Study/AZ-104-MicrosoftAzureAdministrator
1
0
Fork 0
mirror of https://github.com/MicrosoftLearning/AZ-104-MicrosoftAzureAdministrator.git synced 2026-02-04 23:59:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update LAB_02a_Manage_Subscriptions_and_RBAC_Entra.md

Browse Source
This commit is contained in:
staleycyn 2023-12-04 13:02:29 -08:00 committed by GitHub
parent 10ed04d9fc
commit f8644bf035
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
New Instructions/Lab/LAB_02a_Manage_Subscriptions_and_RBAC_Entra.md
View File

@ -1,16 +1,17 @@
---
lab:
title: 'Lab 02: Manage Subscriptions and RBAC'
title: 'Lab 02a: Manage Subscriptions and RBAC'
module: 'Administer Governance and Compliance'
---
# Lab 02 - Manage Subscriptions and RBAC
# Student lab manual
# Lab 02a - Manage Subscriptions and RBAC
## Lab requirements
This lab requires permissions to create custom Azure Role Based Access Control (RBAC) roles, and assign these roles to users.
## Estimated timing: 30 minutes
## Lab scenario
In order to simplify management of Azure resources in your organization, you have been tasked with implementing the following functionality:
@ -24,28 +25,19 @@ In order to simplify management of Azure resources in your organization, you hav
**Note:** An **[interactive lab simulation](https://mslabs.cloudguides.com/guides/AZ-104%20Exam%20Guide%20-%20Microsoft%20Azure%20Administrator%20Exercise%202)** is available that allows you to click through a similar lab at your own pace. You may find slight differences between the interactive simulation and the hosted lab, but the core concepts and ideas being demonstrated are the same.
## Objectives
In this lab, you will:
## Tasks
+ Task 1: Implement management groups
+ Task 2: Review and assign a built-in Azure role
+ Task 3: Create and assign a custom RBAC roles
+ Task 4: Monitor role assignments with the Activity Log
## Estimated timing: 30 minutes
## Architecture diagram
<!-- Update diagram - simplify names, get rid of custom role JSON-->
![Diagram of lab tasks.](../media/az104-lab2a-architecture.png)
# Instructions
## Exercise 1
## Task 1: Implement Management Groups
In this task, you will create and configure management groups. Management groups are used to logically organize subscriptions. Subscriptions should be segmented as part of the [Microsoft Well-Architected Framework](https://learn.microsoft.com/en-us/azure/well-architected/), and allow for RBAC and Azure Policy to be assigned and inherited to other management groups and subscriptions. For example, if your organization has a dedicated support team for Europe, you can organize European subscriptions into a management group to provide the support staff access to those subscriptions (without providing individual access to all subscriptions). In our scenario everyone on the Help Desk will need to create a support request across all subscriptions.