Azure resources are organized hierarchically as :

Tenant → Management Group → Subscription → Resource Group → Resources.

What these terms stand for :

• Tenant represents the Entra ID identity boundary
• Subscriptions are billing and governance boundaries
• Resource Groups logically organize related resources

For authentication and automation
Azure uses Service Principals, which are non-human identities tied to applications.
A Service Principal is created from an App Registration.

• Authentication typically uses Tenant ID, Client ID, and Client Secret.
• After authentication, Azure RBAC controls Authorization and permissions on subscriptions, resource groups, or resources
• Managed Identities are Azure-managed Service Principals that avoid secret management and are preferred when running workloads inside Azure