Native Entra ID login in Azure Bastion Public Preview

Migrate your critical AD groups to the cloud to secure access to important apps. See how to make Microsoft Entra the source of authority. https://lnkd.in/g7nW-Ksn Strengthen your security posture by moving groups and users from Active Directory to Microsoft Entra. This gives you seamless access for your teams, stronger authentication with MFA and passwordless options, and centralized visibility into risks across your environment. Simplify hybrid identity management by reducing dual overhead, prioritizing key groups, migrating users without disruption, and automating policies with Graph or PowerShell. #IDGovernance #microsoftsecurity #azureactivedirectory #microsoftentraid #entra #microsoft

Migrate your critical AD groups to the cloud to secure access to important apps. See how to make Microsoft Entra the source of authority. https://lnkd.in/g7nW-Ksn Strengthen your security posture by moving groups and users from Active Directory to Microsoft Entra. This gives you seamless access for your teams, stronger authentication with MFA and passwordless options, and centralized visibility into risks across your environment. Simplify hybrid identity management by reducing dual overhead, prioritizing key groups, migrating users without disruption, and automating policies with Graph or PowerShell. #IDGovernance #microsoftsecurity #azureactivedirectory #microsoftentraid #entra #microsoft

Enforce access policies for teams while maintaining permissions to on-prem apps without code changes. Start managing groups and users in the cloud with Microsoft Entra ID. https://lnkd.in/g7nW-Ksn Strengthen your security posture by moving groups and users from Active Directory to Microsoft Entra. This gives you seamless access for your teams, stronger authentication with MFA and passwordless options, and centralized visibility into risks across your environment. Simplify hybrid identity management by reducing dual overhead, prioritizing key groups, migrating users without disruption, and automating policies with Graph or PowerShell. #IDGovernance #microsoftsecurity #azureactivedirectory #microsoftentraid #entra #microsoft

Enforce access policies for teams while maintaining permissions to on-prem apps without code changes. Start managing groups and users in the cloud with Microsoft Entra ID. https://lnkd.in/g7nW-Ksn Strengthen your security posture by moving groups and users from Active Directory to Microsoft Entra. This gives you seamless access for your teams, stronger authentication with MFA and passwordless options, and centralized visibility into risks across your environment. Simplify hybrid identity management by reducing dual overhead, prioritizing key groups, migrating users without disruption, and automating policies with Graph or PowerShell. #IDGovernance #microsoftsecurity #azureactivedirectory #microsoftentraid #entra #microsoft

Azure Bastion Bastion provides secure and seamless RDP and SSH connectivity to your virtual machines directly from the Azure portal using Transport Layer Security (TLS). Key benefits of Azure Bastion:- RDP and SSH directly in Azure portal -Remote session over TLS and firewall traversal for RDP/SSH -No Public IP required on the Azure VM -No hassle managing NSGs -Protection against port scanning Azure Bastion offers four SKU(Stock-Keeping Unit) Plans tiers—  "Developer, Basic, Standard, and Premium" *Developer (Free):-Offers basic private RDP/SSH access,No scaling, limited features like no peered network access. *Basic: Cost-effective,same-VNet connections, concurrent sessions, basic features Limited to 2 instances *Standard :- most use cases, offering flexibility and scaling,VNet peering,File Transfer/Copy-Paste,Supports multiple instances (host scaling) for more connections. *Premium: For enterprise needs, highest capability.Standard features plus session recording, high concurrency File Transfer/Copy-Paste #SC-900 #Microsoft Microsoft Learn

🔐 User Identity vs System Identity (Azure) 👤 𝗨𝘀𝗲𝗿 𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆 Used by humans Login with password + MFA Best for portal access & approvals 🤖 𝗦𝘆𝘀𝘁𝗲𝗺 (𝗠𝗮𝗻𝗮𝗴𝗲𝗱) 𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆 Used by Azure resources No password ❌ Best for CI/CD & automation 📌 𝗗𝗲𝘃𝗢𝗽𝘀 𝗥𝘂𝗹𝗲 Humans → User Identity Pipelines & Resources → Managed Identity Less passwords = More security 🔐 #𝗔𝘇𝘂𝗿𝗲#𝗗𝗲𝘃𝗢𝗽𝘀#𝗠𝗮𝗻𝗮𝗴𝗲𝗱𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆#𝗔𝘇𝘂𝗿𝗲𝗔𝗗#𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁𝗘𝗻𝘁𝗿𝗮#𝗖𝗹𝗼𝘂𝗱𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆#𝗧𝗲𝗿𝗿𝗮𝗳𝗼𝗿𝗺#𝗖𝗹𝗼𝘂𝗱𝗖𝗼𝗺𝗽𝘂𝘁𝗶𝗻𝗴#𝗟𝗲𝗮𝗿𝗻𝗶𝗻𝗴𝗜𝗻𝗣𝘂𝗯𝗹𝗶𝗰#𝗧𝗲𝗰𝗵𝗦𝗶𝗺𝗽𝗹𝗶𝗳𝗶𝗲𝗱

This is an excellent capability. RDP is an exposure everywhere, and any time it can be controlled via strong identity and MFA, jump on that. This will make cloud server management more secure, we need something similar for on premise

When the cookie expires but the attack path doesn’t… Andrew Gomez walks through how Azure Seamless SSO provides a legitimate authentication flow to pivot into Entra ID and complete the escalation chain to Global Administrator. Read the full write-up and see how identity attack paths unfold in hybrid environments. https://ghst.ly/44XzgYf

AWS quietly dropped "aws login" this before re:Invent and it's a bigger deal than the limited fanfare suggests. Who needs this: Anyone still using IAM Users for CLI/SDK access (yes, you should still migrate to Identity Center, but this helps until you do). What it does: Exchanges your AWS Console session for short-term CLI credentials - no more storing access keys on your machine! Why it matters: Deleting long-term credentials sitting on developer machines reduces credential leak risk, and even helps you bridge to Identity Center migration by updating developer workflows. If you're already using IAM Identity Center for human access (which you should be), then don't worry about this feature. Think of it as harm reduction for IAM Users - not the end goal, but a meaningful security improvement for teams not ready to fully migrate yet. Have you tested it yet? Any gotchas I should cover in a follow-up? #AWSSecurity #CloudSecurity #DevSecOps #IAM

Azure Tenant vs Subscription vs Landing Zone (Plain English) These three Azure terms are often used interchangeably — but they mean very different things. Tenant 👉 Your organization’s identity boundary Users, groups, authentication, trust live here. Subscription 👉 Where resources run and costs are tracked Used to separate environments, teams, and billing. Landing Zone 👉 A pre-configured subscription Security, identity, networking, logging, and governance are already in place so teams can deploy safely. Think of it this way: a) Tenant = the company b) Subscription = departments or cost centers c) Landing Zone = a ready-to-use, secured environment If you’ve standardized identity, RBAC, policies, and networking, you already have a landing zone — even if you don’t call it that. #Azure #CloudEngineering #PlatformEngineering #DevSecOps #AzureLandingZone