Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
882 questions
1 answer
How to configure "Europe Access Only" for resources in Azure Subscription instead of Tenant
Our objective is to restrict access to resources within our Azure subscription to ensure that personal data remains inaccessible to operators and end-users located outside the EEA (European Economic Area) or Switzerland. Could you please share any clear…
asked 2025-01-06T05:51:31.6366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 72%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBB%3C/text%3E%3C/svg%3E)
Bai, Bob
20
Reputation points
commented 2025-02-19T10:30:47.6966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 22%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESD%3C/text%3E%3C/svg%3E)
Sakshi Devkante
920
Reputation points Microsoft Vendor
2 answers
One of the answers was accepted by the question author.
Azure KeyVault Data Access Administrator Role can't assign KeyVault Certificate User role
The KeyVault Data Access Administrator role is meant to be used to assign permissions for other KeyVault related roles, however it appears the KeyVault Certificate User was missed and cannot be assigned by the KV Data Access Administrator role. So, at…
asked 2025-02-14T21:48:29.9+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 4%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Austin Mager
20
Reputation points Microsoft Employee
accepted 2025-02-18T18:39:55.4966667+00:00
Austin Mager
20
Reputation points Microsoft Employee
1 answer
[UnusualActivity] Full Deny assignment
I can't perform any action on my account using my student credit . I can't create nor manage any resource even though I still have unused credits and valid azure account. The client with object id '.............' has permission to perform action…
asked 2025-01-28T17:46:11.7966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 34%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGL%3C/text%3E%3C/svg%3E)
Ghassen Latrach
10
Reputation points
commented 2025-02-17T11:53:48.4933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 78%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EE%3C/text%3E%3C/svg%3E)
emnaabidi
5
Reputation points
2 answers
A resource owner is on leave, and you urgently need to assign roles to manage Azure resources.
i need to assign the role for the particular user to access the azure active directory
asked 2025-02-06T18:59:45.4066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 79%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMG%3C/text%3E%3C/svg%3E)
Manchala Gurunadha Rao
0
Reputation points
commented 2025-02-17T08:56:31.6466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Navya
15,555
Reputation points Microsoft Vendor
1 answer
how to get the list of SPN role assignment access
We assigned built-in roles and custom roles to the service principle, but where we are check all SPN access list? when we go to subscription and can verify the roles.
asked 2025-02-12T18:07:00.4233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 34%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGN%3C/text%3E%3C/svg%3E)
Gangasani, Narender
0
Reputation points
commented 2025-02-17T08:36:04.1533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 26%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJK%3C/text%3E%3C/svg%3E)
Janaki Kota
710
Reputation points Microsoft Vendor
1 answer
Unable to get email alert for PIM role activation
Hello, we used to receive emails from Microsoft Azure for the PIM roles activation but It just stopped. Nothing changed just we are no longer receiving emails for role activation. Can you please help me with this? Thanks!
asked 2024-12-05T17:18:37.2366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 24%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYT%3C/text%3E%3C/svg%3E)
Yasin Turan
0
Reputation points
edited the question 2025-02-12T20:09:01.0933333+00:00
Peter Doering
180
Reputation points
1 answer
Need MFA reset for Tenant Admin
Hi Team, Need your help in resetting the MFA for one of the Tenant admins in Azure portal. Kindly let me know the steps to do the same.
asked 2025-01-17T12:19:17.7833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 22%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESC%3C/text%3E%3C/svg%3E)
Srinivasan C K
0
Reputation points
edited the question 2025-02-12T19:42:23.37+00:00
Peter Doering
180
Reputation points
3 answers
One of the answers was accepted by the question author.
No rights to delete a subscription
I have an old tenant from a company I shutdown a few years ago. I want to delete the tenant but there is still a subscription in the tenant and that is blocking the deletion. So, I try to cancel the subscription. I don't have rights. I am the 'Global…
asked 2025-02-04T21:12:17.48+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 2%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAL%3C/text%3E%3C/svg%3E)
Allen Long
20
Reputation points
commented 2025-02-12T19:21:10.38+00:00
Allen Long
20
Reputation points
1 answer
How can I assign granular RBAC rights to Defender EASM Azure Resource
When creating a Defender EASM Resource in Azure, there is no possibility to granularly assign RBAC Roles to this resource. In the Defender EASM Portal the "IAM" Section is missing for role assignment. However in order to create the resource you…
asked 2025-02-04T14:35:44.97+00:00
Sascha Reuter
10
Reputation points
commented 2025-02-12T13:28:13.4733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 27%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)
Raja Pothuraju
13,715
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
After creating Azure compute gallery and making it public unable to find images in it via it's Community gallery name
Hi, I have created Azure compute gallery with Community sharing type, via both Azure portal and Azure cli, by following official documentation, but was unable to list VM images that I have created in it from VM in azure community images both via image…
asked 2024-09-11T12:34:02.3166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 42%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Maksym Perehinets
25
Reputation points
accepted 2025-02-12T13:24:54.0566667+00:00
Maksym Perehinets
25
Reputation points
1 answer
How to control access to a folder in ADLS gen2 container while Storage account IAMs are in action
Hi, I have a synapse pipeline that saves an output file in a folder (ex: salary) in an ADLS container (ex: employee). Now Mr. X wants the data saved in the folder to be accessible only to him but storage account level IAMs have already given access to…
asked 2025-02-03T19:28:59.77+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 74%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
SP
5
Reputation points
commented 2025-02-11T20:26:42.5333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 6%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKD%3C/text%3E%3C/svg%3E)
Keshavulu Dasari
3,380
Reputation points Microsoft Vendor
0 answers
Azure Function App Read-only on functions
How can I create a custom role in Azure that allows users to view Function App code in read-only mode? Currently, users with the built-in Reader role can see the Function App but get an error requiring write permissions when trying to view the actual…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 77%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
1 answer
Access control (IAM) Issue - Creating is greyed out
I am owner of a MS Action Pack Subscription. I cannot find out why i am not able to create role assignents in Access control (IAM) anymore. I stuck in the last menu. The create button is greyed out.
asked 2025-02-04T11:25:21.62+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 8%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPD%3C/text%3E%3C/svg%3E)
Peter Drose | cloudconnex
0
Reputation points
commented 2025-02-07T09:20:15.4966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 30%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Goutam Pratti
1,670
Reputation points Microsoft Vendor
1 answer
How to use Azure C# SDK to retriever filtered role assignments
I'm starting to feel like Azure C# SDK does not provide a way for me to list all role assignments a user has been assigned directly or indirectly assigned at a given scope (e.g. subscription). I know this is supported via the underlying REST API and…
Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
882 questions
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
11,305 questions
asked 2025-02-01T11:05:56.0733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 48%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFA%3C/text%3E%3C/svg%3E)
Fernando Almeida
0
Reputation points
commented 2025-02-06T04:01:21.4433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 68%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKS%3C/text%3E%3C/svg%3E)
Kancharla Saiteja
790
Reputation points Microsoft Vendor
1 answer
Issue with roles and admin assignments
There was an issue with the roles and admins assignments. The assigned users were 14 members and Im able to see the assigned users as 15. What was the issue. Is the group name also added into the assigned users count.
asked 2025-01-29T05:17:04.4433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 35%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERR%3C/text%3E%3C/svg%3E)
Ravi Ranjan Kumar
0
Reputation points
commented 2025-02-05T16:44:35.4933333+00:00
Raja Pothuraju
13,715
Reputation points Microsoft Vendor
3 answers
azure owner roles issue
Hi Team, accidentally i was deleted my owner role attached to the my subscription . and now i am unable to perform operations in my account. could you please help me on this issue
asked 2024-07-12T04:48:21.28+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 44%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Narasimharao
5
Reputation points
commented 2025-02-04T11:55:52.47+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 44%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELV%3C/text%3E%3C/svg%3E)
Likhit Varma
0
Reputation points
1 answer
Azure Service Health for Subscription ID
Hello, We got a following mail from [azure-noreply@microsoft.com] to ******@some.hidden.company.com. But we dont have this Subscription ID someidid-****-****-81ef-hiddenhidden in our Azure account. Can you please help us how can we find the this …
asked 2025-01-27T08:17:26.9233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 54%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EUH%3C/text%3E%3C/svg%3E)
Urkmez Hakan (BSH GDS-PSUG)
0
Reputation points
commented 2025-02-04T09:38:37.71+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 60%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECE%3C/text%3E%3C/svg%3E)
Chaithra E
480
Reputation points Microsoft Vendor
2 answers
One of the answers was accepted by the question author.
How to apply roleAssignment write permissions to an application registration
Hey, i have an application registration to grant a terraform pipeline access to azure. The application registration has the contributor role on subscription scope. But Terraform now needs to be able to asign roles inside a resource group that was created…
asked 2024-01-10T16:10:08.56+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 53%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Robin
20
Reputation points
answered 2025-01-30T19:28:44.83+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 23%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKI%3C/text%3E%3C/svg%3E)
Kirill Insarov
0
Reputation points
1 answer
AuthorizationFailed: Unable to Delete Role Assignment Due to ABAC Condition in Pay-As-You-Go Subscription 26049fd6-7b85-4142-8060-b88930cb8cec
I am writing to request your assistance with a critical issue I am facing in my Pay-As-You-Go subscription. I am encountering an AuthorizationFailed error while attempting to delete a role assignment. Despite having the Owner role for the subscription,…
asked 2025-01-23T19:19:03.9766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 54%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESC%3C/text%3E%3C/svg%3E)
Santhosh C
0
Reputation points
edited a comment 2025-01-30T06:37:28.52+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 51%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
BANDELA Siri Chandana
1,570
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Active directory Integration with RBAC for Azure CosmosDB with Mongo API
Planning to create RBAC for Azure Cosmos DB with Mongo API, is Active directory user integration is possible
asked 2025-01-24T23:26:06.4166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 81%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAA%3C/text%3E%3C/svg%3E)
Ashok Arumugam
20
Reputation points
commented 2025-01-27T14:44:00.0566667+00:00
Ashok Arumugam
20
Reputation points