Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
911 questions
1 answer
One of the answers was accepted by the question author.
Co-Administrator has no access to create users and assign roles
I am a co-administrator for an account on which the administrator is non-technical. I am trying to convert our current administrator profiles into RBAC and the process is failing - the system suggests I have insufficient privileges for most operations…
asked Mar 31, 2025, 10:34 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 28.999999999999996%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDM%3C/text%3E%3C/svg%3E)
Darren McBride
0
Reputation points
edited a comment Apr 1, 2025, 10:03 PM
Darren McBride
0
Reputation points
2 answers
Convert to Azure role-based access control (RBAC)
We got an email with subject "Immediate action required: Convert Azure classic administrator roles to Azure RBAC roles" but we can't do it, Azure portal shows an error. Any idea on how to solve this? azure-2.png
asked Mar 19, 2025, 5:49 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 43%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAR%3C/text%3E%3C/svg%3E)
Arnoldo Rodriguez Barragan
5
Reputation points
answered Apr 1, 2025, 7:23 PM
Arnoldo Rodriguez Barragan
5
Reputation points
1 answer
Received email to convert to RBAC but have no classic roles
Received an email titled "Immediate action required: Convert Azure classic administrator roles to Azure RBAC roles" on 18.03.2025 which states "You're receiving this additional notice because you use Azure classic administrator…
asked Mar 31, 2025, 3:42 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 96%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEL%3C/text%3E%3C/svg%3E)
Erica Lewis
0
Reputation points
edited a comment Apr 1, 2025, 7:14 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Navya
17,165
Reputation points Microsoft External Staff
0 answers
Unable to update role settings
I get an error when trying to update role settings on one of our subscriptions. I have owner and user access admin access to the subscription. I have also logged out and in several times to refresh my session. I have tried updating multiple settings and…
asked Mar 26, 2025, 6:27 AM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 91%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZM%3C/text%3E%3C/svg%3E)
Zachariah March Admin
0
Reputation points
commented Apr 1, 2025, 5:07 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 68%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKS%3C/text%3E%3C/svg%3E)
Kancharla Saiteja
2,135
Reputation points Microsoft External Staff
0 answers
External user can't access Azure
I gave access to an external user who accepted the invite. When they try to log in with their credentials they receive the following error message. Additional details: User type: Member Invitation State: Accepted Account enabled: Yes
asked Mar 24, 2025, 9:28 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 19%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESN%3C/text%3E%3C/svg%3E)
Scott Nunez
0
Reputation points
commented Apr 1, 2025, 10:11 AM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 22%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESD%3C/text%3E%3C/svg%3E)
Sakshi Devkante
2,125
Reputation points Microsoft External Staff
1 answer
One of the answers was accepted by the question author.
access denied in azure after to converting to Azure role-based access control (RBAC)
Hello everyone, I am writing to you because a few days ago I received the email with the following subject: "Convert to Azure role-based access control (RBAC) " "Azure classic administrator roles were retired on 31 August 2024 and are no…
asked Mar 28, 2025, 2:12 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 20%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFA%3C/text%3E%3C/svg%3E)
Frank-Azure
25
Reputation points
commented Mar 31, 2025, 8:47 AM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 5%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
SrideviM
1,725
Reputation points Microsoft External Staff
1 answer
Azure ARM policy to deny role assignments only for resource group owners not for admins and Sub owners
I have a requirement where I need to deny only owners of the resource group to do new role assignments or changes to existing role assignments. Resource group contributors and readers anyways cannot do any role assignments/modifications. Role…
asked May 20, 2022, 12:13 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 7.000000000000001%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENB%3C/text%3E%3C/svg%3E)
Nazeer Basha
6
Reputation points
edited a comment Mar 31, 2025, 7:46 AM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 75%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Ananya Shrivastava
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Help on APIs and Permissions
I am using Privileged Identity Management (PIM) for Microsoft Entra Roles. I have granted users to the Global Reader, SharePoint Administrator, Teams Administrator, and Exchange Administrator roles. I am looking for APIs that can fetch all users who have…
asked Mar 16, 2025, 12:06 AM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 72%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERR%3C/text%3E%3C/svg%3E)
Roger Roger
7,001
Reputation points
accepted Mar 29, 2025, 9:31 PM
Roger Roger
7,001
Reputation points
2 answers
One of the answers was accepted by the question author.
Transition to role-based access control (RBAC) in Azure by 31 August 2024 - no clear steps
Received the above email, but no clear steps. I only have a service administrator account in the "Classic Administrators" section. How do we migrate this acct to RBAC. What are the roles to use in RBAC so that it is similar as before. Do we…
asked Mar 13, 2024, 3:23 AM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 11%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECK%3C/text%3E%3C/svg%3E)
Chua Khoon Yong
46
Reputation points
edited a comment Mar 28, 2025, 10:59 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 0%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERK%3C/text%3E%3C/svg%3E)
Rose Kenner
0
Reputation points
3 answers
az ad group member list not returning results
In the version "azure-cli 2.40.0", the command "az ad group member list" returns an empty array even though the group has members, this used to work in the previous versions. For the same combination of group and member id the…
asked Sep 8, 2022, 5:27 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
commented Mar 28, 2025, 9:29 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 71%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMR%3C/text%3E%3C/svg%3E)
Mike Raymond
0
Reputation points
1 answer
I am not succeeding in creating new users for my team.
We are a new startup and member of Microsoft for Startups Founders Hub. I am the business leader and Owner of our subscription in Azure, and am trying to create two (2) new users for my developer team. I followed the Microsoft Entra ID process for a New…
asked Mar 20, 2025, 12:41 AM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 34%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERA%3C/text%3E%3C/svg%3E)
Raj Agnihotri-3783
0
Reputation points
commented Mar 28, 2025, 6:37 AM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 89%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHE%3C/text%3E%3C/svg%3E)
Harshitha Eligeti
2,080
Reputation points Microsoft External Staff
1 answer
Assign RBAC role action gave error fail to remove classic administrator
So i navigated to the azure subscription to check the existing classic administrators. I have one service administrator. I click the remediation link "assign RBAC role". I receive the green check marks that the user now has eligible timebound…
asked Mar 18, 2025, 9:42 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 38%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Arcand
0
Reputation points
commented Mar 27, 2025, 9:45 AM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 51%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
Bandela Siri Chandana
1,965
Reputation points Microsoft External Staff
3 answers
One of the answers was accepted by the question author.
Unable to add azure role assignment to resources
Hi, When I try to assign IAM role assignments to a resource the menu option says "disabled" (see screenshot): When I click on "view my access" I can see I appear to have "Contributor" role: My question…
asked May 20, 2022, 11:57 AM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(297.6, 84%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJT%3C/text%3E%3C/svg%3E)
James Thorniley
21
Reputation points
commented Mar 27, 2025, 9:32 AM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 76%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECW%3C/text%3E%3C/svg%3E)
Craig Wallace
0
Reputation points
0 answers
Cannot convert co-admin role to RBAC roles as @outlook account object ID is not guid
Got email message that I should perform a conversion of co-admin role to RBAC role. The account I want to do a conversion for is @outlook.com account, which has an Object ID which is not GUID. Once I start the role conversion, an error pops out that…
asked Mar 19, 2025, 12:07 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 49%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVI%3C/text%3E%3C/svg%3E)
Vladimir Ilic
0
Reputation points
commented Mar 27, 2025, 7:27 AM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 30%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Goutam Pratti
2,565
Reputation points Microsoft External Staff
2 answers
One of the answers was accepted by the question author.
Custom Role creation issue
Trying to create a custom role on RBAC, it saves the role but can't do role assignment. When I try to edit the role, all details show blank.
asked Mar 25, 2025, 4:51 AM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 71%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIV%3C/text%3E%3C/svg%3E)
ITAdmin Varsun
20
Reputation points
accepted Mar 27, 2025, 5:17 AM
ITAdmin Varsun
20
Reputation points
1 answer
Why am I unable to view and assign the owner role in my Azure subscription role assignment
Hi, Why am I unable to view and assign the owner role in my Azure subscription role assignment? I am an RBAC admin, but couldn't assign the owner role. Also, the owner role is not listed when I try to assign the privileged admin roles. Please…
asked Mar 21, 2025, 9:59 AM
Safi Ahmed Choudhury
0
Reputation points
commented Mar 27, 2025, 4:17 AM
Bandela Siri Chandana
1,965
Reputation points Microsoft External Staff
1 answer
Unable to assign RBAC role to Service administrator
Hello, I'm the Service Admin for my Azure account. A colleague some years ago helped me setup the account and I'm no longer in contact with him. I recently received an email to inform me that Classic Admin roles have been deprecated and that I need to…
asked Mar 26, 2025, 5:16 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 86%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Antony McEvoy
0
Reputation points
commented Mar 26, 2025, 11:24 PM
Antony McEvoy
0
Reputation points
2 answers
Action required: Convert Azure classic administrator roles to Azure RBAC roles
Azure classic administrator roles were retired on 31 August 2024 and are no longer supported. If you still have active Co-Administrator or Service Administrator role assignments, convert these roles to Azure RBAC immediately. Required action: To avoid…
asked Jan 9, 2025, 3:53 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 44%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAR%3C/text%3E%3C/svg%3E)
Andrew Rivera (HE/HIM)
10
Reputation points Microsoft Employee
answered Mar 26, 2025, 10:53 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 1%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJW%3C/text%3E%3C/svg%3E)
Jonathan Walker
0
Reputation points
1 answer
One of the answers was accepted by the question author.
I lost a owner access on my azure account. I was unable to anything in my azure account. I accedentally deleted prvileged access on my azure account
I lost Owner access to my Azure account, which has left me unable to perform any administrative actions. This issue occurred because I accidentally deleted Privileged Access permissions. As a result, I no longer have the necessary rights to manage or…
asked Mar 26, 2025, 7:13 AM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Syam Sasidhar Chukka
25
Reputation points
commented Mar 26, 2025, 8:42 AM
Alex Burlachenko
3,005
Reputation points
2 answers
Getting emails from Microsoft Azure about a subscription that does not exist
We get these emails from Microsoft Azure: Immediate action required: Convert Azure classic administrator roles to Azure RBAC roles Convert to Azure role-based access control (RBAC) You're receiving this additional notice because you use Azure classic…
asked Mar 19, 2025, 1:51 PM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 62%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Apeksha Shah
0
Reputation points
commented Mar 26, 2025, 1:42 AM
Harshitha Eligeti
2,080
Reputation points Microsoft External Staff