Azure role-based access control (RBAC) overview

By Max from AzureGuru
Published in AZ-900 Training
January 03, 2021
1 min read
*This article could be a summary of content for learning purposes. For more information and knowledge, read the original articles in the References section.

Instead of defining the detailed access requirements for each individual, and then updating access requirements when new resources are created, Azure enables you to control access through Azure role-based access control (Azure RBAC).

Azure provides built-in roles that describe common access rules for cloud resources. You can also define your own roles. Each role has an associated set of access permissions that relate to that role. When you assign individuals or groups to one or more roles, they receive all of the associated access permissions.

Role-based access control is applied to a scope, which is a resource or set of resources that this access applies to.

Here’s a diagram that shows the relationship between roles and scopes:

Role scope

Use Azure RBAC when you need to:

  • Allow one user to manage VMs in a subscription and another user to manage virtual networks.
  • Allow a database administrator group to manage SQL databases in a subscription.
  • Allow a user to manage all resources in a resource group, such as virtual machines, websites, and subnets.
  • Allow an application to access all resources in a resource group.


  • Control access to cloud resources by using Azure role-based access control



Related Posts

What are service-level agreements (SLAs)?
January 17, 2021
1 min
© 2021, All Rights Reserved.

Quick Links

Advertise with usAbout UsContact Us

Social Media