Stack Overflow
Stack Overflow

Questions tagged [azure-rbac]

Topics relating to Azure Role Base Access Control

264 questions
1
vote
2 answers

Why are these Azure permissions not working?

I'm trying to give a team the least privileged access to manage the keys, secrets and certs in their key vault, AND the ability to manage access policies. Per these docs, the keys, secrets, and certs are handled in the data plane via access…
208_man
  • 1,440
  • 3
  • 28
  • 59
1
vote
1 answer

How use User Delegation SAS Or Azure RBAC to grant permissions on storage account containers for azure active directory B2C users?

I ‘m working with Active Directory B2C and Storage account in Azure. I would like to use User Delegation SAS or Azure RBAC to grant limited access to containers and blobs. I linked my new Tenant to my subscription, but I cannot create storage…
Houssine HASSAYOUN
  • 77
  • 1
  • 6
1
vote
1 answer

Azure AKS User Credentials Login to K8 Dashboard and RBAC Built-in Roles

According to the documentation, Azure Kubernetes Service Cluster User Role allows access to Microsoft.ContainerService/managedClusters/listClusterUserCredential/action API call only. My user is part of an AD group that has Azure Kubernetes Service…
and_apo
  • 1,217
  • 3
  • 17
  • 41
1
vote
1 answer

How to Assume role by a Trusted Third Party to your Azure Account (Similar to AWS)

AWS allows a trusted Third Party relationship by creating an IAM Role for the Third-Party's AWS account in your account and then assigning it an External Id. After this the Trusted Third Party can assume the IAM Role with API and pass an external Id…
ameya
  • 1,448
  • 1
  • 15
  • 31
1
vote
1 answer

Using Azure Resource Graph to get other user's Resources

I am trying to query with an app ID all the resources a user has. My current implementation is to get all the resources my app has access to, and then query the RBAC of each one of those resources to see if the user has access. It seems to be way…
Tacot
  • 154
  • 1
  • 10
1
vote
1 answer

AKS RBAC - Rolebinding has no effect

I'm setting up RBAC in my AKS cluster which is integrated with Azure AD following the instructions here. I have created an AD group in my AAD tenant, added a user to it. Then the group is assigned "Cluster User role" in the AKS cluster as per the…
Thomas
  • 1,970
  • 4
  • 28
  • 59
1
vote
1 answer

Is there a way to set different permissions to pipelines and datasets in the same Azure Data Factory?

I'm trying to set RBAC to the components of a Data Factory so every different user group can work just with the pipeline they have to. Is there a way to achieve this? Thank you very much in advance!
lucasher89
  • 11
  • 2
1
vote
2 answers

Owner level Service Principal permission not working for Azure Active Directory

I am attempting to automate the registration of a new application in Azure Active Directory. Upon running the command in Azure CLI, it returns with the following error: Insufficient privileges to complete the operation. The command was run using a…
theknees
  • 75
  • 1
  • 7
1
vote
1 answer

Azure API Management role "Service Editor"

In this page, there are 2 roles supposed to be provided after the migration of the old "publisher portal" to the Azure portal (https://learn.microsoft.com/en-us/azure/api-management/api-management-role-based-access-control): APIM Service Editor and…
David GROSPELIER
  • 772
  • 1
  • 9
  • 35
1
vote
2 answers

Divide Owner RBAC Role of Azure

I am trying to divide the Azure Owner RBAC role between IAM actions and Other Actions, is it possible if yes then please help. I have tried to list out all the actions of all the Azure RBAC roles and tried to distinguish between IAM and Other…
Anshul Mishra
  • 23
  • 8
1
vote
2 answers

Cannot create Azure AKS cluster: CreateRoleAssignmentError

I attempt to create an AKS cluster in a fresh new subscription. When a cluster is created via the web interface, eventually a CreateRoleAssignmentError error is produced with the following message: RoleAssignmentReconciler retry timed out:…
Tim
  • 12,318
  • 7
  • 50
  • 72
1
vote
1 answer

Global Read Only Permissions and Table Level RBAC

I want to deny acccess to specific tables on my log analytics workspaces, however on the microsoft site it says: "Considerations  If a user is granted global read permission with the standard Reader or Contributor roles that include…
kay106
  • 65
  • 5
1
vote
1 answer

RBAC For phoenix API on Microsoft Azure

So I have made an API using phoenix framework. But I have to make Role Based Access Control on Microsft Azure for my API calls example: read access, update access or create access. I am not able to find any blog or resource regarding that if anyone…
Kishan Kumar Gupta
  • 151
  • 3
  • 9
1
vote
2 answers

Azure AKS: Full access to new RBAC cluster with get-credentials without admin

If I create a brand-new AKS RBAC cluster from the Azure portal, in a resource group where I have Contributor role, and then run az aks get-credentials without admin flag, I am able to create and delete pods and namespaces, read cluster-wide secrets,…
invisiblesquirrel
  • 67
  • 1
  • 5
1
vote
1 answer

Azure DevOps Pipelines not respecting RBAC permissions

I've configured Azure DevOps with a Service Principal to access one specific resource group. I was expecting Azure DevOps will only be able to deploy to resources under this group but that doesn't seem to be the case. I am able to connect agents…
user3575337
  • 194
  • 1
  • 1
  • 8
1 2 3
17 18