Comments (6)
@DCMattyG Thank you for your quick response.
I totally get that. I am trying the first option now. Will update how it goes.
from ipam.
Yes it is
from ipam.
Hey @jeevanions, this appears to be a duplicate of your request from the bottom of #96. Would you like to close the other issue so we can discuss this here?
Pasting my response from #96 for reference...
At this moment there's no way within the Azure IPAM tool to strictly control user access.
There is the construct of Admins/Non-Admins, and for non-admins, when they login to the Azure IPAM tool, the only things they are presented are what they can already see today within the Azure Portal itself because we're using their same AuthN/AuthZ to query Azure Resource Graph.
There are two options here:
- You can leverage pre-existing mechanisms in Azure to control access to the App Registration for the Azure IPAM UI, which you can read about here.
- I can built in a user-management mechanism, but that seems like it might be an extra layer not needed given that all the IPAM tool is exposing is what users can already see (outside of the IPAM specific constructs).
I'm more than open to your thoughts on this matter. Please let me know what you'd like to see as next steps. Thanks!
from ipam.
@DCMattyG This worked nicely. This is what we did.
- From Azure portal - AD - Find the Enterprise Applications for the UI App Reg
- On the application's Overview page, under Manage, select Properties. Locate the setting Assignment required and set it to 'yes'
- Under Manage, select the Users and groups, then select Add user/group. Then add the users/groups who would be the audience for this web application.
Thats it. Only users/groups added here would be allowed to access this web application.
from ipam.
Hi @jeevanions, I was just circling back on this issue, and I believe it is now resolved. Would it be ok if we close this for now, and we will work on adding your solution (above) to our documentation so others can reference it in the future?
from ipam.
Thanks so much, we'll get this added into the documentation right away!
from ipam.
Related Issues (20)
- deploy.ps1 error while deploying appServiceModule HOT 2
- IP Planner Tool does not display the available ranges /28 - /30 correctly HOT 9
- Export data?
- Virtual networks not discoverable HOT 5
- vNets in Block becoming unassociated and duplicated HOT 5
- Running AppOnly with AsFunction returns error HOT 3
- Errors on Engine pods after setting up ipam on AKS HOT 9
- Releases and versioning HOT 1
- Add next available vNet CIDR to GUI HOT 5
- Engine 502 and seems not working HOT 6
- Provide some option to limit which principals can create reservations HOT 1
- Implement using Private endpoint HOT 5
- Reservations for External networks HOT 5
- Operation returned an invalid status code 'Forbidden HOT 4
- Support setting up IPAM at management groups other than the tenant root HOT 3
- Forward Slash in block names HOT 5
- block reservation with 2 vnets HOT 8
- Block filter in VNETS page is case sensitive HOT 3
- Access denied to "Configure" page HOT 5
- Welcome to Azure IPAM Discussions! HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ipam.