RBAC
A resource group isĀ a container that holds related resources for an Azure solution. The resource group can include all the resources for the solution, or only those resources that you want to manage as a group. The resource groupĀ collects metadata from each individual resource to facilitate more granular management than at the subscription level. This not only has advantages for administration and cost management, but also for applying role-based access controls
Azure resource roles versus Azure Active Directory Administrator roles
- It is important to note that Azure Resource roles cannot be used to provide administrative access to Azure AD and Azure AD roles do not provide specific access to Azure resources.
List all Roles
- Click the specific resource.
- Click Access control (IAM).
- Click the Roles tab to see a list of all the built-in and custom roles
To see the permissions for a particular role, in the Details column, click the View link.
Azure PowerShell
- PS C:\> Get-AzRoleDefinition “Contributor”
- PS C:\> Get-AzRoleDefinition “Contributor” | ConvertTo-Json
List role assignments for a user or group
- Select Azure Active Directory and then select Users or Groups.
- Click the user or group you want list the role assignments for
- Click Azure role assignments.