Back

Creating Custom RBAC Role for Resource Access

    1. In the Azure portal, open a subscription or resource group where you want the custom role to be assignable and then open Access control (IAM).
    2. Click Add and then click Add custom role.
      This opens the custom roles editor with the Start from scratch option selected.
    3. In the Custom role name box, specify a name for the custom role. The name must be unique for the Azure AD directory. The name can include letters, numbers, spaces, and special characters.
    4. In the Description box, specify an optional description for the custom role. This will become the tooltip for the custom role.
      The Baseline permissions option should already be set based on the previous step, but you can change.
    5. On the Permissions tab, you specify the permissions for your custom role. Depending on whether you cloned a role or if you started with JSON, the Permissions tab might already list some permissions.
    6. To add permissions, click Add permissions to open the Add permissions pane.
      This pane lists all available permissions grouped into different categories in a card format. Each category represents a resource provider, which is a service that supplies Azure resources.
    7. In the Search for a permission box, type a string to search for permissions. For example, search for invoice to find permissions related to invoice.
      A list of resource provider cards will be displayed based on your search string. For a list of how resource providers map to Azure services
    8. Click a resource provider card that might have the permissions you want to add to your custom role, such as Microsoft Billing.
      A list of the management permissions for that resource provider is displayed based on your search string.
    9. If you are looking for permissions that apply to the data plane, click Data Actions. Otherwise, leave the actions toggle set to Actions to list permissions that apply to the control plane. For more information, about the differences between the control plane and data plane
    10. If necessary, update the search string to further refine your search.
    11. Once you find one or more permissions you want to add to your custom role, add a check mark next to the permissions. For example, add a check mark next to Other : Download Invoice to add the permission to download invoices.
    12. Click Add to add the permission to your permission list.
      The permission gets added as an Actions or a DataActions.
    13. Click Add assignable scopes to open the Add assignable scopes pane.
    14. Click one or more scopes that you want to use, typically your subscription.
    15. Click the Add button to add your assignable scope.
    16. Review your custom role settings.
    17. Click Create to create your custom role.

    Tag:

    admin

    You may also like

    How to install git credential manager core on Ubuntu 22.04 / 20.04
    September 28, 2024

    Download the GCM wget “https://github.com/git-ecosystem/git-credential-manager/releases/download/v2.5.0/gcm-linux_amd64.2.5.0.deb” -O /tmp/gcmcore.deb Execute the installable file sudo dpkg -i /tmp/gcmcore.deb Configure GCM git-credential-manager configure Configure the GCM store git config –global credential.credentialStore plaintext or export GCM_CREDENTIAL_STORE=plaintext

    Configure Azure P2S VPN Gateway with Microsoft Entra Authentication
    June 25, 2024

    Prerequisites Azure Subscription: Ensure you have an active Azure subscription. Azure AD Directory: You must have an Azure AD directory. User Permissions: Ensure you have permissions to create and manage resources in the Azure portal. Step-by-Step Guide Step 1: Create and Configure the Virtual Network Gateway Create a Virtual Network: …

    Hosting Static Website In S3 Bucket
    August 24, 2023

    Courses

    About

    © 2024 WebMagic Informatica. All rights reserved.

    Facebook Youtube Whatsapp Github Linkedin Instagram