Stack Overflow
Stack Overflow

Questions tagged [azure-rbac]

Topics relating to Azure Role Base Access Control

264 questions
0
votes
1 answer

With MS Graph API, how do I force my programmatically created Service Principals, MSIs, and IaC code to be scoped to my subscription only?

Active Directory Graph API is now fully deprecated, in favor of MS Graph API. My company has given me my own Visual Studio Professional subscription. I also have a DevOps organization. I am the Owner role in both. with AADG API, I could use…
user658182
  • 2,148
  • 5
  • 21
  • 36
0
votes
1 answer

Role Assignment to Resources on Azure

I am logged on to Azure using a Global Admin Account (account I signed up with). There I have created a resource group and it shows I have Contributor access. Why was I not assigned Owner Role instead? How did Azure assign that role to me when that…
rooni
  • 1,036
  • 3
  • 17
  • 33
0
votes
0 answers

pulumi dependsOn not wroking for role assignments

I'm using pulumi to deploy my Azure stack. I've created a "user assigned identity" for my storage account and defined a "custom role" and a "role assignment" as below. I also made the assignment dependsOn the role. But every time I deploy it I'll…
Bizhan
  • 16,157
  • 9
  • 63
  • 101
0
votes
1 answer

Which authenticate used AKS to create Azure resource?

I would like to know under whose authority AKS is creating the resource. I'm trying to create an Internal Loadbalancer in AKS, but it fails without permissions. However, I don't know who to give that privilege to. The account that connected to AKS…
longe1gou
  • 5
  • 3
0
votes
1 answer

Azure find out which permission is needed for certain action

I am trying to give permissions to manage locks on resource groups. Atm I gave permission to write locks with following permissions. "Microsoft.Authorization/", "Microsoft.Authorization/locks/" But the person is only able to manage locks on…
Amateur
  • 177
  • 1
  • 9
0
votes
1 answer

Not able to assign user to new role in Azure App Registration

I have an Azure App Registration that has been working ok for a few weeks. A Blazor Server App, queries the roles of the user with the following code: var authState = await AuthenticationStateProvider.GetAuthenticationStateAsync(); var user…
Rob Bowman
  • 7,632
  • 22
  • 93
  • 200
0
votes
1 answer

List blobs and containers based on assigned RBAC

Application built using Spring Boot 2.5.x... using latest Azure Java SDK (Azure BOM 3.9.0). Using Spring Security and Azure Active Directory Spring Boot starter for authN/authZ... all that works... AZ security groups and App registration app roles…
Stego
  • 87
  • 1
  • 11
0
votes
1 answer

Restricting Access to what users can see in the Azure portal

For users that are assigned only a resource contributor role (such as Storage File Data SMB Share Contributor) the desired outcome is for them to see only the storage resources in Azure to which they are assigned With this role, users can still see,…
Samuma
  • 1
0
votes
1 answer

Azure ARM Template, assign multiple roles to managed identity in Automation Account

I try to build an ARM Template to create Automation Account with System Managed Identity, and in the same template add role assignment on the Subscription level to that System Managed Identity. The code I use is: { "$schema":…
Angus Szarpidrut
  • 3
  • 2
0
votes
1 answer

Possible to do Azure RBAC Role Assignment for ACR Repository?

I was hoping to be able to create an RBAC role assignment for specific repository in an Azure Container Registry but I can only find the resource ID/scope to create a role assignment for the entire ACR. Is there a way to do this or find the…
Kyle N
  • 75
  • 1
  • 8
0
votes
1 answer

Azure deny assignment to prevent read access on Azure Blob Storage

Is there a way to create a deny assignment on management group level with an azure blueprint that prevent owner and contributor roles from reading blob storage content. In my specific case I want to store the terraform state and only want to grant…
dschniepp
  • 1,083
  • 12
  • 19
0
votes
1 answer

How use User Delegation SAS Or Azure RBAC to grant permissions on storage account containers for azure active directory B2C users (Custom Domain)?

I have created a login module using Azure AD B2C. B2C tenant have a custom login page as well as a custom domain. I have also created an Azure Blob Storage Container for hosting HTML files of my website. I have a requirement that only the logged-in…
Yash
  • 57
  • 1
  • 10
0
votes
1 answer

Creating multiple VMs & assigning role to those VMs in Azure using Terraform. (Stuck with for_each loop)

I am trying to create multiple Virtual machines in azure. I am passing the vm name values using a CSV file as shown below. Further I plan to use the email column to assign these user reader role on the vm, basically I plan to create 1 vm for each…
Sarmad
  • 17
  • 5
0
votes
1 answer

Azure role assignments to a AD group for a subscription

Does Azure allow role assignment to a specific AD group for a specific subscription?
Avi
  • 1,453
  • 4
  • 18
  • 43
0
votes
1 answer

Azure RBAC showing a filtered list

When I'm going to my Access Control (IAM) blade in the Azure portal, sometimes I see a message saying that the portal is showing a "filtered list" Why is it so and what is the filtered that is applied? Any way I can see all assignments all the…
2d1b
  • 595
  • 1
  • 6
  • 24
1 2 3
17 18