Azure Role-Based Access Control (RBAC).
When it comes to identity and access, most organizations that are considering using the public cloud are concerned about two things:
- Ensuring that when people leave the organization they lose access to resources in the cloud.
- Striking the right balance between autonomy and central governance. For example, giving the project teams ability to create and manage virtual machines in the cloud, while centrally controlling the networks to which those virtual machines connect.
Azure Active Directory and Azure RBAC make it simple for you to accomplish these goals. Once you extend your Active Directory to the cloud, using Azure AD - your employees can purchase and manage Azure subscriptions using their existing work identity. These Azure subscriptions automatically connect to your Azure AD for single sign-on and access management. When you disable an AD account, it automatically loses access to all Azure subscriptions connected with your Azure AD.
Watch this video to understand the bigger picture from Dushyant Gill, Program Manager, Identity division.