#8 - CyberArk Privilege Cloud | Microsoft Azure

cybrad

26 Sept 202321:06

Summary

TLDRIn this informative video, Brad McDowell, a Senior Privilege Cloud Consultant, explores the configuration of Microsoft Azure within Privileged Cloud Shared Services. He demonstrates creating and onboarding an application called Cyberock CPM, managing password rotations, and establishing Privileged Session Management (PSM) sessions to the Azure web portal. The session includes troubleshooting validation issues and configuring settings for secure access. Brad also highlights the process of duplicating connections for the Microsoft My Apps portal, showcasing best practices for secure account management in cloud environments. This step-by-step guide provides valuable insights for Azure users.

Takeaways

😀 Brad McDowell, a senior Privileged Cloud consultant, presents an overview of configuring Microsoft Azure in Privileged Cloud shared services.
🔑 The main objectives include creating application keys, managing passwords, and onboarding Azure accounts into CyberArk.
💻 Two Azure accounts are set up: one as a global administrator and one as a regular user to demonstrate the onboarding process.
🔗 An application named 'Cyberock CPM' is created in Azure for credential rotation and management.
🔒 Privileged Cloud shared services are utilized to establish Privileged Session Management (PSM) sessions to the Azure web portal.
🛠️ Key Azure components for password management and account verification are demonstrated, including Azure application keys and Azure password management platforms.
🔄 Role-based access is emphasized, following the principle of least privilege, by assigning specific roles to the Cyberock CPM application.
🌐 The demonstration includes connecting to both the Azure portal and the My Apps portal using Active Directory accounts.
🔍 Validation issues during the login process are addressed, including how to modify web form settings for successful authentication.
📈 The session concludes with successful logins to both the Azure portal and My Apps portal, showcasing the effective use of CyberArk's capabilities.

Q & A

What is the primary objective of the video?
-The primary objective is to demonstrate how to configure the Microsoft Azure platform with Privileged Cloud Shared Services, including application key and password management.
What steps are involved in onboarding the Cyberock CPM application?
-The steps include creating an application in Azure, onboarding it into Cyberock, rotating the credentials, and onboarding regular cloud accounts from Azure into Cyberock.
What roles are assigned to the Cyberock CPM application in Azure?
-The roles assigned are Password Administrator, User Administrator, and Privileged Authentication Administrator, following the principle of least privilege.
How does the presenter verify the application account in Cyberock?
-The presenter verifies the application account by checking it against the Privileged Cloud Management (CPM) service and confirming that all details are entered correctly.
What is the significance of duplicating the Azure web portal connection component?
-Duplicating the connection component allows the creation of a separate instance for the Microsoft My Apps portal, ensuring that existing applications configured in that portal can be accessed.
What troubleshooting steps does the presenter take to resolve validation issues?
-The presenter inspects the HTML elements of the Azure login page to identify the necessary IDs for the username, password, and buttons, and updates the validation settings accordingly.
What alternative method for connecting to Azure does the presenter demonstrate?
-The presenter demonstrates how to connect to the My Apps portal, which is beneficial for environments with existing applications already configured.
What are the key components required for the Azure platform configuration mentioned in the video?
-Key components include the Azure Application Keys, Azure Password Management, and PSM Connection Component for the Azure portal.
What is the purpose of the Azure AD Connect mentioned in the script?
-Azure AD Connect is used to sync on-premises directories with Azure AD, allowing on-premise users to establish sessions with Azure resources.
How does the presenter demonstrate password rotation for the Cyberock CPM account?
-The presenter shows the process of changing the password for the Cyberock CPM account through the CPM service and verifies that the new password is updated correctly.