AzOps
AzOps copied to clipboard
Azure
Feature Request - AzOps IAM security guidance for least privilege access
The security concept around AzOps is questionable. It basically breaks with all of Microsoft's recommendations around least privileges. You have a single pipeline with permissions to manage more or less everything. This includes granting permissions on MG level, e.g. on Platform Identity -> bye bye Domain Controller(s).
Where access to DC was highly restricted on-prem and also should be it according to your ALZ architecture if moved to the cloud, the AzOps completely circumvents this unless the approver is from the same DC admin team and can read code to understand the request to approve. The same for other resources and services.
It seems like AzOps only serves an operational purpose without security being thought through. The suspicion is only strengthened by AzOps never mentioning security as a factor.
What is best practice and Microsoft recommendations around AzOps and security? How can we ensure that Enterprise Access Model is still valid?
Source:
- https://github.com/Azure/Enterprise-Scale/wiki/Deploying-ALZ-Platform-DevOps#operating-the-azure-platform-using-azops-infrastructure-as-code-with-github-actions
- https://learn.microsoft.com/en-us/security/compass/privileged-access-access-model
- https://learn.microsoft.com/en-us/security/compass/privileged-access-strategy
- https://github.com/azure/azops
