of scenarios where this should be adopted right away in order to meet certain security requirements. This blog post explains everything you need to know about setting it up including a lab session. https://lnkd.in/d7nVFxM3 #Azure #Authentication #LogicApps #AzureFunctions

2 Comments

Jeremy Wallace

Managed identities are extremely helpful and great to leverage in Azure solutions. Great article Habeeb Yakubu!

1 Reaction

To view or add a comment, sign in

More Relevant Posts

David Wyatt

Microsoft MVP | Lead Power Platform Engineer| Power Platform Administrator | Intelligent Automation Developer | Low Code & Power Platform Blogger
3w
Report this post
We always think Microsoft makes every Microsoft integration with the #powerplatform simple. But the truth is there is often more #procode then #lowcode needed Check out this great blog from one of my colleagues all about the joys of azure key vault integration with #powerautomate https://lnkd.in/e7MTHTA3

A KeyVault for the Power Platform

dev.to

6 Comments
Like Comment
To view or add a comment, sign in
CRN

68,747 followers
4mo
Report this post
Microsoft will take a phased approach to its requirement that all Azure users adopt multi-factor authentication, starting with Azure portal, Microsoft Entra administration center and Intune admin center users adopting MFA for sign-in by October, and an option to delay enforcement to March for particularly complex cases. Here’s what you need to know and what partners are saying:

Microsoft Details Phased Mandatory MFA Rollout For Azure Users

crn.com
Like Comment
To view or add a comment, sign in
Magnetism

1,426 followers
4mo
Report this post
Looking to connect your Dataverse plug-ins to Azure resources using managed identities? With Power Platform Managed Identity, you can now do it effortlessly with this new public preview feature: - Power Platform Managed Identity support for Dataverse plug-ins eliminates the need to manage credentials, reducing the risk of unauthorized data access. - Leverage workload identities based on Federated Identity Credentials (FIC) for greater security and control. -Set up Federated Identity Credentials with two options: User Assigned Managed Identity (UAMI) and Application Registration. - User Assigned Managed Identity (UAMI) enables Dataverse plug-ins to connect to Azure resources that support managed identities, though it does not enforce Azure policies. - Application Registration provision allows you to establish an application context and identity that can connect to Azure resources and enforce Azure policies. Read the blog to find out more! #powerplatform #powerapps #azure #dataverse #msdyn365 https://lnkd.in/dm3rpKNA
Like Comment
To view or add a comment, sign in
Gowtham K

Microsoft MVP Since 2016 | Azure Solution Architect | Developer | Blogger | Speaker | Senior Technical Lead at Nous Infosystems
1mo Edited
Report this post
🚀 New Blog: Azure Monitor Alert for Microsoft Entra ID Application Creation This blog covers: 1. Why monitoring app registrations is critical for security 🔐 2. Step-by-step setup of alerts in Azure Monitor ⚙️ Check it out and enhance your visibility and control over your directory's app environment! https://lnkd.in/ePxGcgAS

Azure Monitor Alert for Microsoft Entra ID App Creation

https://gowthamoncloud.com
Like Comment
To view or add a comment, sign in
Rudresh Jasani

Azure Data Engineer | Database Administrator | ETL Developer
1mo
Report this post
🔍 Troubleshooting Azure Blob Storage Access Issues: When Defender for Cloud Apps Meets Browser Behavior Recently, I encountered an interesting issue while troubleshooting an Azure Blob Storage access problem for a client. Some users were receiving a mysterious "Unable to load data" error, despite the storage accounts being publicly accessible. 🤔 The investigation steps: 1️⃣ Checked DNS lookups – All looked fine, resolving correctly both internally and externally. 2️⃣ Dug into Storage Blob logs – Found a 404 authorization failure triggered by an auto-generated SAS URL. 3️⃣ Tested with different browsers – Interestingly, Edge worked while Chrome threw errors. The unexpected culprit? It turned out to be a security policy in Microsoft Defender for Cloud Apps! Blob Storage was set as an unsanctioned app, triggering SmartScreen in Edge and OS-level SSL/TLS blocking in Chrome. Changing the app to sanctioned and removing custom indicators restored access immediately. 💡 Key takeaway: Always consider OS-level and browser-level security configurations when troubleshooting connectivity issues, especially in environments with strict security policies. Sometimes, the solution lies beyond typical DNS and endpoint checks! If you’re managing or troubleshooting cloud storage, especially with Defender integrations, don’t overlook these subtle configurations. #Azure #CloudStorage #DataEngineering #DefenderForCloud #Security
Like Comment
To view or add a comment, sign in
Ronkeisha B.

Junior SOC Analyst specializing in Cyber Security and Incident Response
4mo
Report this post
🔐 Important Update for Azure Users: Enable MFA by October 15, 2024! 🔐 Starting October 15, 2024, Microsoft will require multifactor authentication (MFA) for users accessing the Azure portal, Microsoft Entra admin center, and Intune admin center. To ensure uninterrupted access, make sure to enable MFA for your users by this date. Stay ahead of the deadline and enhance the security of your Azure account. Learn more: [Link to Microsoft Update] #Azure #Microsoft #MFA #CyberSecurity #TechUpdate

Generally Available: Enable multifactor authentication for your tenant by 15 October 2024

azure.microsoft.com
Like Comment
To view or add a comment, sign in
Hiperlinx

59 followers
6mo
Report this post
A compromised Microsoft Active Directory can fully compromise a synchronized Microsoft Entra ID tenant, undermining the integrity and trust of connected services. https://lnkd.in/de-CGtqM

Key Takeaways From Horizon3.ai’s Analysis of an Entra ID Compromise

https://securityboulevard.com
Like Comment
To view or add a comment, sign in
Safeena Begum

Principal PM Manager @ Microsoft
6mo Edited
Report this post
Even with the principle of #leastprivilege in place, confusing webs of intersecting policies and toxic combinations of permissions can lead to unintended access. Compromising a single identity can be all an attacker needs to cause significant damage. Check out the new #permissionsmanagement #workbook we released, designed to help you identify overly permissive identities, unused identities, as well as public exposures that could result in major breaches all at one place. This workbook simplifies monitoring permissions and continuously enforcing least-privileged access. Explore it further directly in the Azure portal #azureportal #microsoftdefenderforcloud under the workbooks blade https://lnkd.in/g5BZZ7Q6 Shoutout to my wonderful team Ameer Miri Tal Keren Ahmad Arik who successfully released it on time during my vacation #bestteam

Microsoft Azure

ms.portal.azure.com
Like Comment
To view or add a comment, sign in

2,820 followers

View Profile Follow

Habeeb Yakubu’s Post

More from this author

Your 2.2 or 3rd Class Will Take You Far

Explore topics