![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 16%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
711 questions
@AzCoAdmCore03
Thank you for your post and I apologize for the delayed response!
When creating a custom role within the Azure Portal, setting assignable scope to root scope ("/") is not supported. You cannot add a management group as an assignable scope, the highest option would be subscription. For more info - Assignable scopes
Note: If you'd like to create a custom role using PS, CLI, or REST API, and add it to the Management group level under AssignableScopes this is currently in preview.
Create or update Azure custom roles using Azure PowerShell
Create or update Azure custom roles using Azure CLI
Create or update Azure custom roles using the REST API
If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.
----------
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.