Role Based Access Control in Microsoft Azure

Source: Dev.to

Role Assignment

RBAC is required because it controls access to resources under your jurisdiction, ensuring that relevant people can access the required resources.

Role Assignment = Role definition + Security Principal + Scope

Role Definition (Azure Roles)

A role definition (an Azure role) is a group of actions that can be performed by a particular entity. It is essentially a set of permissions required to manage resources in the Azure portal.

Security Principal

(Identity such as a user, group, service principal, or managed identity that is assigned the role.)

Scope

(The level at which the role assignment applies, e.g., subscription, resource group, or individual resource.)

Steps to Create a Role Assignment

1. Identify the assignment
   • Resource Group: demorg
   • Role Definition: Contributor
   • Security Principal: John Green
2. In the Azure portal, go to the left sidebar and click Access Control (IAM).
3. Click Add to add a role assignment.
4. Choose the role definition (e.g., Contributor).
5. Press Next and select the member by clicking + Select Members.
6. Click Next and then Review + assign.
7. After the role assignment is complete, navigate to the resource group and click Access control (IAM) again.
8. Open the Role assignments tab and search for the username. Their assigned role should appear there.