Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
827 questions
1 answer
One of the answers was accepted by the question author.
Connect to CloudShell
Hi, I have granted one of my users access to Azure Kubernetes Service. The user wants to connect to Azure Cloud Shell from the Azure portal but is unable to do so, as connecting to Azure Cloud Shell requires a storage account, and the user does not have…
asked 2024-11-01T12:05:31.2566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 72%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERR%3C/text%3E%3C/svg%3E)
Roger Roger
6,346
Reputation points
accepted 2024-11-04T16:05:15.73+00:00
Roger Roger
6,346
Reputation points
0 answers
Prevent users from creating azure subscriptions in tenant
Hi Team, Is there any option to prevent the users from creating azure subscriptions in tenant. Only Global admin should have access for creating subscription and other users should not have option to create subscription in tenant level
asked 2024-11-04T14:30:32.7666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 96%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENR%3C/text%3E%3C/svg%3E)
Naveen Rayudu (MINDTREE LIMITED)
0
Reputation points Microsoft Vendor
asked 2024-11-04T14:30:32.7666667+00:00
Naveen Rayudu (MINDTREE LIMITED)
0
Reputation points Microsoft Vendor
1 answer
How to have more control on my users having access to client's tenant?
Hi, I am facing a scenario where a org needs to give his consultants (part time employees) a domain email address using which they get invited to a separate Azure tenant from client and do their tasks there. The thing is, in this scenario org have no…
asked 2024-10-31T05:19:33.8733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 25%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENU%3C/text%3E%3C/svg%3E)
Najam ul Saqib
320
Reputation points
commented 2024-11-04T03:07:00.07+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 4%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Sina Salam
11,916
Reputation points
1 answer
One of the answers was accepted by the question author.
Restore the owner for my free subscription
Hi everyone, Accidentally I deleted the owner role of my free subscription. Is there any way to restore my permissions? The option for cancelling and reactivating the subscription is not on the table, as I don't have permissions. Could anyone pls…
asked 2024-11-02T18:10:04.0133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 51%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHL%3C/text%3E%3C/svg%3E)
Harris Lazaridis
25
Reputation points
accepted 2024-11-02T22:34:37.8666667+00:00
Harris Lazaridis
25
Reputation points
3 answers
azure owner roles issue
Hi Team, accidentally i was deleted my owner role attached to the my subscription . and now i am unable to perform operations in my account. could you please help me on this issue
asked 2024-07-12T04:48:21.28+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 44%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Narasimharao
0
Reputation points
answered 2024-11-02T19:43:26.75+00:00
Harris Lazaridis
25
Reputation points
2 answers
not able to change access configuration policy
CODE InsufficientPermissions MESSAGE RAW ERROR Caller is not allowed to change permission model. For more information on how to change the permissions model follow this link: https://go.microsoft.com/fwlink/?linkid=2155160. Details:…
asked 2023-10-19T05:18:01.9833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 37%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHG%3C/text%3E%3C/svg%3E)
himani ghildiyal
10
Reputation points
commented 2024-11-01T13:28:32.89+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 33%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESW%3C/text%3E%3C/svg%3E)
Sergei Wallgren
0
Reputation points
1 answer
Need no authentication but only authorization from spring boot 3 to access roles for API exposed
We want to just authorization using spring boot 3 for the APIs exposed for the ROLE that is there in the token issued from another cli client by executing command = az account get-access-token. We need sample piece of code of spring 3 application that…
asked 2024-10-25T15:04:25.7633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 83%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENS%3C/text%3E%3C/svg%3E)
Nimbolkar, Santosh
0
Reputation points
commented 2024-10-31T18:31:52.4633333+00:00
James Hamil
24,926
Reputation points Microsoft Employee
1 answer
Received error - "AADSTS399266: Blob grant token received with wrong issuer type."
I am trying to use the code from this microsoft learn page - https://video2.skills-academy.com/en-us/samples/azure-samples/ms-identity-ciam-javascript-tutorial/ms-identity-ciam-javascript-tutorial-0-call-api-vanillajs/ and configure the Ids. When trying to…
asked 2024-09-05T20:42:40.4133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 39%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENB%3C/text%3E%3C/svg%3E)
Narisetti, Bernard
0
Reputation points
commented 2024-10-31T02:46:14.0766667+00:00
James Hamil
24,926
Reputation points Microsoft Employee
1 answer
Level 2 AD Group & SQL server Microsoft Entra admin group & usage of IS_MEMBER for Row Level Security
Currently we are running into an issue developing Row Level Security since the IS_MEMBER does not work for the Microsoft Entra Admin group setup for that SQL server.…
asked 2024-09-06T05:57:57.62+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 45%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Sandeep Kumar
0
Reputation points
commented 2024-10-31T02:46:05.7833333+00:00
James Hamil
24,926
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Blob/storage container security role needed to "add" a blob/container
Hello, I'm looking to determine what the minimum security Roles I would need to assign to a user that will allow them to create and manage Azure storage containers and Azure Blobs in the azure portal. thanks, RT
asked 2024-10-29T18:11:15.1766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 21%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERT%3C/text%3E%3C/svg%3E)
Richard Taylor
20
Reputation points
commented 2024-10-31T02:37:23.2233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 61%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EXM%3C/text%3E%3C/svg%3E)
Xenia-MSFT
2,520
Reputation points Microsoft Vendor
1 answer
How to allow users from a different tenant access our storage, servers, etc
Is it possible to allow the users from a different Azure tenant access to Windows VMs, file shares, storage, etc, in our tenant without having to have them set up accounts, invites, etc? In other words, seamlessly?
asked 2023-06-16T23:56:56.13+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 36%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM8%3C/text%3E%3C/svg%3E)
MartinKulp-8809
6
Reputation points
commented 2024-10-30T10:29:23.44+00:00
Najam ul Saqib
320
Reputation points
1 answer
Unable to Assign Global Admin Roles in Microsoft 365 due to GDAP Issues
None of our users in MS365 admin center has global admin rights. We do not have the rights to assign global admin rights to ourselves in MS Admin Center Our MS365 provider cannot help us since there is no active GDAP. Our MS365 provider has tried…
asked 2024-10-29T05:39:18.4066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 86%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET9%3C/text%3E%3C/svg%3E)
TrygveSanda-9535
0
Reputation points
answered 2024-10-30T07:07:00.54+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 63%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBD%3C/text%3E%3C/svg%3E)
Bhasker Donthu
460
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
PIM - Group Admin Role Assignment is not working as intended
Currently, if you use the PIM Assignment group to gain access to the Groups Administrator role, you're unable to validate any dynamically assigned rules using the built-in validation tool. However, if you assign the Group Administrator role directly (not…
asked 2024-10-22T09:08:13.5366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 80%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVK%3C/text%3E%3C/svg%3E)
Vamsi Krishna Bungatavula
20
Reputation points
edited the question 2024-10-30T05:33:35.7633333+00:00
Xenia-MSFT
2,520
Reputation points Microsoft Vendor
1 answer
not able to create a unity catalog
i want to create a unity catalog in azure databricks. manage account console is not accessible on azure databricks once i launch a workspace despite the "globle administrative role access" and premium subscription of azure…
asked 2024-10-25T03:37:10.3533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 59%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGC%3C/text%3E%3C/svg%3E)
Giridhar Chandankhede
0
Reputation points
commented 2024-10-29T17:54:01.66+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 65%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECB%3C/text%3E%3C/svg%3E)
Chandra Boorla
2,525
Reputation points Microsoft Vendor
0 answers
How to access Azure without an existing external user?
I can no longer use the Azure account. Reason: The only external user has been converted to an internal user. It is no longer possible to log in without an external user. Deleting the account is also not possible. There is no support for this…
asked 2024-10-23T20:31:46.18+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 90%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
ber999
6
Reputation points
commented 2024-10-29T05:01:58.15+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 51%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
BANDELA Siri Chandana
160
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Azure Key Vault RBAC permissions required for APIM to retreive a cert?
Hi I have a Azure API manager setup and want to add a custom domain. We have deployed Azure Key Vault and uploaded a certificate. We have deployed Key Vault with the recommended "role-based access control" We have given the APIM managed…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 53%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
Users are not able to see some resources in a resource group where they have respective contributor access.
I created a resource group and added some resources in that. There I added my team through security group which has respective contributor roles for those resources. Some of these resources including blob storage is not visible to the team. To…
asked 2024-08-29T11:24:41.9633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 60%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPD%3C/text%3E%3C/svg%3E)
Pankaj Dua
20
Reputation points
commented 2024-10-28T09:50:24.8966667+00:00
Pankaj Dua
20
Reputation points
0 answers
How to delete resource when the access is denied because of the deny assignment
Hi, I want to delete a Resource group that I have owner role, but the error said that: "Failed to delete resource group ticketx88: The client '22520758@ms.uit.edu.vn' with object id '67991a01-1405-424f-ab7a-e596f262c6ca' has permission to perform…
asked 2024-10-24T12:43:37.3833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 98%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EON%3C/text%3E%3C/svg%3E)
Đoàn Thị Khánh Linh
0
Reputation points
edited a comment 2024-10-25T12:57:11.3433333+00:00
Đoàn Thị Khánh Linh
0
Reputation points
0 answers
Getting 403 error in Terraform while assigning RBAC in Azure
I have correct access (Owner) and able to assign RBAC through portal but not Terraform. │ Error: authorization.RoleAssignmentsClient#Create: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error.…
asked 2024-10-24T14:47:37.2933333+00:00
Harshit Z Kothari
0
Reputation points
asked 2024-10-24T14:47:37.2933333+00:00
Harshit Z Kothari
0
Reputation points
3 answers
Log analytics error
Hello Everyone, I'm getting this below error when trying to access my Log analytics workspace from Azure AD and Entra portal. That resource group and workbook has been deleted already and no longer exist (tried PowerShell command to delete as well and it…
asked 2023-09-01T15:51:41.0833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 90%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
Jimy
0
Reputation points
answered 2024-10-23T07:23:34.1866667+00:00
Rob Mulder
231
Reputation points