Hello @viji.e and welcome to Microsoft Q&A.
While you cannot "turn off" inheritance, you can use "Deny Assignments" to block it. Please read more about Deny Assignments here.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I have created a storage account with hierarchical namespace enabled and by default it inherits the role assignments from subscription and resource group level. If User/Group is added to the subscription/resource group, they are automatically added to IAM of storage acccount. But we want to control this. Can you please let me know how we can disable this inheritance?
Hello @viji.e and welcome to Microsoft Q&A.
While you cannot "turn off" inheritance, you can use "Deny Assignments" to block it. Please read more about Deny Assignments here.
@MartinJaffer-MSFT , I had already gone through the link and didn't find it useful. It doesn't say how to create Azure Blueprints for Deny Assignments. Can you share the steps on how to create deny assignments using Azure Blueprint?