EntraID

Make life easier with Entra ID as Code TL;DR It is the end of 2024; daily, we use the following: CI/CD pipelines for infrastructure as code (IaC) deployment to create Services, Applications, Storages, etc, permissions (RBAC) from resources to resources (App Service WebApp1 should read Blob Storage WebApp1Storage), secrets, we hate them, but we found a solution to avoid secrets with Managed Identity and Workload Identity solutions, What is the plan for us? We will use Azure Portal and Entra ID blade to manage our applications, permissions, and secrets. Via browser, we can create and update our App Registrations. Can we improve our Entra ID and Entra External ID with IaC, as shown in the screenshot (Picture 1) below? ...

TL;DR It is not easy for Entra ID Tenant administrators to choose the best authentication method for their employees, vendors, and partners. You must consider the scenario, the environment, and the passwordless technology. I’m focusing only the passwordless MFA authentication methods in the corresponding changes in the Entra ID - the MFA will be required. Side note: Microsoft announced that MFA will be required for a couple of services, like Azure Portal or CLI. The document mentions that Security defaults will force MFA or should be enabled by Conditional Access Policies for users accessing the defined services. We will see how the final implementation will look like (I promise to update the post with the final state). ...