Azure Classroom Series – 13/Mar/2020

Role Based Access Control (RBAC)

  • RBAC can be applied at
    • Subscription
    • Resource Group
    • Resource
  • Three Popular Roles
    • Owner:
      • Anything
    • Contributor
      • Everything apart from giving permissions to others
    • Reader
      • Has only view permissions
  • There are many built in roles in Azure Refer Here
  • Every Subscription/Resource Group/Resource will have Identity and Access Management, Assign roles at the level which is required
  • We have
    • Role Assingnments (Multiple roles to the user if necessary)
    • Deny Role Assignments
    • Roles (Applicable Roles)
  • Refer Here
  • RBAC Limits

Exercise: 1

  • Create a user and give him permission as a Reader at subscription level. Now go to any Resource Group and make him contributor.

Custom RBAC Policy

  • Custom Policy is all about writing a json file with following sections
    • Name: Name of your Role
    • IsCustom: true always for Custom Role
    • Description: Any text describing the purpose
    • Action: Actions permitted to the users
    • Not Actions: Actions not Permitted to the users
    • Data Actions: Data Actions permitted to the user
    • Not Data Actions: Data Actions not permitted to the user
  • Resource Provider level Actions are documented over here
  • Exercise 2: Create a custom policy by referring this document

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About learningthoughtsadmin