Status: OUT
Azure comprehensive workload security requires independently configuring five enforcement dimensions that decompose into two orthogonal planes: the access plane (identity via Entra, authorization via RBAC, governance via Policy) and the protection plane (network isolation via LB/NSG/Private Link, encryption at-rest and in-transit) — any unconfigured dimension creates a gap regardless of the others.