Transition to role-based access control (RBAC) in Azure by 31 August 2024

Raghavendra Mamidi 10 Reputation points
2024-03-12T11:21:21.1366667+00:00

Hi I got a mail like below:
Transition to role-based access control (RBAC) in Azure by 31 August 2024

Can you please tell me how can i make RBAC in Aure.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,447 questions
{count} vote

4 answers

Sort by: Most helpful
  1. Ben Gimblett 3,410 Reputation points Microsoft Employee
    2024-03-12T11:52:24.52+00:00

    Hi Thanks for the question . I think the email you're referring to is this:

    Transition to role-based access control (RBAC) in Azure by 31 August 2024 You're receiving this notice because you use Azure classic administrator roles. On 31 August 2024, Azure classic administrator roles will be retired. If your organization has active Co-Administrator or Service Admin roles, you'll need to transition to using Azure RBAC roles by then. (All Azure classic resources and Azure Service Manager will also be retired on that date.) You may continue using these Azure classic admin roles until they're retired. However, starting 3 April 2024, you'll no longer be able to add new Co-Administrator roles through the Azure portal. Required action
    To avoid potential disruptions in service, transition any classic admin roles that still need access to your subscription to an Azure RBAC role by 31 August 2024, when classic admin roles will no longer be supported ....

    Which links to an informational page here which explains how to plan for transition https://learn.microsoft.com/en-us/azure/role-based-access-control/classic-administrators#prepare-for-co-administrators-retirement

    Essentially you are being notified that one or more user accounts for one or more Azure Subscriptions you manage has an administrator and/or co-administrator assignment.

    As the email explains RBAC (or Roles Based Access Control) , see here for overview: https://learn.microsoft.com/en-us/azure/role-based-access-control/overview replaces the original (classic) admin accounts and provides you far more granular access control and it therefore much more secure as you can implement least privilege , assigning directly or delegating users only enough permission to achieve their objectives.

    To understand more about RBAC there are some helpful guides including:
    How to check who has access https://learn.microsoft.com/en-us/azure/role-based-access-control/check-access
    And how to grant access https://learn.microsoft.com/en-us/azure/role-based-access-control/quickstart-assign-role-user-portal

    Hope this helps you


  2. Izhan Jamal 0 Reputation points
    2024-03-12T12:26:06.74+00:00

    Do we simply need to transition the user with co-admin access to role-based access, assigning them only the necessary roles?


  3. Raghavendra Mamidi 10 Reputation points
    2024-03-12T13:08:09.21+00:00

    Can you please check the below image and confirm we should Add the role assignment?


  4. Raghavendra Mamidi 10 Reputation points
    2024-03-12T13:08:27.75+00:00

    Can you please check the below image and confirm we should Add the role assignment?