![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 74%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERR%3C/text%3E%3C/svg%3E)
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
835 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 51%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
Hi @Rajush Rajan
Thank you for posting your query on Microsoft Q&A.
I understand that you are trying to restrict Azure Cloud Shell Access to a Specific Azure Entra ID Group.
But this approach is done via network settings this is not exact solution.
We have another approach using conditional access policy in target resources you can select Windows Azure Service Management API application and include users on your requirement and in grant access select block.
But the problem is other resources also included in Windows Azure Service Management API application like
If you think it doesn't impact, you can follow conditional access policy method.
Hope this helps. Do let us know if you have any further queries.
If this answers your query, do click Accept Answer and Yes.
Thanks,
B. Siri Chandana.