Thanks Daniel. Really good information, succinctly put. And this is often the neglected "inner bits" that are hard to know exist. So thanks for opening this one up.
Hey Daniel, this was extremely helpful and useful. Working on a project and at a stage where I would be needing to grant multi level access to it's been a good refresher and will definitely be implementing some of the tips I've picked up from your video. Thank you for sharing.
@@DanielChristian19 Thank you, Daniel! But I'm sorry, I don't get it. Let's say I have 2 Security Groups - SG "A" and SG "A-Nested-Admins". The only member of SG "A" is actually SG "A-Nested-Admins". Meanwhile SG "A-Nested-Admins" possess all admin users. So I assigned SG "A" to the environment. Meanwhile, I created a "Team" with SG "A-Nested-Admins" like you showed on video assigning "Sys. Admin" and "Env. Maker" roles for that team. After all of that environment is not visible for users and if they try open the URL it says : "...does not have access to permission 'CanEdit' in environment...Error Code: 'Forbidden'". Please help!
Wow, Just on time. We are in process of setting up PPCoE and you saved lot of time for me come up with the security design. Thank you for the details.
Your welcome, Surya
Thanks Daniel. Really good information, succinctly put. And this is often the neglected "inner bits" that are hard to know exist. So thanks for opening this one up.
Your welcome Steven.
I'm more of a security first, performance later, kinda guy.
Hey Daniel, this was extremely helpful and useful. Working on a project and at a stage where I would be needing to grant multi level access to it's been a good refresher and will definitely be implementing some of the tips I've picked up from your video. Thank you for sharing.
Your welcome Douglas!
Very useful video Dan , covered all basic points. Thanks for taking time to make this video.
Your welcome Venkata and thanks for the compliment. I'm always flattered to see a fellow MVP view my video(s) and leave such a positive comment.
Excellent Video Sir, Understood from root level. Please keep Rocking with more videos...
Thank you, I will
Thank you. Now I finally understand it.
Glad it helped!
This was a great explainer. I just wish I knew why we still have to share the app if they have access to the environment the app is in.
Nice video
You are welcome!
Nice!
Thanks!
Am I understand you correctly - are you leveraging nested SG (Admin/Maker/Users) by adding them into Environment SG?
Adding Azure AD security group into the Environment team.
@@DanielChristian19 Thank you, Daniel! But I'm sorry, I don't get it. Let's say I have 2 Security Groups - SG "A" and SG "A-Nested-Admins". The only member of SG "A" is actually SG "A-Nested-Admins". Meanwhile SG "A-Nested-Admins" possess all admin users. So I assigned SG "A" to the environment. Meanwhile, I created a "Team" with SG "A-Nested-Admins" like you showed on video assigning "Sys. Admin" and "Env. Maker" roles for that team. After all of that environment is not visible for users and if they try open the URL it says : "...does not have access to permission 'CanEdit' in environment...Error Code: 'Forbidden'". Please help!