Azure offers a wide offering of services and all those services are interconnected. That makes it easy to loose sight of who can manage what. Different Identity types and permissions are the backbone for a secure cloud environment. Therefore it's important to understand how each service might be used to laterally move in your environment and how bad choices could affect your security posture.