Azure Insights: Conditional Access policies; Kubectl; Kubernetes Service; VM updates; DevOps pipelines

November 22 2020

Azure pros share tips on Conditional Access policies, using Kubectl with Kubernetes Service, managing VM updates, and leveraging DevOps pipelines.

Setting Conditional Access policies

Microsoft MVP Sander Berkouwer, writing on The Things That Are Better Left Unspoken indicated that Microsoft is requiring multi-factor authentication for four Azure AD privileged roles with the Security Defaults functionality. Security Defaults is an Identity security feature that directs all users in the tenant to register for MFA. Nine privileged AD admin rules must adopt MFA, including Global administrator, SharePoint administrator, Exchange administrator and others.

With the new update from Microsoft, Application Administrator, Cloud Application Administrator, Password Administrator and Privileged Authentication Administrator are now on the list. He wrote:

For organizations leveraging Conditional Access to require MFA from privileged accounts, nothing changes at this moment. However, Microsoft now implicitly recommends organizations who don’t use the Security Defaults feature to require multi-factor authentication from people in these four additional Azure AD roles. I have two recommendations. When your organization has Azure AD Premium licenses, then stop configuring Azure multi-factor authentication through the legacy PhoneFactor portal.

Scaling Kubernetes Service application with Kubectl

About MSDW Reporter

More about MSDW Reporter