question

Geeaz avatar image
0 Votes"
Geeaz asked SumanthMarigowda-MSFT answered

Can we utilize PIM to Azure Storage Accounts

Hi Team,

We would like to extend the Privilege identity service to Storage accounts with Just in time access for file storage, disk management. Please suggest.

Geeaz

azure-storage-accountsazure-ad-privileged-identity-management
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

SumanthMarigowda-MSFT avatar image
1 Vote"
SumanthMarigowda-MSFT answered

@Geeaz Welcome to Microsoft Q&A Platform, Thank you for posting here!

  • The principal of least privilege when assigning permissions to an Azure AD security principal via Azure RBAC: When assigning a role to a user, group, or application, grant that security principal only those permissions that are necessary for them to perform their tasks. Limiting access to resources helps prevent both unintentional and malicious misuse of your data.


  • The principal of least privilege when assigning permissions to a SAS: When creating a SAS, specify only those permissions that are required by the client to perform its function. Limiting access to resources helps prevent both unintentional and malicious misuse of your data.


Each time you access data in your storage account, your client makes a request over HTTP/HTTPS to Azure Storage. Every request to a secure resource must be authorized, so that the service ensures that the client has the permissions required to access the data. Authorizing access to data in Azure Storage

Azure security baseline for Azure Storage

Refer here for how Assign a role and it works.

Hope this helps!

Kindly let us know if the above helps or you need further assistance on this issue.


Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.