Azure Roles and Custom Roles
- Azure Built in roles list Refer Here
Scenario-1: Give an access to a group to perform any operations on a specific resource group.
- This user should not be able give permissions to others users i.e Contributor
- Navigate to the specific Resource Groups => IAM Add Role Assignment => Contributor
Scenario-2: Give an access to a group/user to perform any database sql operations in a specific subscription
- Navigate to specific subscription => Assign SQL DB Contributor to the specific group in IAM.
Scenario-3: Give an access to a group/user to perform any database and vm operations but not delete the vm’s or databases.
- When we are defining azure custom roles ensure we are within limits Refer Here
- Refer Here to the steps recommended by microsoft to create a custom