Examine role-based access control (RBAC)


Managing access to resources in Azure is a critical part of an organization’s security and compliance requirements. Role-based access control (RBAC) is the capability for you to grant appropriate access to Microsoft Entra ID users, groups, and services. Azure Role-based access control is configured by selecting a role (the definition of what actions are allowed and/or denied), then associating the role with a user, group, or service principal. Finally, this combination of role and user/group/service principal is scoped to either the entire subscription, a resource group, or specific resources within a resource group.

Diagram showing architecture of role-based access control across subscription, resource groups, and resources.

Optional demos