Stack Overflow
Stack Overflow

Questions tagged [azure-role-environment]

54 questions
0
votes
1 answer

Manually extract and review access roles for Azure VM

I'm currently auditing an Azure VM to verify if users with access to it have been assigned roles appropriate to their job responsibilities. I understand roles can be assigned at the subscription, resource group, resource levels. If I'm interested in…
josephyschen89
  • 71
  • 1
  • 1
  • 5
0
votes
1 answer

New-AzureADGroupAppRoleAssignment cmdlet usage

I am trying to figure out how to use the PowerShell cmdlet New-AzureADGroupAppRoleAssignment to add a group to an app role. In the AzureAD portal, I would select: enterprise applications > app_name > users and groups > add user/group, then select…
Chris Balk
  • 3
  • 1
0
votes
1 answer

How to get Role of current login user in azure active directory after authentication

i have developed mvc web application. for the authentication part i used azure active directory(single tenant) i used this source https://www.c-sharpcorner.com/article/azure-ad-authentication-for-mvc-web-application/ in case i created the…
Nava Ruban
  • 95
  • 1
  • 10
0
votes
1 answer

Can we restrict operation of Git repo link/unlink in Azure Data Factory (ADF)?

Our team have a data factory, which is linked with one git repo having collaboration branch as 'Develop'. Many times, someone unlinks git repo attached to ADF and that causes issues to other team members. Due to this, sometimes git repo gets…
Aniket Karajgikar
  • 245
  • 2
  • 13
0
votes
1 answer

Custom roles for Azure components

I have a resource group contains Logic App, Function App, Machine learning workspace and Azure Storage. Clients have a set of users falls under dev and admin category. dev's should not have delete access and admin have all the access. Should I…
Rohi_Dev_1.0
  • 372
  • 1
  • 2
  • 19
0
votes
1 answer

Azure - How is the Data from the RoleEnvironment.CurrentRoleInstance.Role.Instances Generated?

I have a question, some of my code is often iterating over the RoleEnvironment.CurrentRoleInstance.Role.Instances collection. How is this data collected? Is it refreshed frequently? is it always live data? I am still working in the developer…
Andrew Harry
  • 13,773
  • 18
  • 67
  • 102
0
votes
1 answer

Azure Cloud Service: RoleEnvironment.StatusCheck event not firing

I am maintaining a legacy Cloud Services application hosted on Azure targeting .net 4.6.1. Inside the Application_Start method of the Global.asax on the Web Role we are registering an event handler for RoleEnvironment.StatusCheck however our logs…
Kelvin
  • 255
  • 1
  • 2
  • 7
0
votes
1 answer

Is there a way to give the user Owner role in subscription scope, but deny/read access to resource groups not made by him?

I want to invite guest user in Azure with permissions that he could do whatever he wants in subscription scope with owner role, but he couldn't view other resource groups that he didn't make or just be able to read them.
Sulas
  • 39
  • 8
0
votes
2 answers

Fetch Azure role assignments to AAD groups

In our current azure tenant we have 100's of subscriptions, user access is managed by azure AAD groups. How can i view roles assigned to a group, Assume 1 group had access to only 1 subscription out of 100 subscriptions then from portal i need to…
Dev Reddy
  • 29
  • 1
  • 7
0
votes
1 answer

Azure resource deletion locks preventing deletion of role assignment on the resource

I have applied deletion lock on my subscription level so that all the resource will get the locks, while revoked the access from virtual machines, azure deletion lock is preventing the IAM role deletion, Is there any way to fix it?
Vineesha.C
  • 333
  • 3
  • 13
0
votes
1 answer

List all the Components under Azure's Contributor Role (Microsoft.Web/sites/*)

I am making a user on Azure Active Directory, and want him to access only limited things inside Azure Web Apps. For a contributor role in Azure, the contributor has the following Actions assigned to it, Microsoft.Web/sites/* Which means it can do…
Asadullah Awan
  • 25
  • 1
  • 5
0
votes
1 answer

Enable automatic key rotation for keyvault

I've been working on a solution to implement automatic key rotation for a storage account using keyvault. The script I'm using is listed below. The object ID is not a service principal (its my ObjectID). $resourcegroup = "resourcegroupname" $saname…
user9360564
  • 355
  • 1
  • 4
  • 13
0
votes
1 answer

Azure web roles and vm durability

Assume we have extended RoleEntryPoint class and overridden Run() method. As the documentation states, If the Run method returns, the role is automatically recycled by raising the Stopping event and calling the OnStop method so that your shutdown…
XPD
  • 1,121
  • 1
  • 13
  • 26
0
votes
1 answer

AzureRM IAM Limited Access

I want to add users to a subscription and give them the ability to read storage account keys on a single storage account only. I can't find a subscription role that lets them log in, without seeing ALL storage accounts or seeing all resources. What…
Jeff
  • 35,755
  • 15
  • 108
  • 220
0
votes
1 answer

Creating global roles in Azure ?

As I understand when a role is created in azure are only available in the assignable scope they are defined with. When in a new subscription I would not be able to call the role or assign it. If I were to create a new role in the current…
nwarriorch
  • 337
  • 6
  • 16
1 2
3
4