Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
715 questions
1 answer
What Azure role assignments would i need to allow a dba permissions to manage Azure SQL resources including storage accounts?
I am looking at assigning role assignments to a DBA to manage Azure SQL resources from the Azure Portal including managing a specific storage account. Currently, the permissions are set as follows: Contributor Reader SQL Security Manager …
asked 2022-06-10T12:42:30.167+00:00
Schieman, Paul
1
Reputation point
commented 2024-07-14T17:28:18.7+00:00
Iftekhar Alam
0
Reputation points
2 answers
azure owner roles issue
Hi Team, accidentally i was deleted my owner role attached to the my subscription . and now i am unable to perform operations in my account. could you please help me on this issue
asked 2024-07-12T04:48:21.28+00:00
Narasimharao
0
Reputation points
answered 2024-07-13T20:00:26.44+00:00
Dillon Silzer
56,036
Reputation points
1 answer
Authorization for shared key access is denied
I have deployed a webapp in azure , I have created a datasource with connection string and its created. While creating indexers and saving it, facing error that Connection string is invalid. In storage account I am getting a warning like…
asked 2024-07-12T09:56:34.06+00:00
prasath s
0
Reputation points
answered 2024-07-12T16:20:32.1+00:00
akinbade abiola
8,215
Reputation points
1 answer
Azure Policy: check subscription role assignments
Hi everyone We have different types of users in our Azure AD. Only a certain subset of them are allowed to administer Azure resources. Those all start with "ACO" or "ACA". We now wish to create an Azure Policy that checks whether only…
asked 2023-03-16T08:43:26.8633333+00:00
Tobias Petter
6
Reputation points
answered 2024-07-12T14:54:55.09+00:00
Prashant Kumar
225
Reputation points Microsoft Employee
0 answers
Unable to update Azure kusto callout policy
I am trying to update Azure kusto's callout policy using below command: .alter-merge cluster policy callout [{ "CalloutType": "external_data", "CalloutUriRegex": "<
asked 2024-07-11T19:42:26.6266667+00:00
Shahnavaz Kazi
0
Reputation points Microsoft Employee
commented 2024-07-11T23:34:41.1766667+00:00
BhargavaGunnam-MSFT
28,931
Reputation points Microsoft Employee
4 answers
access to azure storage from React App
Hello, We are running a REACT app on an APP service. The APP has a BACK END in TS and a front end in REACT. In our application our customers can create posts with images. These images must be saved in a blob container. I cannot find the best solution to…
asked 2024-07-05T12:10:40.5366667+00:00
Emmanuel de Nicolay
0
Reputation points
commented 2024-07-10T05:12:58.51+00:00
Nehruji R
4,376
Reputation points Microsoft Vendor
3 answers
One of the answers was accepted by the question author.
Does such a user have access to adjacent sub-resources?
Hi, I have a question about user permissions Can someone please explain me to better understand user permissions: let's say under tenant root group, I create a user1 and management-group1. Under management group1, I create a subscription1 and user2.…
3 answers
Lighthouse
Hello All, I gave Contributor role (on a subscription) to users via Lighthouse to manage a customer. The users get access with no problem to the customer subscription, can start and stop VM, create a resource group, start and stop backup, etc. The…
asked 2024-06-19T10:07:04.94+00:00
Tristano,G,Giuseppe,JBP12 R
21
Reputation points
answered 2024-07-09T09:34:41.31+00:00
Tristano,G,Giuseppe,JBP12 R
21
Reputation points
7 answers
"Insufficient privileges to complete the operation" while using Graph API
The access token I get from the following curl request curl "$IDENTITY_ENDPOINT?resource=https://graph.microsoft.com&api-version=2017-09-01" -H secret:$IDENTITY_HEADER does not have the permission to list or create user. Request: GET…
asked 2020-12-14T17:46:54.273+00:00
Anonymous
commented 2024-07-09T07:59:22.12+00:00
sanjay
0
Reputation points
2 answers
One of the answers was accepted by the question author.
How to protect sensitive data in Azure?
I would like to load sensitive data in an Azure Data Lake Storage Gen2. I need to make sure that this data can not be read by the global administrator or any other kind of super user. How can this be realized? I think role-based access control is not…
asked 2024-06-24T06:30:46.3766667+00:00
Schmitz, Simon
20
Reputation points
commented 2024-07-09T06:52:27.32+00:00
Sumarigo-MSFT
45,321
Reputation points Microsoft Employee
1 answer
What is the cause of the following error - "getting assigned identities for pod <namespace>/<pod_name> in CREATED state failed after 20 attempts, retry duration [5]s" , while connecting to IMDS endpoint from a pod in AKS.
I am trying to connect to Azure Key vault via user assigned managed identity from a pod of AKS. I have provided the necessary RBAC role to the identity. I have created Azure Identity and Azure Identity Binding. I have updated my deployment with…
asked 2024-07-08T17:50:19.59+00:00
Mahalingam Vignesh
0
Reputation points
commented 2024-07-09T00:48:49.4+00:00
Mahalingam Vignesh
0
Reputation points
1 answer
How to add new field to request member to input in Microsoft Azure Group
Hi, I have situation like this: I have a group of users, with owners and members. The owners can actually add new members (by typing new members' emails) to the group, to see different reports. However, for the new members, we only want them to see their…
asked 2024-07-08T12:38:44.5233333+00:00
Daniel Hoang Nguyen
0
Reputation points
answered 2024-07-08T13:34:34.4833333+00:00
Amira Bedhiafi
19,221
Reputation points
3 answers
Roles required to create Azure support ticket.
Me and my senior have access to same Azure subscription, when i try to create support ticket with the subscription, it is showing we have only basic plan enabled for our subscription so technical support is not enabled for this, but when my senior…
asked 2023-08-24T21:14:56.8166667+00:00
Nandan NK
50
Reputation points
commented 2024-07-08T11:24:13.91+00:00
Varunkumar Sharanabasappa
0
Reputation points
0 answers
Could you explain how to configure the following virtual machine settings?
To address the tasks you've outlined, here's a structured approach: For restricting demoVM1's access to only Facebook and YouTube, implement URL filtering rules on the network device or use a firewall policy that only allows these URLs. To create a…
asked 2024-07-02T15:37:40.4866667+00:00
Kishore
0
Reputation points
commented 2024-07-05T12:27:54.31+00:00
GitaraniSharma-MSFT
49,356
Reputation points Microsoft Employee
0 answers
How to Access APIM API from Azure Function with Managed Identity without OAuth authentication call
I have created a function app to call an API from APIM and I have added security of Auth 2.0 in the API settings. Also I have added Managed identity to the function app , and added that managed identity in APIM IAM to give API Management Service Reader…
asked 2024-07-02T11:56:11.2633333+00:00
Dixan Lal Thomas
60
Reputation points
commented 2024-07-03T13:36:13.83+00:00
Ben Gimblett
3,840
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
What role will I have when I migrate a subscription to a new Tenant/Directory?
Hi All, Starting in September 2024 Classic Admins will be removed. I am wondering what is going to happen when I do a migration (directory change) of a subscription from one tenant to another. Usually the user who does the "Change Directory"…
Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
715 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,446 questions
Azure Startups
Azure Startups
Azure: A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.Startups: Companies that are in their initial stages of business and typically developing a business model and seeking financing.
237 questions
asked 2024-04-24T09:31:31.7566667+00:00
John Doyle
51
Reputation points
edited the question 2024-07-03T04:17:03.4366667+00:00
Ryan Hill
26,946
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Identity architecture: Conditional access with MFA
How to use a Conditional Access with multifactor authentication (MFA) in free trial version? Which license are required using Conditional Access? Which better I can use a conditional access under the following web address: - www.portel.azure.com …
asked 2024-07-01T11:36:33.72+00:00
Sandeep Kumar
20
Reputation points
commented 2024-07-02T04:18:21.9966667+00:00
Sandeep Kumar
20
Reputation points
1 answer
Issues with API call to get Azure service tags - Service Tag Discovery API
I am trying to execute API calls to get the Azure IP Ranges and Service Tags – Public Cloud (see link https://www.microsoft.com/en-us/download/details.aspx?id=56519). I was able to setup an Azure account and created an app. I created a Python script to…
asked 2024-06-28T16:29:14.31+00:00
Externo Euroairlines
0
Reputation points
edited the question 2024-07-01T04:12:27.32+00:00
KapilAnanth-MSFT
40,256
Reputation points Microsoft Employee
1 answer
Azure portal access invite is failing for READ ONLY user with error 'Invite Redemption failed'
I have invited a user by adding in role based access in Azure portal with read only access. This have generated a meeting invited but while redeeming the meeting invite it is failing with above error. Please help what to check.
asked 2024-06-27T07:44:04.9566667+00:00
Sanjay
10
Reputation points
answered 2024-06-27T21:49:22.49+00:00
Marilee Turscak-MSFT
36,246
Reputation points Microsoft Employee
3 answers
Difficulty creating a custom role with specific permissions
Hello, I am trying to create a custom role on the Azure portal that includes a number of permissions from the existing Auth Admin role. However, I cannot find certain permissions such as microsoft.directory/users/authenticationMethods/create,…
asked 2023-09-04T22:21:58.8266667+00:00
Hari Sheth
0
Reputation points
commented 2024-06-27T12:00:33.5033333+00:00
Abbi Maguddayao
0
Reputation points