Customers using Microsoft's Azure Media Services for their video transcoding and streaming needs can now use Azure Active Directory (AAD), the company's cloud-based identity management platform, to exert control over user and application access.
Microsoft issued a new REST API (application programming interface), the company announced on June 22. "With the release of this update to our REST API, we are now able to provide the same role-based access management (RBAC) as provided by the Azure Resource Management (ARM) service," said John Deutscher, principal program manager of Azure Media Services at Microsoft, in a blog post.
Azure Resource manager enables customers to deploy cloud application resources using templates, organize those resources into groups and manage access, complete with logs that detail all of the actions taken by users. The latter can help businesses and media companies that rely on Azure Media Services ensure that it is being used for its intended purpose and by authorized personnel.
"By moving to AAD authentication you will also now be able to track and audit all changes made by specific users or an application connected to your Media Services account. The new Azure Media REST API requires that the user or application making REST API requests must have either contributor or owner level access to the resources it is attempting to manage," explained Deutscher.
The move to Azure Active Directory means that Azure Access Control Service (ACS) authentication is on the way out.
Microsoft plans to end support for ACS in Azure Media Services on June 22, 2018, giving customers a year to update their code. Considering Azure Active Directory offers more "fine-grained access" to the service's resources than the token authentication model currently offered by ACS, it's a change worth making asserted Deutscher.
Technical information on making the transition to Azure Active Directory is available here.
Elsewhere on the Microsoft cloud, the company announced this week that its Microsoft Azure Government services are available through the Cloud Solution Provider (CSP) partner program. Compared to the broader Azure ecosystem, the Azure Government cloud features both physical and IT security protections that adhere to the U.S. Government's stringent guidelines.
Azure Information Protection, a data classification and security service used to manage sensitive information, gains a new Do Not Track feature. It can be used to disable document tracking for a group of users for privacy or compliance reasons. Microsoft is working on a feature to allow administrators to view the document tracking activities of these users in a future update.
Finally, Microsoft announced Managed Disks support on its disaster recovery offering, Azure Site Recovery (ASR).
On Azure, Managed Disks dispenses with typical cloud storage management tasks, allowing customers to quickly spin up storage capacity for their cloud applications by simply specifying the type and size of disk they require. "With the integration of managed disks into ASR, you can attach managed disks to your machines during a failover or migration to Azure," Poornima Natarajan, a program manager at Microsoft's Cloud and Enterprise division, said in a June 19 announcement.