We were looking at what someone with malicious (or ignorant) intentions could do to our setup today and we realized that since the Azure Accounts setup isn’t limited to a specific project, that someone could overwrite a deployed app with any azure website they wanted to if they knew the name of a web app in that azure account.
Limiting by environment doesn’t really work given that we have a lot of different products, each with different owners and deployers. We’d have to duplicate all of the life-cycles and other processes we have defined around “Dev / Test / Prod” environments.
Is there a way to limit a defined azure account to only allowed to be used for a specific project? (This could also extend to physical tentacles, where the same thing could happen, someone just defines a new process for a given role in a project they have admin rights too and overwrites what’s supposed to be on a server they don’t have permissions to).
Thanks for getting in touch! Currently there is no way to limit the Azure accounts to a specific project.
Our current permission architecture rarely gives permissions on a project level for things that are required on a system level.
We do think this is an interesting idea however, and would like to see if there is any demand in the community for this as it has not come up since we introduced azure accounts.
I have created a UserVoice suggestion for this and linked it below, please feel free to vote and comment on it to get the ball rolling.
With enough community support we could look at adding some form of modification to limit the activity that you have observed.
Hi Daniel,
Thank you for the response. Just to be clear of my intentions, it’s not so much limiting to a project per say, that’s just what security is based on right now. The end goal is to be able to limit who can run deployments to a set environment. This also could extend to tentacles easily.
Since roles can’t really be restricted to individuals the same way accounts cannot be restricted. anyone with permission to edit a process can deploy to any role. This is what we want to limit, that people can only deploy to their own machines / azure accounts.
Since I cannot edit the user voice, I just wanted to make sure the end goal was clear
