Azure role-based access control (Azure RBAC) has several Azure built-in roles that you can assign to users, groups, service principals, and managed identities. Role assignments are the way you control access to Azure resources. If the built-in roles don't meet the specific needs of your organization, you can create your own Azure custom roles.
In Microsoft Entra ID, if another administrator or nonadministrator needs to manage Microsoft Entra resources, you assign them a Microsoft Entra role that provides the permissions they need. For example, you can assign roles to allow adding or changing users, resetting user passwords, managing user licenses, or managing domain names. This article lists the Microsoft Entra built-in roles you ...
Learn about administrator roles, such as the global administrator role, or the service administrator role. Roles map to specific business functions and give permissions to do specific tasks in the Microsoft 365 admin center.
Later, Azure role-based access control (Azure RBAC) was added. Azure RBAC is a newer authorization system that provides fine-grained access management to Azure resources. Azure RBAC includes many built-in roles, can be assigned at different scopes, and allows you to create your own custom roles.
Azure role-based access control (Azure RBAC) is the authorization system you use to manage access to Azure resources. To grant access, you assign roles to users, groups, service principals, or managed identities at a particular scope. This article describes how to assign roles using the Azure portal. If you need to assign administrator roles in Microsoft Entra ID, see Assign Microsoft Entra ...
Microsoft Fabric has a flexible permission model that allows you to control access to data in your organization. This article explains the different types of permissions in Fabric and how they work together to control access to data in your organization. A workspace is a logical entity for grouping items in Fabric. Workspace roles define access permissions for workspaces. Although items are ...
Privileged role assignments can lead to elevation of privilege if not used in a secure and intended manner. This article describes privileged roles and permissions and best practices for how to use.
Learn how to understand Microsoft Entra built-in and custom roles with resource scope in Microsoft Entra ID.
Learn how to add app roles to an application registered in Microsoft Entra ID. Assign users and groups to these roles, and receive them in the 'roles' claim in the token.
Add app roles to your application and receive them in the token
Azure role-based access control (Azure RBAC) is the authorization system you use to manage access to Azure resources. To determine what resources users, groups, service principals, or managed identities have access to, you list their role assignments. This article describes how to list role assignments using the Azure portal.
This article lists the Azure built-in roles for Azure role-based access control (Azure RBAC) in the Web and Mobile category. It lists Actions, NotActions, DataActions, and NotDataActions.
This article lists the Azure built-in roles for Azure role-based access control (Azure RBAC) in the Management and governance category. It lists Actions, NotActions, DataActions, and NotDataActions.
Azure role-based access control (Azure RBAC) helps you manage who has access to Azure resources, what they can do with those resources, and what areas they have access to. Azure RBAC is an authorization system built on Azure Resource Manager that provides fine-grained access management to Azure resources.
Learn how to provide access to keys, secrets, and certificates using Azure role-based access control.
Use Microsoft Entra role-based access control to manage permissions for an Azure Container Registry.
Learn about Azure role assignments in Azure role-based access control (Azure RBAC) for fine-grained access management of Azure resources.
This article lists the Azure built-in roles for Azure role-based access control (Azure RBAC) in the General category. It lists Actions, NotActions, DataActions, and NotDataActions.
You can create a custom Intune role that includes any permissions required for a specific job function. For example, if an IT department group manages applications, policies, and configuration profiles, you can add all those permissions together in one custom role. After creating a custom role, you can assign it to any users that need those permissions.
Intune Role Administrator Intune Role Administrators manage custom Intune roles and add assignments for built-in Intune roles. It is the only Intune role that can assign permissions to Administrators.
Learn how to restrict ASP.NET Core Blazor Razor component access with the AuthorizeView component and by passing roles to the Authorize attribute.
Securing access to your organization is an essential security step. This article introduces foundational details for using Microsoft Intune role-based access controls (RBAC), which are an extension of Microsoft Entra ID RBAC controls. Subsequent articles can help you deploy Intune RBAC in your organization. With Intune RBAC, you can grant granular permissions to your admins to control who has ...
A role definition is a collection of permissions that can be performed, such as read, write, and delete. It's typically just called a role. Azure role-based access control (Azure RBAC) has over 120 built-in roles or you can create your own custom roles. This article describes how to list the built-in and custom roles that you can use to grant access to Azure resources. To see the list of ...
Azure RBAC documentation Azure role-based access control (Azure RBAC) is a system that provides fine-grained access management of Azure resources. Using Azure RBAC, you can segregate duties within your team and grant only the amount of access to users that they need to perform their jobs.
This article lists the Azure built-in roles for Azure role-based access control (Azure RBAC) in the Security category. It lists Actions, NotActions, DataActions, and NotDataActions.
Each role has a Type that identifies it as either a Built-in Role provided by Intune or a Custom Intune role created by your organization. Select the role you want to assign and then select Assignments > + Assign. On the Basics page, enter an Name and optional Description, and then select Next.
Learn about Azure role definitions in Azure role-based access control (Azure RBAC) for fine-grained access management of Azure resources.