Reputation: 21
Azure RBAC Custom Roles
I am currently trying to work out a concept for a roles and rights concept. Azure RBAC already has a few built-in roles but I am trying to create a few more custom roles. Are custom roles directly linked to the RBAC? And does anyone have any suggestions which roles I should definitely add? I'm not familiar with all applications in Azure at the moment since i have only been working with azure for a few weeks, so I would appreciate some suggestions. I am also trying to understand the hierarchy and structure behind Azure RBAC.
If anyone has worked out such a concept themselves or works a lot with azure rbac, feel free to share your experiences or results!
Upvotes: 2
Views: 526
Answers (1)
Reputation: 11401
Azure role-based access control (Azure RBAC) helps manage who has access to Azure resources, what they can do with those resources, and what areas they have access to.
Azure RBAC is an authorization system built on Azure Resource Manager that provides fine-grained access management of Azure resources.
Create your own custom roles. Just like built-in roles, assign custom roles to users, groups, and service principals at management group (in preview only), subscription, and resource group scopes.
Custom roles can be shared between subscriptions that trust the same Azure AD directory. There is a limit of 5,000 custom roles per directory. Custom roles can be created using the Azure portal, Azure PowerShell, Azure CLI, or the REST API.
Upvotes: 1
Related Questions
- Relationship between Azure RBAC roles and service principal
- How to assign custom role to the application in Bicep
- Azure RBAC Permission
- How to create custom RBAC/ABAC role in Azure?
- Azure role assignment precedence
- How to assign roles to the users in Azure Active Directory
- Azure RBAC - modularity and custom roles inheritance
- Figure out the right set of actions in Azure RBAC custom role
- Azure Active Directory - Role based Store Manager
- Create custom role for subscription in azure