If I were to use Azure AD instead, is it possible that I can create a group of users, and within the group, different users gain access to different resources (yes/no)? If yes, how?
If I were to use Azure AD instead, is it possible that I can create a group of users, and within the group, different users gain access to different resources (yes/no)? If yes, how?
![](https://techprofile.blob.core.windows.net/images/PT7QlfEdr0qdUKsDf1u5tw.png?8D801B)
What role can be assigned to my app to regenerate cosmos db keys.?
i want to regenerate cosmos key using post request .like this{ https://video2.skills-academy.com/en-us/rest/api/cosmos-db-resource-provider/2020-06-01-preview/databaseaccounts/regeneratekey} but i cant find a proper role to assign to my app so it can get…
See all the things
Is there a role in Azure that allows me to see EVERYTHING from the root of our Azure environment all the way down to the individual resources (i.e VMs, WAFs, WAF Logs, every single setting on networks, etc) for every subscription that has been created…
What do you mean by "one user to manage VMs and another user to manage VMs."?
In RBAC, what do you mean by "Allow one user to manage VMs and another user to manage virtual networks."? Are these separated?
Permission to run Synapse Spark pool
I have a role as Contributor in a Synapse Analytics workspace. I add a new Notebook (only 1 cell), but when I try to run it I get the error: Failed to start session:…
RBAC Automation with Powershell
I am looking to see if anyone has a script that uses excel spreadsheet contents to assign roles to user accounts within Azure AD rather than adding the roles one at a time. Ideally, the spreadsheet would have a list of the usernames and the roles to…
Contributor Access to Subscription and Resource Group
Hi, Can you please refer me to the Microsoft documents that clearly spell out:\ 1. With Contributor access to Subscription - what the user Not able to do? 2. With Contributor access to Resource Group - what the user Not able to do? Thanks
![](https://techprofile.blob.core.windows.net/images/83b87d0ad6664b86a2c2018eab8da26a.png)
Subscription - Contributor Access
Hi, With contributor access on Subscription-level (i.e. Sub A), is a user able able to create (sub) subscription within that Subscription (Sub A)? Thanks
![](https://techprofile.blob.core.windows.net/images/83b87d0ad6664b86a2c2018eab8da26a.png)
Resolve directory users that Azure ClassicAdministrators
I'm trying to list all the permissions of users in an Azure subscription using Microsoft.Authorization API and I faced an issue with the ClassicAdministrators API. The API returns the user's email address and PUID and since the email is not reliable…
Azure RBaC
Hello I have given say user A OWNER access at the management group level. It means anything below such as subscription - resource group etc user A will have access beacuse of Parent-Child relationship. My question is it possible to restrict access of…
Storage Gen2 API in Postman
Hi , I am new to Azure Portal and would like to use the Azure Gen2 API to create the files on storage. I have been able to generate the access token in Postman - [https://login.microsoftonline.com/]()<tenant id>/oauth2/v2.0/token I now have access…
![](https://techprofile.blob.core.windows.net/images/Z1PCM1zxm0SLa41PVP7B7g.png?8DA865)
What could be the best role in my case?
I need to be in a role where I can join VMs to the domain and nothing else. Is there such a role or something similar? It seems like the management wants to minimize the privileges as much as possible. There are just too many roles in the list, I am not…
RBAC in PHP application(hosted as Azure App Service)
Hello Team, We are assessing on prem PHP application to move to Azure App service. Currently we have implemented folder based permission for Authorization flow in the application, where we create groups in AD, add users to it & provide permission…
How to give different permission to different Resource Group automatically based on some RG naming convention in Azure
Hi, I am creating different Resource Group like (rg-dev-department, rg-test-department) in one subscription. I want to give different permission to different users based on resource group name like contributor permission to DEV RG and reader…
![](https://techprofile.blob.core.windows.net/images/PT7QlfEdr0qdUKsDf1u5tw.png?8D801B)
Need some Expert advice to understand how is Contrubitor permissions inferior to Admin
We have a project where it needs VM's, AKS, Casandra, APIs and postgre. the project owner needs to keep the admin role. And is offering a contributor access to access this corporate set up for Azure. While i reviewed the documentation and understand the…
![](https://techprofile.blob.core.windows.net/images/PT7QlfEdr0qdUKsDf1u5tw.png?8D801B)
How do I sign into LEAF and create a new profile
I have installed LEAF for translation, but I cannot sign in and create a profile as per my client's instructions. The instructions say that I should see a sign-in window when opening LEAF for the first time, but it does not appear. It just opens and when…
![](https://techprofile.blob.core.windows.net/images/PT7QlfEdr0qdUKsDf1u5tw.png?8D801B)
Give a service access (like Azure Storage) to a AAD created by subcription
Hi there, I am a user inside my home tenant of my company. Now I am assigned with a subscription for Enterprise DEV/TEST. I can access to Storage Service with my company account under company tenant. I create an Azure AD with the subscription…
![](https://techprofile.blob.core.windows.net/images/UbYooASQGUyYFef3LC5T_w.png?8D8C8F)
![](https://techprofile.blob.core.windows.net/images/UbYooASQGUyYFef3LC5T_w.png?8D8C8F)
I created a role but cannot delete it
Hi, I worked with 5-exercise-manage-custom-roles and create a role, and assignment for it. But now I cannot find any assignment (by portal or azure CLI) but it isn't possible to delete the role since it has assignments... Thanks, Assaf
Integrate with Azure for user access control in hierarchy for Azure Cloud Services
Hi there, I am aiming to integration with our products' users to leverage their permission setting by administrator on Azure. User mapping and Cloud Service (in whole Azure marketplace) access control in hierarchy are the most important work to do. …
![](https://techprofile.blob.core.windows.net/images/UbYooASQGUyYFef3LC5T_w.png?8D8C8F)
![](https://techprofile.blob.core.windows.net/images/UbYooASQGUyYFef3LC5T_w.png?8D8C8F)
Log Analytic Workspace - Permissions in Enterprise
We are in the process of planning our RBAC for a new Azure environment within an Enterprise scale organisation. I'm trying to determine how we best provide access to logs. Within the non-production environments, it seems that the resource-context…