You can enable secure remote access to Azure Portal on the dynamic secret that generates ephemeral credentials for Azure AD. Users can then access the Azure Portal from the Secure Remote Access Portal.

Prerequisites

To enable secure remote access to the Azure Portal you need:

• A dynamic secret that specifies the Azure AD details, with Portal Access selected.
• The Secure Remote Access Bastion.
• The Akeyless Browser Extension.

In addition, for users to access the Azure Portal in Isolated mode, you need:

• The Web Access Bastion.
• The Azure Portal site URL specified in the values.yaml file on the Web Access Bastion.

Set Up Remote Access to the Azure Portal from the Akeyless CLI

Let's set up remote access to the Azure Portal using the Akeyless CLI. If you’d prefer, see how to do this from the Akeyless Console instead.

Run the update-item command to define the following fields to the dynamic secret that specifies the Azure details:

akeyless update-item --name <secret name> /
--secure-access-enable true /
--secure-access-web-browsing true

where:

• secure-access-web-browsing: Optional, only required to enable access to the Azure Portal in Isolated mode, which restricts user access to other websites while they are logged in to the portal.

Set Up Remote Access to the Azure Portal from the Akeyless Console

Let's set up remote access to the Azure Portal from the Akeyless Console. If you'd prefer, see how to do this from the Akeyless CLI instead.

1. Log in to the Akeyless Console and go to Secrets & Keys.

2. Select the dynamic secret that specifies the Azure AD details.

3. To the right of the Enable Secure Remote Access field, select the pencil icon, then define the following fields:

• Secure Web Browsing: Optional, only required to enable access to the Azure Portal in Isolated mode, which restricts user access to other websites while they are logged in to the portal.

4. To the right of the Enable Secure Remote Access field, select the tick mark icon to save your changes.

Access the Azure Portal from the Secure Remote Access Portal

1. Log in to the Secure Remote Access Portal and select Azure Portal.

2. Select the required target, then select Web.
   A new tab opens to the Azure Portal sign-in page, and Akeyless injects the credentials generated by the dynamic secret for the temporary user.