Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
806 questions
1 answer
Is role inheritance applied to resources in the Resource Group?
Hello, I have a regarding role inheritance that I would like to get your help. Is role inheritance applied to resources in the the resource group? Thanks, Dun
asked 2024-10-01T17:34:31.62+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 48%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETM%3C/text%3E%3C/svg%3E)
Tran, Minh
20
Reputation points
answered 2024-10-01T18:04:25.0333333+00:00
TP
93,686
Reputation points
2 answers
Unable to set 'server parameters' in Postgres SQL Flexible Server on Azure
HI All, I'm trying to set a dynamic parameter, require_secure_transport parameter on Azure Database for PostgreSQL flexible server. I've got contributor rights but getting the following error. The client 'xxx@xxx.xxx' with object id 'xxx' does not have…
asked 2024-09-24T02:18:19.9+00:00
Danny Chuah
20
Reputation points
commented 2024-10-01T15:16:57.9166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 69%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESR%3C/text%3E%3C/svg%3E)
Sai Raghunadh M
310
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Can the role "Authentication Administrator" configure passwordless authentication?
With the task: "You need to configure passwordless authentication. The solution must follow the principle of least privilege." Which role should be assigned to complete the task? I would say Authentication administrator, but the…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 72%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELV%3C/text%3E%3C/svg%3E)
2 answers
No puedo acceder al código de 6 dígitos que se debería mostrar en la aplicación de autentificación
Soy estudiante y hace unos meses para entrar a teams o correos de educa.removed.es me pedía un código de 6 dígitos, me instalé la aplicación de autentificación y todo estaba bien pero me cambié de móvil y no hice copia de seguridad por lo tanto no se…
asked 2024-09-29T10:35:46.1366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 28.999999999999996%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJP%3C/text%3E%3C/svg%3E)
Juanjo Prado Esteban
0
Reputation points
answered 2024-10-01T05:03:24.1466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Sandeep G-MSFT
19,011
Reputation points Microsoft Employee
1 answer
Guest users granted contributor role do not receive automatically e-mail invitation
I am trying to understand if this a problem for other people or I am doing a mistake somewhere. When I was allocating contributor role from Azure Subscriptions - Access Control menu to guest users, it says clearly in the activity logs that the guest user…
asked 2024-09-18T09:07:57.6933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 83%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
devschool_mihaib
0
Reputation points
commented 2024-09-30T21:44:18.2233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 1%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
Patchfox
3,921
Reputation points
0 answers
I have a new connection is working as expected for the SSO but the Single logoff is causing it to loop back to sign on.
I have a new connection is working as expected for the SSO but the Single logoff is causing it to loop back to sign on. Any suggestions on how to stop that action.
asked 2024-09-17T17:22:45.9466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 94%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETN%3C/text%3E%3C/svg%3E)
Thomas, Nathan Bernard [External]
0
Reputation points
commented 2024-09-30T21:00:50.2766667+00:00
Thomas, Nathan Bernard [External]
0
Reputation points
1 answer
One of the answers was accepted by the question author.
What roles does my user need to have assigned in order to be able to create custom roles (RBAC)?
Hi everyone, I'm trying to create a custom role for users to be able to start/restart/stop the VMs they have access to, following this article. However, when I try to create a custom role from Azure CLI, I'm getting the following error: The client xxx…
asked 2024-09-25T14:15:03.09+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 74%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENR%3C/text%3E%3C/svg%3E)
Nicolas Raddatz
20
Reputation points
commented 2024-09-30T18:11:38.4766667+00:00
Nicolas Raddatz
20
Reputation points
0 answers
How can you access Azure resources using user-assigned managed identities within Azure Databricks?
We're trying to move to using managed identities where we can. Is it possible to use user-assigned managed identities to access resources such as sql server databases, application insights, log analytics etc. through Azure Databricks? We thought added…
asked 2024-09-24T00:51:08.3666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 15%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Aatish Master
0
Reputation points
commented 2024-09-30T04:38:06.26+00:00
PRADEEPCHEEKATLA-MSFT
89,296
Reputation points Microsoft Employee
1 answer
Level 2 AD Group & SQL server Microsoft Entra admin group & usage of IS_MEMBER for Row Level Security
Currently we are running into an issue developing Row Level Security since the IS_MEMBER does not work for the Microsoft Entra Admin group setup for that SQL server.…
asked 2024-09-06T05:57:57.62+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 45%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Sandeep Kumar
0
Reputation points
commented 2024-09-27T18:41:43.16+00:00
James Hamil
24,571
Reputation points Microsoft Employee
1 answer
Received error - "AADSTS399266: Blob grant token received with wrong issuer type."
I am trying to use the code from this microsoft learn page - https://learn.microsoft.com/en-us/samples/azure-samples/ms-identity-ciam-javascript-tutorial/ms-identity-ciam-javascript-tutorial-0-call-api-vanillajs/ and configure the Ids. When trying to…
asked 2024-09-05T20:42:40.4133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 39%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENB%3C/text%3E%3C/svg%3E)
Narisetti, Bernard
0
Reputation points
commented 2024-09-27T18:41:30.44+00:00
James Hamil
24,571
Reputation points Microsoft Employee
1 answer
Unable to add non-Global Admin account to sign in to a Windows PC
I am helping a small company who signed up for Microsoft 365 to use Office applications. The domain mydomain.com has been created at Microsoft 365 and Exchange is running fine. Users are using their Microsoft 365 accounts to log in to office.com to…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 57.99999999999999%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKK%3C/text%3E%3C/svg%3E)
0 answers
Is it safe to add the global "Microsoft Azure App Service" to Key Vault Role Assignments
Unfortunately, it seems that KeyVault Certificates are currently still in an unstable state where RBAC is not properly implemented. Further details of the specifics and a solution to the problem can be seen here…
asked 2024-09-25T12:45:50.4366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 6%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERD%3C/text%3E%3C/svg%3E)
Robbie Dyer
0
Reputation points
edited the question 2024-09-26T10:48:21.6566667+00:00
Robbie Dyer
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Could you explain how to configure the following virtual machine settings?
To address the tasks you've outlined, here's a structured approach: For restricting demoVM1's access to only Facebook and YouTube, implement URL filtering rules on the network device or use a firewall policy that only allows these URLs. To create a…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 66%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
1 answer
I have a Azure para estudiantes: Starter subscription in a directory but i need to change it or move it to another directory
so I have a Azure para estudiantes: Starter subscription in a directory but i need to change it or move it to another directory, is it possible to move it? Because I have my tenant already setted down in my directory named Active Directory domain:…
asked 2024-09-24T16:24:42.0666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 98%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFN%3C/text%3E%3C/svg%3E)
Fabián Alarcon
0
Reputation points
commented 2024-09-26T03:16:45.0633333+00:00
Sandeep G-MSFT
19,011
Reputation points Microsoft Employee
1 answer
How to Restrict Azure Storage Access to Specific Domains Similar to Cloudflare's WAF?
I'm using Azure Blob Storage to host images for my website, and I want to ensure that only my specified domain(s) can access these images. Essentially, I need to block all access from other domains, similar to how Cloudflare's Web Application Firewall…
asked 2024-09-24T05:31:44.9566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 92%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPM%3C/text%3E%3C/svg%3E)
Phạm Trung
0
Reputation points
answered 2024-09-24T23:49:18.0933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 98%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKM%3C/text%3E%3C/svg%3E)
KarishmaTiwari-MSFT
20,037
Reputation points Microsoft Employee
2 answers
What is equivalent of azure classic RBAC co-administrator role ?
What is equivalent of azure classic RBAC co-administrator role ?
asked 2024-09-16T11:10:22.4633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 43%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESY%3C/text%3E%3C/svg%3E)
Srinivas Yerubandi
0
Reputation points
commented 2024-09-24T09:58:14.4733333+00:00
Sandeep G-MSFT
19,011
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
I noticed my directory under INSTECH CONSULTING
After I create my Azure account using my personal email, I noticed my directory under INSTECH CONSULTING. However, I do not recognize this company. I checked at Azure Entra ID, I found this company name with 2049 users and 18 groups. Please advise if…
asked 2024-08-28T13:54:51.6+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 10%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENA%3C/text%3E%3C/svg%3E)
Naqib Asri
20
Reputation points
accepted 2024-09-24T09:12:27.8066667+00:00
Naqib Asri
20
Reputation points
2 answers
One of the answers was accepted by the question author.
I need to assign a policy to the tenant root management group from a new user account.
what is the role needed for the user? How to do it?
asked 2024-05-01T18:56:11.2833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 2%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELC%3C/text%3E%3C/svg%3E)
Linares Carramolino, Maria Concepción
20
Reputation points
commented 2024-09-23T20:21:54.6666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 96%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDA%3C/text%3E%3C/svg%3E)
Dan Alden
0
Reputation points
1 answer
Impossible operate on my Azure Free account
Hi all, after deleted erroneously some role from my user, I'm no longer able to operate with my subscription/account. I deleted some role from my user and now it seems be blocked. I'm not able to add permission/role again. It's a deadlock. I'm trying to…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 36%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
How to capture Error like Get-AzRoleAssignment : Operation returned an invalid status code 'NotFound' and do some activity in if-else block based on this error
How to capture Error like Get-AzRoleAssignment : Operation returned an invalid status code 'NotFound' and do some activity in if-else block based on this error
asked 2024-09-20T11:32:46.0666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 28.000000000000004%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERH%3C/text%3E%3C/svg%3E)
Rituparna Hazra (Digital)
20
Reputation points
edited the question 2024-09-23T03:55:21.5733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Givary-MSFT
32,501
Reputation points Microsoft Employee