Custom RBAC for Web App

Mas023 10 Reputation points
2023-03-31T12:43:27.07+00:00

Hello,

I'm creating a custom role so that my DevTestLab users can configure the Deployment Source of their application. I have added the types below to the built-in DevTest Lab User role, but it doesn't work.

                    "microsoft.web/sites/deployments/delete",
                    "microsoft.web/sites/deployments/read",
                    "microsoft.web/sites/deployments/write",
                    "microsoft.web/sites/config/*",
                    "Microsoft.Web/sites/slots/Write",
                    "microsoft.web/sites/slots/deployments/delete",
                    "microsoft.web/sites/slots/deployments/read",
                    "microsoft.web/sites/slots/deployments/write",
                    "Microsoft.Web/sites/slots/publish/Action"

Can you please help me find out what I'm missing? I would also appreciate it if you have any tips on how in the future, I can find the correct permission for the role.

Thank you!

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
687 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,048 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Grmacjon-MSFT 16,776 Reputation points
    2023-04-04T04:40:27.0233333+00:00

    Hi @Mas023 we are sorry to hear you're facing this issue while trying to create custom roles. It looks like you have the right configurations. Is the application you are trying to configure the Deployment Source for is only for an Azure Web App? have you checked the Azure AD logs to see if there are any errors or permission issues being logged? can you please share the Azure doc you followed to set up Azure RBAC permissions? -Grace

    0 comments No comments