635 questions with Azure Role-based access control tags

Sort by: Updated
1 answer

I need to create a policy that blocks sign in of M365 accounts if MFA is not enabled, How do I do this?

Hi, as described above, I need to create a policy that blocks sign in of office 365 accounts, if the account in question does not have MFA enabled on it, how can I achieve this? Thanks!

Office
Office
A suite of Microsoft productivity software that supports common business tasks, including word processing, email, presentations, and data management and analysis.
1,230 questions
Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
Microsoft Entra
asked 2024-03-19T09:06:40.5033333+00:00
Alex West 0 Reputation points
answered 2024-03-19T10:54:08.3033333+00:00
Andy David - MVP 139.4K Reputation points MVP
0 answers

Granting permission to managed identity for PIM approvals

I am building a logic app that will send adaptive cards in teams to PIM role approvers when a user requests to activate it. However, I am unable to find a way to allow a managed identity within the logic app to authenticate via the graph API to approve…

Microsoft Identity Manager
Microsoft Identity Manager
A family of Microsoft products that manage a user's digital identity using identity synchronization, certificate management, and user provisioning.
590 questions
Azure Logic Apps
Azure Logic Apps
An Azure service that automates the access and use of data across clouds without writing code.
2,750 questions
Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,958 questions
asked 2024-03-15T17:54:22.8466667+00:00
Jack S 0 Reputation points
commented 2024-03-19T10:34:46.1166667+00:00
MayankBargali-MSFT 67,291 Reputation points
2 answers

As a global administrator, my access seems to be limited

It seems having some issues with using azure portal starting today, the account of our company seems to be limited to access those features that we normally used in the past. Please see the following screenshots and help us out, thank you.

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
asked 2024-03-13T20:04:29.37+00:00
It civica 0 Reputation points
commented 2024-03-19T07:17:50.5233333+00:00
Sandeep G-MSFT 13,821 Reputation points Microsoft Employee
1 answer

Deleted Virtual Network restricting access of my Global Admin account

Hi, I have an issue where if I try to run certain commands or do certain actions I am being blocked from doing so. When running commands in Powershell, such as "Set-AzWebApp", I get a "BadRequest" error. It becomes a little clearer…

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,636 questions
Azure Static Web Apps
Azure Static Web Apps
An Azure service that provides streamlined full-stack web app development.
723 questions
asked 2024-03-18T09:05:04.4966667+00:00
Lukasz Maliszewski 0 Reputation points
commented 2024-03-19T05:11:22.86+00:00
VenkateshDodda-MSFT 17,191 Reputation points Microsoft Employee
1 answer One of the answers was accepted by the question author.

How to transition from classic administrators to RBAC for a one-man shop?

I am the only Owner and the only Service administrator for the subscription. There are no Co-Administrators. What should I do to carry out the instruction in the email, "Action required: Transition from Azure classic administrator roles to RBAC…

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
asked 2024-03-12T06:59:40.5033333+00:00
Bruce Haley 75 Reputation points
accepted 2024-03-18T18:44:40.88+00:00
Bruce Haley 75 Reputation points
1 answer

Problem to generate blob storage SAS-token in WebApp

Hi, First I want to let you know that I'm beginner with Azure. I have a problem to generate SAS-token (view-access token) for my blob storage container in my webapp server code. I'll get an 403 (unauthorized) error when trying to generate the token. I…

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,069 questions
Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,346 questions
Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
asked 2024-03-18T16:14:03.3+00:00
Anton Tokola 0 Reputation points
answered 2024-03-18T16:32:24.8166667+00:00
Amrinder Singh 1,260 Reputation points Microsoft Employee
2 answers

I want Global Reader access but no access to subscription billing information // Or need to know if I can see actual billing cost related information with Read access

microsoft.commerce.billing/allEntities/allProperties/readRead all resources of Office 365 billingmicrosoft.commerce.billing/allEntities/allProperties/readRead all resources of Office 365 billingmicrosoft.commerce.billing/purchases/standard/readRead…

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
asked 2024-03-18T08:41:50.1+00:00
Amar Nath Tiwari 20 Reputation points
edited the question 2024-03-18T12:48:06.9+00:00
OMMI NAVEEN KUMAR 185 Reputation points Microsoft Vendor
1 answer One of the answers was accepted by the question author.

How to transition from classic administrators to RBAC for a one-man shop?

I am the only Owner and the only Service administrator for the subscription. There are no Co-Administrators. What should I do to carry out the instruction in the email, "Action required: Transition from Azure classic administrator roles to RBAC…

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
asked 2024-03-12T06:56:39.5733333+00:00
Bruce Haley 75 Reputation points
accepted 2024-03-16T17:23:47.0266667+00:00
Bruce Haley 75 Reputation points
1 answer

Do I need to migrate my classic admin to RBAC?

I have one classic administrator and no co-admins. Do I need to migrate my classic admin to RBAC?

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
asked 2024-03-15T21:39:51.89+00:00
Caption Crew 0 Reputation points
answered 2024-03-16T02:05:26.6233333+00:00
Vahid Ghafarpour 15,900 Reputation points
1 answer

Azure Subscription showing Owner role identity not found.

Hello, I am facing a strange issue. When I am checking my Azure Subscription, Access control (IAM) - The owner role is showing - Identity not found, Unable to find identity. Here is the screenshot. Can you help? Thanks, Anuraj

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
asked 2024-03-15T13:22:21.61+00:00
Anuraj 146 Reputation points MVP
commented 2024-03-15T14:15:08.8666667+00:00
Stanislav Zhelyazkov 19,761 Reputation points MVP
1 answer One of the answers was accepted by the question author.

Best way to give access to external group of users

Hello What's the proper way to give access to external group of users? Let's say there are 2 accounts: Client and Company. Company have many employees that need access to client account. Everyone with the same privileges. In AWS Company have…

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,958 questions
asked 2024-03-14T13:33:16.8866667+00:00
BloodDeath 20 Reputation points
accepted 2024-03-15T12:22:14.8533333+00:00
BloodDeath 20 Reputation points
2 answers

I am trying to create alert when someone changes the IAM RBAC roles or permissions on azure storage accounts using Kusto query. Can anyone help me in correcting the below KQL query.

| where OperationNameValue == AzureActivity | where ResourceProviderValue contains "Microsoft.storage" and CategoryValue contains "Administrative" | where OperationNameValue…

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
2,715 questions
Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,580 questions
Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
asked 2024-03-10T07:51:14.6233333+00:00
Sahith Thatipalli 0 Reputation points
commented 2024-03-15T08:10:36.6133333+00:00
SwathiDhanwada-MSFT 16,966 Reputation points
1 answer One of the answers was accepted by the question author.

Unable to run "az deployment mg create" on Tenant Root Group

Trying to deploy a management group structure via Bicep starting 1 level down from "Tenant Root Group". CLI command az deployment mg create needs to target the Tenant Root Group (which has the same ID as the Tenant ID as per…

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
770 questions
asked 2024-03-12T03:36:40.1733333+00:00
Jose-Paolo Roldan 20 Reputation points
commented 2024-03-15T08:02:03.4766667+00:00
SwathiDhanwada-MSFT 16,966 Reputation points
1 answer

How to convert / transition classic admin roles to Azure RBAC role

I have received an email from MS advising that classic admin roles will be retired and that I must convert to azure RBAC roles. Cannot find how to do this. Step by step help appreciated.

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
asked 2024-03-14T19:42:59.3233333+00:00
Hugh Williams 0 Reputation points
answered 2024-03-15T05:46:23.1733333+00:00
Sandeep G-MSFT 13,821 Reputation points Microsoft Employee
1 answer

Transition to role-based access control (RBAC) in Azure by 31 August 2024

Hi We have received an email regarding the retirement of classic admins by Aug 31, 2024. Based on the resources provided in the email it is not clear how to deal with the "Service Administrator" it only mentioned about co-administrator.

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
asked 2024-03-14T22:26:53.7366667+00:00
Gaurang Patel 96 Reputation points
answered 2024-03-15T05:04:54.52+00:00
Sandeep G-MSFT 13,821 Reputation points Microsoft Employee
1 answer

Segregate management and operations of Defender for Cloud

I have a business requirement to segregate the management and operations of Defender for Cloud for multiple subscriptions in a single tenant structure. Currently for all subscriptions, Defender for Cloud is managed by users assigned with Security Admin…

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
asked 2024-03-13T08:04:43.1766667+00:00
Faiz Azhar 0 Reputation points
answered 2024-03-14T08:11:08.3133333+00:00
Stanislav Zhelyazkov 19,761 Reputation points MVP
2 answers

Transition to role-based access control (RBAC) in Azure

On 31 August 2024, Azure classic administrator roles will be retired. If your organization has active Co-Administrator or Service Admin roles, you'll need to transition to using Azure RBAC roles by then. (All Azure classic resources and Azure Service…

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
asked 2024-03-13T20:44:06.49+00:00
ROY TRUE 0 Reputation points
answered 2024-03-14T07:13:11.8633333+00:00
Sandeep G-MSFT 13,821 Reputation points Microsoft Employee
1 answer One of the answers was accepted by the question author.

Transition from Azure classic administrator roles to RBAC roles

I received an email stating: Action required: Transition from Azure classic administrator roles to RBAC roles. I'm not very familiar with this, so I need very specific guidance. In my research, I saw that if I mess this up, I could get locked out of my…

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
asked 2024-03-13T17:20:32.3633333+00:00
Searchlight Admin 31 Reputation points
accepted 2024-03-14T01:20:07.1133333+00:00
Searchlight Admin 31 Reputation points
1 answer

Azure problem with Roles access

Have wired behavior of Azure portal, i have a /Assigned roles -> Authentication Administrator but i dont have a permission to change Authentication methods. Why i`m admin of everything in my account, i`m a owner

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,958 questions
asked 2024-03-07T17:32:45.81+00:00
Yevhen Veprytskyi 0 Reputation points
commented 2024-03-13T19:12:38.0233333+00:00
JamesTran-MSFT 36,316 Reputation points Microsoft Employee
1 answer One of the answers was accepted by the question author.

Facing issue while creating resource group

Hi Folks can anyone help me for following issue i have pay-as-you go model subscription and my subscription is in active state. but when im trying to create resource group it shows thrown the error like You do not have permissions to create resource…

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
635 questions
asked 2024-03-13T11:28:13.9533333+00:00
Nagaraju Ch 40 Reputation points
commented 2024-03-13T11:37:52.1166667+00:00
Nagaraju Ch 40 Reputation points