Azure role-based access control (RBAC) overview
*This article could be a summary of content for learning purposes. For more information and knowledge, read the original articles in the References section.Instead of defining the detailed access requirements for each individual, and then updating access requirements when new resources are created, Azure enables you to control access through Azure role-based access control (Azure RBAC).
Azure provides built-in roles that describe common access rules for cloud resources. You can also define your own roles. Each role has an associated set of access permissions that relate to that role. When you assign individuals or groups to one or more roles, they receive all of the associated access permissions.
Role-based access control is applied to a scope, which is a resource or set of resources that this access applies to.
Here’s a diagram that shows the relationship between roles and scopes:
Use Azure RBAC when you need to:
- Allow one user to manage VMs in a subscription and another user to manage virtual networks.
- Allow a database administrator group to manage SQL databases in a subscription.
- Allow a user to manage all resources in a resource group, such as virtual machines, websites, and subnets.
- Allow an application to access all resources in a resource group.
References:
Buy us a coffeRelated Posts
© 2021, All Rights Reserved.
Quick Links
Legal Stuff