Custom roles are not returned when i query a users memberof endpoint in graph api
Hi, I have used graph api users memberOf endpoint to get the roles assigned for a user . The response from the endpoint returns all the groups and roles that is assigned for that user , but the custom defined role is not returned . Is there any other way…
Required help on correcting the Bicep template for assigning the role assignment at resource level scope
Hi, we are in the process of generating several public IPs using the provided Bicep template. Our goal is to allocate role assignments to all these IPs within the scope of the resource level. However, we are encountering numerous challenges in…
I need to assign a policy to the tenant root management group from a new user account.
what is the role needed for the user? How to do it?
To add a backend pool and health probe to loadbalancer, which role is needed?
Network contributor on loadbalancer level? Network contributor on the resource group level?
What role will I have when I migrate a subscription to a new Tenant/Directory?
Hi All, Starting in September 2024 Classic Admins will be removed. I am wondering what is going to happen when I do a migration (directory change) of a subscription from one tenant to another. Usually the user who does the "Change Directory"…
AuthorizationPermissionMismatch error when accessing blob file with indirect permission in RBAC
Hi, I'm using BlobContainerClient for accessing blobs from code (C#) private async Task<BlobClient> GetBlobClientAsync(string blobName, string container, CancellationToken cancellationToken) { var containerClient = await…
need to remove RBAC role when try to delete resource group before
In azure, i want to delete resource group. It is need to remove RBAC role that has been assignment to this resource group first? And then i can delete resource group. And it will release that RBAC role what has assignment on this resource group?
"Storage account - Container - Directory permissions for viewing for a single folder user."
Good morning community, I'm seeking assistance. I want to grant permissions in a storage account so that an external user can only view a specific folder that I have hosted in a container. But so far, I haven't been able to achieve it, as I've tried in…
role based access control in azure using cosmosdb
Hi i need to create role based access using json file of my company employees data which is stored as items in a container in azure cosmos db. All employees data stored in Json format. i am still confused how achieve this in azure. i am creating this…
How to assign Reader role to a member within my subscription when only Owner role populates?
How to assign Reader role to a member within my subscription when only Owner role populates? I am trying to assign the Reader role to a member that populates within my subscription. No options show other than Owner, which is not appropriate for this…
Restricting read and run access to Azure Data Factory individual pipeline
Hello, Our data team support multiple research teams. We create ADF pipelines for researchers under one resource group (because it all falls under one research purpose). Since researchers aren't well-versed with Azure, we want to make sure they don't…
Questions wrt mail with subject "Transition to role-based access control (RBAC) in Azure by 31 August 2024"
I received an email about classis administrator roles starting with: On 31 August 2024, Azure classic administrator roles will be retired. If your organization has active Co-Administrator or Service Admin roles, you'll need to transition to using Azure…
How to lock the Vnet peerings like we lock the the resources in resource group once after we create them?
To prevent unauthorized peerings to other Vnets after creation, it's essential to lock the peerings to restrict access for other users from creating unnecessary peerings. How to do that? Can anyone help me out with this? Thanks.
Move Subscription to Management Group
Hi Team, We have created management groups (have Owner access) and have a few subscriptions with Owner access. When we try to move the subscriptions to the management groups from portal , getting error as below Add subscription failed. An error…
How to create an alert for azure storage account if there is data action permissions assigned to a custom role or a built in role
I want to create an alert using a Kusto query when a custom role is assigned data action permissions for azure storage account or a current role is modified with the data action permissions for the azure storage account
I need to create a policy that blocks sign in of M365 accounts if MFA is not enabled, How do I do this?
Hi, as described above, I need to create a policy that blocks sign in of office 365 accounts, if the account in question does not have MFA enabled on it, how can I achieve this? Thanks!
Azure Subscription showing Owner role identity not found.
Hello, I am facing a strange issue. When I am checking my Azure Subscription, Access control (IAM) - The owner role is showing - Identity not found, Unable to find identity. Here is the screenshot. Can you help? Thanks, Anuraj
Best way to give access to external group of users
Hello What's the proper way to give access to external group of users? Let's say there are 2 accounts: Client and Company. Company have many employees that need access to client account. Everyone with the same privileges. In AWS Company have…
Transition from Azure classic administrator roles to RBAC roles
I received an email stating: Action required: Transition from Azure classic administrator roles to RBAC roles. I'm not very familiar with this, so I need very specific guidance. In my research, I saw that if I mess this up, I could get locked out of my…