Overview Azure RBAC for Azure Sphere ARM resources
With Azure Role Based Access Control (RBAC), user administrators can configure access to, or limit permissions for, Azure Sphere resources, such as device groups. User administrators typically group users by business function, allowing a given user group, or individual user, access to the resources and actions their specific job requires, but preventing them from taking actions on resources outside their business scope. For example, you may need to allow an engineering user group to access an Azure Sphere catalog, but only for purposes of enabling software development on engineering owned Azure Sphere devices. To make user administration easy, Azure Sphere has created pre-built Azure RBAC roles with specific permissions designed to support common needs of Azure Sphere users. You can use these pre-built roles to quickly configure RBAC for Azure Sphere resources, or you can create your own custom roles for Azure Sphere resources to enable the specific set of user permissions that fits your business model best. To learn more about implementing Azure RBAC, see Azure RBAC documentation.