I need to create a policy that blocks sign in of M365 accounts if MFA is not enabled, How do I do this?
Hi, as described above, I need to create a policy that blocks sign in of office 365 accounts, if the account in question does not have MFA enabled on it, how can I achieve this? Thanks!
Granting permission to managed identity for PIM approvals
I am building a logic app that will send adaptive cards in teams to PIM role approvers when a user requests to activate it. However, I am unable to find a way to allow a managed identity within the logic app to authenticate via the graph API to approve…
As a global administrator, my access seems to be limited
It seems having some issues with using azure portal starting today, the account of our company seems to be limited to access those features that we normally used in the past. Please see the following screenshots and help us out, thank you.
Deleted Virtual Network restricting access of my Global Admin account
Hi, I have an issue where if I try to run certain commands or do certain actions I am being blocked from doing so. When running commands in Powershell, such as "Set-AzWebApp", I get a "BadRequest" error. It becomes a little clearer…
How to transition from classic administrators to RBAC for a one-man shop?
I am the only Owner and the only Service administrator for the subscription. There are no Co-Administrators. What should I do to carry out the instruction in the email, "Action required: Transition from Azure classic administrator roles to RBAC…
Problem to generate blob storage SAS-token in WebApp
Hi, First I want to let you know that I'm beginner with Azure. I have a problem to generate SAS-token (view-access token) for my blob storage container in my webapp server code. I'll get an 403 (unauthorized) error when trying to generate the token. I…
I want Global Reader access but no access to subscription billing information // Or need to know if I can see actual billing cost related information with Read access
microsoft.commerce.billing/allEntities/allProperties/readRead all resources of Office 365 billingmicrosoft.commerce.billing/allEntities/allProperties/readRead all resources of Office 365 billingmicrosoft.commerce.billing/purchases/standard/readRead…
How to transition from classic administrators to RBAC for a one-man shop?
I am the only Owner and the only Service administrator for the subscription. There are no Co-Administrators. What should I do to carry out the instruction in the email, "Action required: Transition from Azure classic administrator roles to RBAC…
Do I need to migrate my classic admin to RBAC?
I have one classic administrator and no co-admins. Do I need to migrate my classic admin to RBAC?
Azure Subscription showing Owner role identity not found.
Hello, I am facing a strange issue. When I am checking my Azure Subscription, Access control (IAM) - The owner role is showing - Identity not found, Unable to find identity. Here is the screenshot. Can you help? Thanks, Anuraj
Best way to give access to external group of users
Hello What's the proper way to give access to external group of users? Let's say there are 2 accounts: Client and Company. Company have many employees that need access to client account. Everyone with the same privileges. In AWS Company have…
I am trying to create alert when someone changes the IAM RBAC roles or permissions on azure storage accounts using Kusto query. Can anyone help me in correcting the below KQL query.
| where OperationNameValue == AzureActivity | where ResourceProviderValue contains "Microsoft.storage" and CategoryValue contains "Administrative" | where OperationNameValue…
Unable to run "az deployment mg create" on Tenant Root Group
Trying to deploy a management group structure via Bicep starting 1 level down from "Tenant Root Group". CLI command az deployment mg create needs to target the Tenant Root Group (which has the same ID as the Tenant ID as per…
How to convert / transition classic admin roles to Azure RBAC role
I have received an email from MS advising that classic admin roles will be retired and that I must convert to azure RBAC roles. Cannot find how to do this. Step by step help appreciated.
Transition to role-based access control (RBAC) in Azure by 31 August 2024
Hi We have received an email regarding the retirement of classic admins by Aug 31, 2024. Based on the resources provided in the email it is not clear how to deal with the "Service Administrator" it only mentioned about co-administrator.
Segregate management and operations of Defender for Cloud
I have a business requirement to segregate the management and operations of Defender for Cloud for multiple subscriptions in a single tenant structure. Currently for all subscriptions, Defender for Cloud is managed by users assigned with Security Admin…
Transition to role-based access control (RBAC) in Azure
On 31 August 2024, Azure classic administrator roles will be retired. If your organization has active Co-Administrator or Service Admin roles, you'll need to transition to using Azure RBAC roles by then. (All Azure classic resources and Azure Service…
Transition from Azure classic administrator roles to RBAC roles
I received an email stating: Action required: Transition from Azure classic administrator roles to RBAC roles. I'm not very familiar with this, so I need very specific guidance. In my research, I saw that if I mess this up, I could get locked out of my…
Azure problem with Roles access
Have wired behavior of Azure portal, i have a /Assigned roles -> Authentication Administrator but i dont have a permission to change Authentication methods. Why i`m admin of everything in my account, i`m a owner
Facing issue while creating resource group
Hi Folks can anyone help me for following issue i have pay-as-you go model subscription and my subscription is in active state. but when im trying to create resource group it shows thrown the error like You do not have permissions to create resource…