![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 77%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZY%3C/text%3E%3C/svg%3E)
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 92%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hello Zhijing Ye,
As discussed over the call, this is happening because your role assignment has a condition applied. With this setup, you’re only allowed to assign a limited set of roles, so roles like Search Index Data Reader won’t appear in the list.
The condition filters which roles you can see and assign. If a role isn’t included in that condition, it won’t be visible in IAM even though it exists.
To resolve this, someone with sufficient permissions needs to update your access. They can either remove the condition if it’s not required, or add Search Index Data Reader to the allowed roles. Once updated, the role will appear during assignment.
This is due to the RBAC condition on your access, not an issue with Azure AI Search. I’ve also shared the details of a user who has permanent access without conditions. You can check with them to help update this.