Microsoft Entra ID provides the access management framework for all users, resources, and systems running on Azure. Entra ID is similar to Microsoft Active Directory, but doesn’t use hierarchical naming structure or the protocol found in the Lightweight Directory Access Protocol (LDAP) standard. Instead, Azure recommends that all privileged access to sensitive resources is managed through groups, with permission policies assigned to the groups. Additionally, Entra ID includes management for Service Principals, non-human identities that execute important commands within and between applications.

Trustle with Azure

Overview

The Trustle connector for Microsoft Azure and Entra ID provides just-in-time access to Azure resources and analyzes the usage of users, permissions, and service principals to identify unnecessary identity risks. From the Trustle dashboard, IAM administrators can find and delete any unused Azure accounts. explore the granular permissions granted to users beyond what they use, and suspend any orphaned accounts that cannot be linked to the identities in your Identity Provider (IdP).
‍

Identity Management in Azure

Microsoft identity management has long distinguished between human users and service accounts, and Azure continues in this tradition. Trustle helps you understand which of both account types has access to sensitive resources, and to revoke what they do not need.

Trustle enables system owners of all environments—whether Test, Dev, Prod, or otherwise—to manage their permissions and instances in a distributed, yet coordinated manner. This enables deployment pipelines to be continuously secure and monitored, while keeping administration overhead low for any given person.

Simplfied Management of Accounts

User Accounts

Trustle discovers all the users on Azure, as well as profile data for those accounts. This helps you link accounts to Trustle users and manage just-in-time access from Microsoft Teams or Slack.

Service Principals

Trustle detects service accounts on Azure and helps manage their access and visibility.

Groups

Trustle discovers all groups—including global administrators—and enables you to manage membership in those groups.
‍

Managing Access to Azure Resources

Operationalize Azure Security

Microsoft provides many frameworks for managing access to cloud resources, but this essentially adds up to guidelines—the real work is left to the customer to implement. Trustle helps you organize and operationalize good security practices and enables you to move infrequently used resources to Temporary or Just-in-Time access. This means that users who need infrequent access to valuable assets and data can gain that access easily, while making their accounts less useful for attackers.

‍