Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
867 questions
2 answers
I cannot access the azure portal with which I have Microsoft for Startups credits
When I try to access my azure portal with which I have Microsoft for Startup credits, I am getting following error. is there a way for you guys to fix this for me? { "sessionId": "31df0e0edbc74f8eabfb72d924bc227b", …
asked 2025-01-20T03:35:48.7766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 15%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBK%3C/text%3E%3C/svg%3E)
Byeongjin Kang
0
Reputation points
commented 2025-01-22T00:59:01.2+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 51%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
BANDELA Siri Chandana
1,390
Reputation points Microsoft Vendor
1 answer
Is there a way to copy all the IAM permissions on all resources from one account to another
we want to migrate a few accounts to having a separate account to access resources in Azure. Is there a way to copy all IAM Access controls for an account to another account?
asked 2025-01-21T18:40:46.6866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 21%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMC%3C/text%3E%3C/svg%3E)
Michael Carey - Admin
1
Reputation point
answered 2025-01-21T21:00:15.6133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAV%3C/text%3E%3C/svg%3E)
Akhilesh Vallamkonda
11,105
Reputation points Microsoft Vendor
2 answers
Azure IAM Role
Hello, I assign a user as network contributor and as reader, but why this user is able to doing write operation such as create VM, turn off the VM etc?
asked 2025-01-15T06:27:07.44+00:00
Handian Sudianto
5,666
Reputation points
commented 2025-01-20T18:08:49.18+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 89%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHE%3C/text%3E%3C/svg%3E)
Harshitha Eligeti
1,380
Reputation points Microsoft Vendor
1 answer
Need MFA reset for Tenant Admin
Hi Team, Need your help in resetting the MFA for one of the Tenant admins in Azure portal. Kindly let me know the steps to do the same.
asked 2025-01-17T12:19:17.7833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 22%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESC%3C/text%3E%3C/svg%3E)
Srinivasan C K
0
Reputation points
commented 2025-01-20T16:50:07.84+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Navya
14,385
Reputation points Microsoft Vendor
1 answer
How can we give a permission to users non- downloaded document files and non- printable in Azure active directory.
How can we give a permission to users non- downloaded document files and non- printable in Azure active directory?
asked 2025-01-20T13:33:56.9166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 95%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGV%3C/text%3E%3C/svg%3E)
Garima Verma
0
Reputation points
answered 2025-01-20T13:43:59.2333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Marcin Policht
32,185
Reputation points MVP
1 answer
I can get permission to create the resources even i am the admin and i have the global control
i cant get access even i am the admin
asked 2025-01-18T00:01:18.0766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 85%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
Bijaya Subedi
0
Reputation points
edited an answer 2025-01-20T11:02:56.46+00:00
Navya
14,385
Reputation points Microsoft Vendor
2 answers
One of the answers was accepted by the question author.
Lost access to subscription after change directory
I was changing directory of my subscription. Post that I lost admin access or read access over my subscription. Cannot create any resource or perform any action over it.
asked 2025-01-02T03:50:53.16+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 8%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESA%3C/text%3E%3C/svg%3E)
Shivansh Agarwal
20
Reputation points
edited the question 2025-01-20T06:27:00.1533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 61%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EXM%3C/text%3E%3C/svg%3E)
Xenia-MSFT
3,675
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Unable to Transfer Owner Role To Different Account
I'm unable to add a second owner or transfer my subscription owner role to different local account but not seeing option to do so. I can see the current owner and when I try to add member to the owner role, it prompts me to add role assignment but Owner…
asked 2025-01-11T13:33:05.6766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 72%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EED%3C/text%3E%3C/svg%3E)
Eddie Does IT
60
Reputation points
edited the question 2025-01-20T05:57:39.3233333+00:00
Xenia-MSFT
3,675
Reputation points Microsoft Vendor
2 answers
One of the answers was accepted by the question author.
How can I obtain this privileged administrator role: Policy Enforcement Role?
I want to create public IP in this resource group: ERNetwork - Microsoft Azure, but the policy SDOStdPolicyNetwork - Microsoft Azure deny my create a public IP. So I want to delete assignment, but I havn't permission. I find this privileged administrator…
asked 2025-01-15T10:14:06.2266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 83%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EXZ%3C/text%3E%3C/svg%3E)
Xiuyu Zheng
20
Reputation points Microsoft Employee
edited the question 2025-01-20T05:42:10.68+00:00
Xenia-MSFT
3,675
Reputation points Microsoft Vendor
1 answer
Entra Private Network Connector requiring GA account to install?
when installing the Microsoft Entra Private Network Connector with an account that has the "Application Manager" role applied, the connector install fails with the error: Connector Registration failed: Make sure you are a Global Administrator…
asked 2025-01-08T05:13:35.85+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 5%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECF%3C/text%3E%3C/svg%3E)
Cam Fisher
0
Reputation points
commented 2025-01-17T11:33:29.5466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 27%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)
Raja Pothuraju
11,415
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Cannot access my own Azure subscription (Free Trial) after removing Owner role
Details I have a Free Trial subscription in Azure, and I’m the only user who originally set it up. Unfortunately, I removed my own “Owner” role (not sure how), and now I can’t manage the subscription at all: I get “Insufficient privileges” whenever I…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 76%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
1 answer
Error When Switching User Flow from User Sign-In to Vendor Sign-Up in Azure AD B2C
Hi Azure Team, I have implemented two separate user flows in Azure AD B2C for my application: User Sign-In (User Login Flow) Vendor Sign-Up (Vendor Registration Flow) When a user is already logged in through the User Sign-In flow and attempts to…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 41%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMD%3C/text%3E%3C/svg%3E)
1 answer
Action required: Convert Azure classic administrator roles to Azure RBAC roles
Azure classic administrator roles were retired on 31 August 2024 and are no longer supported. If you still have active Co-Administrator or Service Administrator role assignments, convert these roles to Azure RBAC immediately. Required action: To avoid…
asked 2025-01-09T15:53:13.85+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 44%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAR%3C/text%3E%3C/svg%3E)
Andrew Rivera (HE/HIM)
0
Reputation points Microsoft Employee
commented 2025-01-10T22:14:18.6866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 30%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Goutam Pratti
1,310
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Problem: Azure Backup with Disk Encryption and Key Vault Permissions (RBAC)
I’m trying to back up a virtual machine with disk encryption (both OS and data disks) using Recovery Services Vault in Azure. The key used for disk encryption is stored in Azure Key Vault, and I'm using RBAC (Role-Based Access Control) for access…
asked 2024-12-27T13:24:36.29+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 83%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMC%3C/text%3E%3C/svg%3E)
Maxime Callebaut
20
Reputation points
accepted 2025-01-10T15:32:32.0866667+00:00
Maxime Callebaut
20
Reputation points
2 answers
One of the answers was accepted by the question author.
I can not access the Azure portal with my corporate email.
I get the following error when trying to connect to Azure portal: Sign-in failed Error code: AADSTS5000224 Error message: AADSTS5000224: We are sorry, this resource is not available. If you are seeing this message by mistake, please contact Microsoft…
asked 2025-01-09T13:39:31.01+00:00
Christina Pardali
20
Reputation points Microsoft Employee
answered 2025-01-10T07:21:55.6433333+00:00
Christina Pardali
20
Reputation points Microsoft Employee
2 answers
Getting error while creating a resource group in Azure for Students account
I am facing an error while creating an azure app service or creating a resource group. I am using a student account. Below is the screenshot of the error that I am getting while creating a resource group (Some of the details are hidden because I…
asked 2024-12-26T16:15:44.2033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 59%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPK%3C/text%3E%3C/svg%3E)
PRAVEEN KUMAR
0
Reputation points
edited the question 2025-01-07T13:26:14.0566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 35%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Srinud
3,575
Reputation points Microsoft Vendor
1 answer
Azure Policy Tag add tag if missing
I set a new policy for existing resources to add required tag if missing. scenario1: Resource1 have the following tags and value Tag name = Project Value = ProjSSO Tag name = Purpose Value = app login however if the the policy trigger I received an…
asked 2024-02-07T01:45:43.2433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 40%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)
Reygie Prieto
0
Reputation points
commented 2025-01-05T20:51:49.47+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 16%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EL%3C/text%3E%3C/svg%3E)
laserfocused
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Transition to role-based access control (RBAC)
Hi, i want to change my suscription to role-based access control (RBAC). In this moment, the only message that i obtain in the overview Change service administrator functionality is no longer supported. What can i do?
asked 2025-01-02T19:12:13.6866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 73%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELC%3C/text%3E%3C/svg%3E)
Lopez-Cozar, Ignacio
20
Reputation points
commented 2025-01-03T09:40:45.75+00:00
Lopez-Cozar, Ignacio
20
Reputation points
1 answer
What happens after I enable any RBAC Role as PIM enabled role?
I have a question on PIM (Privileged Identity Management). Let say, Users A, B, C, D, E have Reader role on subscription ABC right now. This is standing permanent access before enabling PIM. Now, we enable PIM, enable on this ABC subscription on this…
asked 2024-02-08T03:45:48.2133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 35%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN7%3C/text%3E%3C/svg%3E)
NeelDarji-7992
91
Reputation points
edited a comment 2025-01-03T01:51:03.7366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 41%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
Milwaukee Admin
0
Reputation points
1 answer
Infiinte Loop MFA
I just got a new iPhone, and my authenticator app does not have my previous accounts stored. I am receiving a request to sign in with the Auth App, but when I click "I can't use my Microsoft Authenticator app right now," it just keeps looping…
asked 2024-12-18T23:15:57.1566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 3%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKD%3C/text%3E%3C/svg%3E)
Kevin Doan
5
Reputation points
commented 2025-01-02T07:37:36.9866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Sandeep G-MSFT
20,376
Reputation points Microsoft Employee