Custom Roles Azure

Rakesh Chand Sharma 1 Reputation point

I created a custom role in azure at the management group level with following access to a particular Azure AD user

Create virtual machine, Delete virtual Machine
Create Virtual network, Delete virtual network

Now when i login to portal with the user , iam unable to see the existing VM and virtual network.

Kindly suggest if any other permission need to be provided.

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
450 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Marilee Turscak-MSFT 24,056 Reputation points Microsoft Employee

    Hi @Rakesh Chand Sharma ,

    Make sure you have "read" permissions assigned. For the VM creation and deletion you need:


    For the virtual networks you need:


    Alternatively, you can assign the built-in Virtual Machine Contributor role to your user, which allows the user to create and delete virtual machines.

    See: Azure Resource Provider Operations

    0 comments No comments