Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
814 questions
2 answers
One of the answers was accepted by the question author.
Automatically disable to report inactive account in Azure / Entra ID?
I'm curious if there's a built-in feature in Microsoft Entra ID or Azure AD that can automatically disable or remove users whose SignInActivity logs and LastSuccessfulSignInDate are empty. I need to disable them if no activity has been logged in the…
asked 2024-02-19T10:41:53.83+00:00
EnterpriseArchitect
5,406
Reputation points
answered 2024-10-18T19:24:26.63+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 86%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EST%3C/text%3E%3C/svg%3E)
Scott Timmings
0
Reputation points
0 answers
VA2107 - Remove members who should not have access to the database role
ALTER ROLE [UserRole] DROP MEMBER [Principal], is this the correct remediation script for VA2107
asked 2024-10-17T06:20:38.8533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 7.000000000000001%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
Biswas, Sauvik
0
Reputation points
commented 2024-10-18T14:03:16.1366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 46%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENN%3C/text%3E%3C/svg%3E)
NIKHILA NETHIKUNTA
2,790
Reputation points Microsoft Vendor
0 answers
Custom role created at the resource group level
I have created a custom role at the resource group level, however I need to duplicate this across multiple environments and I would like to know the most effective way to do this. I am concerned if I need to alter the role slightly, it can get cumbersome…
asked 2024-10-17T21:00:17.0433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 39%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
MrFlinstone
581
Reputation points
commented 2024-10-18T05:48:17.2233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 51%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
BANDELA Siri Chandana
80
Reputation points Microsoft Vendor
1 answer
disableLocalAuth for cosmos db
Attempting to use RBAC authentication to connect to Cosmos DB results in different behaviors based on the disableLocalAuth setting. When disableLocalAuth is set to false, the connection to Cosmos DB is successful, and data can be retrieved. However,…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 26%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHX%3C/text%3E%3C/svg%3E)
2 answers
Is Git available for powerapps gcc?
I have been searching high and low for documentation on connecting git to a GCC account. I wanted to know it was even possible to do?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 0%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 66%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
1 answer
Creating a custom role at the resource group level to prevent network changes
I am trying to create a custom role at the resource group, this role should deny access if a user tries to change network settings on any azure resource within the resource group. ITs currently not working as users are still able to create a private…
asked 2024-10-16T16:19:12.3866667+00:00
MrFlinstone
581
Reputation points
commented 2024-10-16T21:41:26.3833333+00:00
MrFlinstone
581
Reputation points
1 answer
Who can share files to people outside your organization
a member of the teams site is not allowed to share a document with a person outside the org. Iam the site owner and can share. Only owners can do that?
asked 2024-10-16T13:48:12.86+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 16%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKJ%3C/text%3E%3C/svg%3E)
Kopsco, Joan
0
Reputation points
answered 2024-10-16T21:07:53.4633333+00:00
James Hamil
24,841
Reputation points Microsoft Employee
1 answer
Possible to create a policy that will automatically assign user/group RBAC roles based on tags
Is it possible to create a policy that will automatically assigned users/groups to RBAC roles for an RG based on the tags? If so, can you reference a template for this?
asked 2021-09-28T14:48:24.733+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 11%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
darksaber
6
Reputation points
commented 2024-10-15T17:33:29.79+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 94%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJD%3C/text%3E%3C/svg%3E)
Jostyn Delgado Segura
0
Reputation points
1 answer
Is it safe to add the global "Microsoft Azure App Service" to Key Vault Role Assignments
Unfortunately, it seems that KeyVault Certificates are currently still in an unstable state where RBAC is not properly implemented. Further details of the specifics and a solution to the problem can be seen here…
asked 2024-09-25T12:45:50.4366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 6%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERD%3C/text%3E%3C/svg%3E)
Robbie Dyer
0
Reputation points
commented 2024-10-14T12:44:18.9166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAV%3C/text%3E%3C/svg%3E)
Akhilesh Vallamkonda
9,840
Reputation points Microsoft Vendor
1 answer
Is role inheritance applied to resources in the Resource Group?
Hello, I have a regarding role inheritance that I would like to get your help. Is role inheritance applied to resources in the the resource group? Thanks, Dun
asked 2024-10-01T17:34:31.62+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 48%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETM%3C/text%3E%3C/svg%3E)
Tran, Minh
20
Reputation points
commented 2024-10-14T09:40:21.6666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Navya
11,225
Reputation points Microsoft Vendor
1 answer
Az CLI command for Role Assignment create for a AD group which should valid for 4hours
Hi Ref:https://learn.microsoft.com/en-us/cli/azure/role/assignment?view=azure-cli-latest#code-try-5 i have privileged access PIM to create the role assignment using the below command sh 'az role assignment create --assignee-object-id <obj_id>…
asked 2024-10-07T16:45:35.25+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 78%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
Battu, Srikanth
0
Reputation points
commented 2024-10-10T11:27:25.1666667+00:00
Navya
11,225
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
AADSTS50011 Error when referencing Azure Active Directory Powershell
I'm attempting to set up a controlled-access computer such that users can only access the machine if they are in a corresponding Security Group. The code I've been advised to run for this setup is below. When I run it, I get an AADSTS50011 error when I…
asked 2024-10-03T21:07:10.5166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 73%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDS%3C/text%3E%3C/svg%3E)
Daniel Seitz (DXC Technology Services LLC)
20
Reputation points Microsoft Vendor
accepted 2024-10-09T16:35:00.19+00:00
Daniel Seitz (DXC Technology Services LLC)
20
Reputation points Microsoft Vendor
2 answers
not able to change access configuration policy
CODE InsufficientPermissions MESSAGE RAW ERROR Caller is not allowed to change permission model. For more information on how to change the permissions model follow this link: https://go.microsoft.com/fwlink/?linkid=2155160. Details:…
asked 2023-10-19T05:18:01.9833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 37%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHG%3C/text%3E%3C/svg%3E)
himani ghildiyal
10
Reputation points
commented 2024-10-08T08:52:37.5133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 83%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EST%3C/text%3E%3C/svg%3E)
steeve thomar
1
Reputation point
1 answer
Impossible operate on my Azure Free account
Hi all, after deleted erroneously some role from my user, I'm no longer able to operate with my subscription/account. I deleted some role from my user and now it seems be blocked. I'm not able to add permission/role again. It's a deadlock. I'm trying to…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 36%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
2 answers
I am uanble to upgrade my account because my billing access was changed automatically by Azure
Recently my account was disabled. I would like to find out how to enable it and upgrade it. Its not letting me upgrade.
asked 2021-02-15T16:56:56.39+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 99%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EO%3C/text%3E%3C/svg%3E)
odsbyz
6
Reputation points
answered 2024-10-07T22:08:27.7633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 54%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDO%3C/text%3E%3C/svg%3E)
David Osaretin Urhoghide
0
Reputation points
3 answers
One of the answers was accepted by the question author.
Application gateway listener error when trying to use key vault certificate using managed identity and RBAC
Hi, I'm trying to setup a listener in application gateway to use a certificate from keyvault using managed identity. But every time whne I choose in portal the managed identity and then select the key vault from the dropdown menu I get this error: …
asked 2021-10-08T06:19:49.1+00:00
Martin Cangar
31
Reputation points
commented 2024-10-07T20:20:03.8566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 46%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDU%3C/text%3E%3C/svg%3E)
Dhruvil Upadhyay
0
Reputation points
1 answer
One of the answers was accepted by the question author.
In Microsoft Defender for cloud I’m trying to enter an email but it gives me privilege error and I am Global Admin
Hi Team In Microsoft Defender for cloud I’m trying to enter an additional email addresses but it gives me privilege error and I am Global Admin Regards
asked 2024-10-04T07:56:59.46+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 31%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESN%3C/text%3E%3C/svg%3E)
Sánchez, Alberto
40
Reputation points
accepted 2024-10-04T11:05:25.8133333+00:00
Sánchez, Alberto
40
Reputation points
1 answer
Unable to add non-Global Admin account to sign in to a Windows PC
I am helping a small company who signed up for Microsoft 365 to use Office applications. The domain mydomain.com has been created at Microsoft 365 and Exchange is running fine. Users are using their Microsoft 365 accounts to log in to office.com to…
asked 2024-09-27T07:54:38.1566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 57.99999999999999%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKK%3C/text%3E%3C/svg%3E)
K. Kong
126
Reputation points
commented 2024-10-04T07:38:13.52+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 79%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Clément BETACORNE
2,266
Reputation points
3 answers
One of the answers was accepted by the question author.
Unable to set 'server parameters' in Postgres SQL Flexible Server on Azure
HI All, I'm trying to set a dynamic parameter, require_secure_transport parameter on Azure Database for PostgreSQL flexible server. I've got contributor rights but getting the following error. The client 'xxx@xxx.xxx' with object id 'xxx' does not have…
asked 2024-09-24T02:18:19.9+00:00
Danny Chuah
40
Reputation points
accepted 2024-10-03T11:39:11.2833333+00:00
Danny Chuah
40
Reputation points
1 answer
One of the answers was accepted by the question author.
Can the role "Authentication Administrator" configure passwordless authentication?
With the task: "You need to configure passwordless authentication. The solution must follow the principle of least privilege." Which role should be assigned to complete the task? I would say Authentication administrator, but the…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 72%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELV%3C/text%3E%3C/svg%3E)