You can enable secure remote access to Azure Portal on the dynamic secret that generates ephemeral credentials for Azure AD. Users can then access the Azure Portal from the Secure Remote Access Portal.
To enable secure remote access to the Azure Portal, you need:
A dynamic secret that specifies the Azure AD details, with Portal Access selected.
In addition, for users to access the Azure Portal in Isolated mode, you need:
The Web Access Bastion.
The Azure Portal site URL is specified as part of the
policiessection in the values.yaml file on the Web Access Bastion.
Let's set up remote access to the Azure Portal using the Akeyless CLI. If you’d prefer, see how to do this from the Akeyless Console instead.
update-item command to define the following fields to the dynamic secret that specifies the Azure details:
akeyless update-item --name <secret name> \ --secure-access-enable true \ --secure-access-web-browsing true
By default, access to the Azure portal will use a direct network access mode. To work with Akeyless Web Access Bastion for session isolation or as a secure proxy entry point, please set one of the following:
- secure-access-web-browsing: Optional, secure browser via Akeyless Web Access Bastion.
Alternatively, in case you prefer to work with the Akeyless bastions as a proxy entry point, set this parameter as true:
- secure-access-web-proxy: Optional, web-proxy via Akeyless Web Access Bastion.
Let's set up remote access to the Azure Portal from the Akeyless Console. If you'd prefer, see how to do this from the Akeyless CLI instead.
Log in to the Akeyless Console and go to Secrets & Keys.
Select the dynamic secret that specifies the Azure AD details.
To the right of the Enable Secure Remote Access field, select the pencil icon, then define the following fields:
Direct connection: Default, using a direct connection to AWS portal via Akeyless Secure Remote Access Bastion.
Secure Web Browsing: Optional, only required to enable access to the Azure Portal in Isolated mode, which restricts user access to other websites while they are logged in to the portal. available only with Web Access Bastion.
Secure Web Proxy: Optional, secure web proxy mode available only with Web Access Bastion.
- To the right of the Enable Secure Remote Access field, select the tick mark icon to save your changes.
Log in to the Secure Remote Access Portal and select Azure Portal.
Select the required target, then select Web.
A new tab opens to the Azure Portal sign-in page, and Akeyless injects the credentials generated by the dynamic secret for the temporary user.
Updated 22 days ago