Microsoft Entra ID (Azure AD)

Managed identities, RBAC, and OAuth/OIDC

Microsoft Azure

Security

Use in Builder All Microsoft Azure Options

Details

Language / Topic

Microsoft Azure

Rules

Microsoft Entra ID (Azure AD) · balanced balanced

- Use Managed Identities for connecting Azure resources instead of storing explicit credentials or connection strings.

- Enforce Role-Based Access Control (RBAC) at the narrowest possible scope.

- Use System-Assigned or User-Assigned Managed Identities universally when interacting between Azure services rather than rotating physical connection strings.

- Enforce Azure Role-Based Access Control (RBAC) instead of using legacy shared access keys (e.g., for Storage Accounts).

- Never place Azure credentials in CI/CD variables; use OpenID Connect (OIDC) federated credentials.