CODEWITHSUNDEEP
azure
Charly
Charly

Reputation: 3

Azure RBAC Permission

there is use-case I am looking for solution. Assume I am assigning RBAC - Owner role to user(xxx) at subscription level. But now I need to exclude this permission to one of the resource group under this Subscription. Is that feasible?

Upvotes: 0

Views: 152

Answers (1)

juunas
juunas

Reputation: 58898

No. Azure RBAC permissions cannot be removed like that. Owner at subscription level means Owner on all resource groups and resources under it. You need to assign the roles at resource group level if you want to restrict them there. The other option is to separate the resources to a different subscription.

Upvotes: 1

Related Questions