Transition to role-based access control (RBAC) in Azure by 31 August 2024 - no clear steps

Chua Khoon Yong 46 Reputation points
2024-03-13T03:23:28.35+00:00

Received the above email, but no clear steps.

I only have a service administrator account in the "Classic Administrators" section.

How do we migrate this acct to RBAC. What are the roles to use in RBAC so that it is similar as before.

Do we need to change the "service admin" in the subscription to the new RBAC account?

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
808 questions
0 comments No comments
{count} votes

Accepted answer
  1. Sandeep G-MSFT 19,021 Reputation points Microsoft Employee
    2024-03-13T09:25:16.6433333+00:00

    @Chua Khoon Yong

    Thank you for posting this in Microsoft Q&A.

    In ARM (Azure resource manage) we only have one owner role and one contributor role on subscription level. These roles are highest privileged role in RBAC on the subscription level.

    Owner role is the one which is equivalent to service administrator and co-administrator role in classic subscription administrator role.

    The rest of the built-in roles allow management of specific Azure resources. For example, the Virtual Machine Contributor role allows the user to create and manage virtual machines. For a list of all the built-in roles, see Azure built-in roles.

    User's image

    You refer below article,

    https://video2.skills-academy.com/en-us/azure/role-based-access-control/rbac-and-directory-admin-roles#azure-roles

    For service administrator, you can have the same user account have owner role assigned on the subscription.

    You do not have to change the service administrator on the subscription. You can get RBAC owner role assign to the same service administrator account on the subscription level.

    This will keep your account same access as the service administrator.

    Let me know if you have any further questions.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


1 additional answer

Sort by: Most helpful
  1. Marcin Policht 23,700 Reputation points MVP
    2024-03-13T03:28:53.26+00:00

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.