This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 90%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERK%3C/text%3E%3C/svg%3E)
We are encountering an issue where a user with appropriate roles and permissions is unable to manage the auto-shutdown feature for Azure Virtual Machines (VMs). Despite assigning the built-in DevTest Labs User role and attempting several combinations of roles and permissions, we have been unable to achieve the desired functionality for managing auto-shutdown settings.
Although users with privileged roles can successfully manage auto-shutdown, we require a solution that allows non-privileged users to only control the auto-shutdown settings for VMs without granting broader access.
I have used Microsoft.DevTestLab/schedules/* permission, which I checked in "contributor" role. Aslo, i have tried cloning contributor role with some not actions to create role that can only manage auto-shutdown.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 35%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Hi Rahul Kamble,
Thank you for reaching out to us on the Microsoft Q&A forum.
Please create a custom role with the necessary limited permissions required for specific operations or actions and assign this role to the appropriate users.
Please find the below document for more information:
https://learn.microsoft.com/en-us/azure/role-based-access-control/custom-roles#how-to-determine-the-permissions-you-need
If the information is helpful, please consider by clicking the "Upvote" on the post.
Hi Rahul Kamble,
I Hope you are doing well!!
I just wanted to check if you had a chance to review answer. If you found it helpful, could you kindly click the “Accept Answer and upvote” on the post. This will help increase its visibility of this question for other members of the Microsoft Q&A community.
If you have any further queries, please let us know in the comment.
Thank you.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 24%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAA%3C/text%3E%3C/svg%3E)
Hello.
Thanks for your question.
You can use the Virtual Machine Contributor' role.
You can test with that and further scale down to a custom role if needed.
If this doesn't work, you may need to check the Azure policies on your tenant.
You can mark it 'Accept Answer' and 'Upvote' if this helped you
Regards,
Abiola