I recently had several conversations related to smart lockout feature in Entra ID. Based on those, it occurred to me that inner workings of this feature are not as widely known as I assumed. [Read More]

Some interesting changes happened recently (within last year 😉) in the area of highly privileged (i.e. control plane or Tier 0 in legacy terms) Azure infrastructure RBAC model roles. Up until now, the classic trio of control plane privileged roles with direct control over Azure infrastructure was limited to: [Read More]

If you need to get information about the size of billable data ingested per Log Analytics table with an indication of Azure subscription responsible for generation of that data, use the following KQL query: [Read More]

If you need to get information about the size of billable data ingested into given Log Analytics workspace (with or without Sentinel solution installed), use the following KQL query: [Read More]

Role-assignable groups in Entra ID (P1 or P2 licensing required) are objects with subtle, but important difference, distinguishing them from other ordinary groups. Namely, during their creation, the isRoleAssignable attribute is set to True. It is an immutable attribute, available only during the group creation. Groups created as role-assignable stay... [Read More]