Working in company which deals with hundreds of client azure tenants showed me how different it is working on your own tenant.
Recently i worked on a subscription based service and i want to show you how to build the secruity walls arround your azure functions.
Here is an example of subscriotion service which caters differently for each client based on thier type of subscription. Free or Paid or Premium.
Earlier in 2017, I have written a few articles on Basics of SharePoint Framework, Use of React JS and React JS component life cycle.
But Most of the SPFx web parts I created were task oriented and not application oriented. This means the size of the React components is small.
Now I am working on a product / application level components which are complex and big in size.
Here is a screenshot of a POC I am currently working.
Global
Admins enable PIM provisioning and create PIM Admin role assignment.
PIM admin
account need to have below 2 licenses assigned.
1. Login to Azure portal as Global
admin, navigate to Azure Active Directory.
2. In Featured highlights, click on
3. Click on “Azure AD roles” in left pane=> Navigate to “Roles” by clicking on
4. Search for “privileged role administrator”.
5. Click on “Privileged Role Administrator” role. Click on
6. Follow below configuration
|
Field |
Value |
Reason |
|
Selected
Member(s)* |
PIM
Admin Account |
This
should be an account which will be permanently treated as PIM admin |
|
Assignment
type |
Eligible |
This
means PIM admin account is always eligible, but not active. PIM admin need to
activate this role every time the changes need to be made to PIM
configuration |
|
Permanently
eligible |
YES |
Always
eligible, but not active. |
