You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/firmware-analysis/firmware-analysis-rbac.md
+13-13Lines changed: 13 additions & 13 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,52 +1,52 @@
1
1
---
2
-
title: Azure Role-Based Access Control for Firmware analysis
3
-
description: Learn about how to use Azure Role-Based Access Control for Firmware Analysis.
2
+
title: Azure Role-Based Access Control for firmware analysis
3
+
description: Learn about how to use Azure Role-Based Access Control for firmware analysis.
4
4
author: karengu0
5
5
ms.author: karenguo
6
6
ms.topic: conceptual
7
7
ms.date: 01/10/2024
8
8
ms.service: azure
9
9
---
10
10
11
-
# Overview of Azure Role-Based Access Control for Firmware analysis
12
-
As a user of Firmware analysis, you may want to manage access to your firmware image analysis results. Azure Role-Based Access Control (RBAC) is an authorization system that enables you to control who has access to your analysis results, what permissions they have, and at what level of the resource hierarchy. This article explains how to store firmware analysis results in Azure, manage access permissions, and use RBAC to share these results within your organization and with third parties. To learn more about Azure RBAC, visit [What is Azure Role-Based Access Control (Azure RBAC)?](./../role-based-access-control/overview.md).
11
+
# Overview of Azure Role-Based Access Control for firmware analysis
12
+
As a user of firmware analysis, you may want to manage access to your firmware image analysis results. Azure Role-Based Access Control (RBAC) is an authorization system that enables you to control who has access to your analysis results, what permissions they have, and at what level of the resource hierarchy. This article explains how to store firmware analysis results in Azure, manage access permissions, and use RBAC to share these results within your organization and with third parties. To learn more about Azure RBAC, visit [What is Azure Role-Based Access Control (Azure RBAC)?](./../role-based-access-control/overview.md).
13
13
14
14
## Roles
15
15
Roles are a collection of permissions packaged together. There are two types of roles:
16
16
17
17
***Job function roles** give users permission to perform specific job functions or tasks, such as **Key Vault Contributor** or **Azure Kubernetes Service Cluster Monitoring User**.
18
18
***Privileged administrator roles** give elevated access privileges, such as **Owner**, **Contributor**, or **User Access Administrator**. To learn more about roles, visit [Azure built-in roles](./../role-based-access-control/built-in-roles.md).
19
19
20
-
In Firmware analysis, the most common roles are Owner, Contributor, Security Admin, and Firmware Analysis Admin. Learn more about [which roles you need for different permissions](./firmware-analysis-rbac.md#firmware-analysis-roles-scopes-and-capabilities), such as uploading firmware images or sharing firmware analysis results.
20
+
In firmware analysis, the most common roles are Owner, Contributor, Security Admin, and Firmware Analysis Admin. Learn more about [which roles you need for different permissions](./firmware-analysis-rbac.md#firmware-analysis-roles-scopes-and-capabilities), such as uploading firmware images or sharing firmware analysis results.
21
21
22
22
## Understanding the Representation of Firmware Images in the Azure Resource Hierarchy
23
23
Azure organizes resources into resource hierarchies, which are in a top-down structure, and you can assign roles at each level of the hierarchy. The level at which you assign a role is the "scope," and lower scopes may inherit roles assigned at higher scopes. Learn more about the [levels of hierarchy and how to organize your resources in the hierarchy](/azure/cloud-adoption-framework/ready/azure-setup-guide/organize-resources).
24
24
25
-
When you onboard your subscription to Firmware analysis and select your resource group, the action automatically creates the **default** resource within your resource group.
25
+
When you onboard your subscription to firmware analysis and select your resource group, the action automatically creates the **default** resource within your resource group.
26
26
27
27
Navigate to your resource group and select **Show hidden types** to show the **default** resource. The **default** resource has the **Microsoft.IoTFirmwareDefense.workspaces** type.
28
28
29
29
:::image type="content" source="media/firmware-analysis-rbac/default-workspace.png" alt-text="Screenshot of the toggle button 'Show hidden types' that reveals a resource named 'default'." lightbox="media/firmware-analysis-rbac/default-workspace.png":::
30
30
31
31
Although the **default** workspace resource isn't something that you'll regularly interact with, each firmware image that you upload will be represented as a resource and stored here.
32
32
33
-
You can use RBAC at each level of the hierarchy, including at the hidden **default Firmware Analysis Workspace** resource level.
33
+
You can use RBAC at each level of the hierarchy, including at the hidden **default firmware analysis workspace** resource level.
34
34
35
-
Here's the resource hierarchy of Firmware Analysis:
35
+
Here's the resource hierarchy of firmware analysis:
36
36
37
37
:::image type="content" source="media/firmware-analysis-rbac/resource-hierarchy.png" alt-text="Diagram that shows the resource hierarchy of firmware images of Firmware Analysis." lightbox="media/firmware-analysis-rbac/resource-hierarchy.png":::
38
38
39
39
## Apply Azure RBAC
40
40
41
41
> [!Note]
42
-
> To begin using Firmware analysis, the user that onboards the subscription onto Firmware analysis ***must be*** an Owner, Contributor, Firmware Analysis Admin, or Security Admin at the subscription level. Follow the tutorial at [Analyze a firmware image with Firmware analysis](./tutorial-analyze-firmware.md#onboard-your-subscription-to-use-firmware-analysis) to onboard your subscription. Once you've onboarded your subscription, a user only needs to be a Firmware Analysis Admin to use Firmware Analysis.
42
+
> To begin using firmware analysis, the user that onboards the subscription onto firmware analysis ***must be*** an Owner, Contributor, Firmware Analysis Admin, or Security Admin at the subscription level. Follow the tutorial at [Analyze a firmware image with firmware analysis](./tutorial-analyze-firmware.md#onboard-your-subscription-to-use-firmware-analysis) to onboard your subscription. Once you've onboarded your subscription, a user only needs to be a Firmware Analysis Admin to use firmware analysis.
43
43
>
44
44
45
-
As a user of Firmware analysis, you may need to perform certain actions for your organization, such as uploading firmware images or sharing analysis results.
45
+
As a user of firmware analysis, you may need to perform certain actions for your organization, such as uploading firmware images or sharing analysis results.
46
46
47
-
Actions like these involve Role-Based Access Control (RBAC). To effectively use RBAC for Firmware analysis, you must know what your role assignment is, and at what scope. Knowing this information will inform you about what permissions you have, and thus whether you can complete certain actions. To check your role assignment, refer to [Check access for a user to a single Azure resource - Azure RBAC](./../role-based-access-control/check-access.md). Next, see the following table to check what roles and scopes are necessary for certain actions.
47
+
Actions like these involve Role-Based Access Control (RBAC). To effectively use RBAC for firmware analysis, you must know what your role assignment is, and at what scope. Knowing this information will inform you about what permissions you have, and thus whether you can complete certain actions. To check your role assignment, refer to [Check access for a user to a single Azure resource - Azure RBAC](./../role-based-access-control/check-access.md). Next, see the following table to check what roles and scopes are necessary for certain actions.
48
48
49
-
### Common roles in Firmware analysis
49
+
### Common roles in firmware analysis
50
50
51
51
This table categorizes each role and provides a brief description of their permissions:
52
52
@@ -70,7 +70,7 @@ Invite users to the Subscription | Owner at the **Subscription** level (Owner at
70
70
## Uploading Firmware images
71
71
To upload firmware images:
72
72
73
-
* Confirm that you have sufficient permission in [Firmware Analysis Roles, Scopes, and Capabilities](#firmware-analysis-roles-scopes-and-capabilities).
73
+
* Confirm that you have sufficient permission in [Firmware analysis Roles, Scopes, and Capabilities](#firmware-analysis-roles-scopes-and-capabilities).
74
74
*[Upload a firmware image for analysis](./tutorial-analyze-firmware.md#upload-a-firmware-image-for-analysis).
75
75
76
76
## Invite third parties to interact with your firmware analysis results
0 commit comments