Azure RBAC documentation

Azure role-based access control (Azure RBAC) is a system that provides fine-grained access management of Azure resources. Using Azure RBAC, you can segregate duties within your team and grant only the amount of access to users that they need to perform their jobs.

• Azure RBAC documentation
• Overview
  • What is Azure RBAC?
  • What is Azure ABAC?
  • Understand the different roles
• Quickstarts
  • Check access for a user
  • Bicep
  • ARM template
• Tutorials
  • Grant a user access - Portal
  • Grant a user access - PowerShell
  • Grant a group access - PowerShell
  • Create a custom role - PowerShell
  • Create a custom role - CLI
• Concepts
  • Role definitions
  • Role assignments
  • Scope
  • Best practices
  • Delegate
    • Delegate role assignment management overview
    • Authorization actions and attributes
    • Example conditions
  • ABAC conditions
    • Condition format
    • Conditions prerequisites
    • Conditions FAQ
    • Custom security attributes example
  • Security
    • Security controls by Azure Policy
• How-to guides
  • List role definitions
  • List role assignments
    • Portal
    • PowerShell
    • CLI
    • REST API
  • Assign roles
    • Steps to assign a role
    • Portal
      • Assign roles
      • Managed identity
      • External users
    • PowerShell
    • CLI
    • REST API
    • ARM template
  • Eligible and time-bound
    • Eligible and time-bound
    • Activate eligible roles
  • Delegate
    • Subscription administrator with conditions
    • Delegate role assignment management with conditions
  • Add or edit ABAC conditions
    • Portal
    • PowerShell
    • CLI
    • REST API
    • ARM template
    • Example conditions for Blob Storage
    • Conditions and custom security attributes
  • Remove role assignments
  • List deny assignments
  • Create custom roles
    • Overview
    • Portal
    • PowerShell
    • CLI
    • REST API
    • Bicep
    • ARM template
  • View activity logs
  • Alert on privileged role assignments
  • Elevate access
  • Classic administrators
  • Transfer subscription to different directory
  • Troubleshoot
    • Troubleshoot Azure RBAC
    • Troubleshoot Azure RBAC limits
    • Troubleshoot ABAC conditions
• Reference
  • Built-in roles
    • Built-in roles
    • Privileged
    • General
    • Compute
    • Networking
    • Storage
    • Web and Mobile
    • Containers
    • Databases
    • Analytics
    • AI + machine learning
    • Internet of Things
    • Mixed reality
    • Integration
    • Identity
    • Security
    • DevOps
    • Monitor
    • Management and governance
    • Hybrid + multicloud
  • Permissions
    • Permissions
    • General
    • Compute
    • Networking
    • Storage
    • Web and Mobile
    • Containers
    • Databases
    • Analytics
    • AI + machine learning
    • Internet of Things
    • Mixed reality
    • Integration
    • Identity
    • Security
    • DevOps
    • Migration
    • Monitor
    • Management and governance
    • Hybrid + multicloud
  • Azure RBAC limits
  • Azure PowerShell
  • CLI
  • REST API
  • ARM templates
    • Role Assignments
    • Role Definitions
  • Azure Policy built-ins
• Resources
  • Build your skills with Microsoft Learn training