Azure - Configure RBAC - (Role Base Access Control)- Part 3
Part 3 - Configuring RBAC (Role Base Access Control)
RBAC allows you to provide granular access to perform specific actions on Azure resources, down to an individual-resource level. You can specify which actions to perform by using either a predefined or a custom role. Once you have decided which role to use, you assign it to an Azure AD object representing the user, group, or application that should be able to carry out the role’s associated actions.
To comply with the principle of least privilege, you should avoid relying on Co-Administrators for delegation of access to your subscription. Instead, you should grant a minimum required set of permissions by using the role-based access control (RBAC) mechanism.
In the Azure portal, in the hub menu, click Resource groups.
On the Resource group blade, click 20533D0101-LabRG.
On the access control (IAM) blade of the resource group, click Add.
On the Add permissions blade, in the Role drop-down list, click Contributor.
On the Add permissions blade, in the Select text box, type a valid Microsoft account name, click the entry representing that account appearing underneath the text box, and click Save. You might have to click Refresh to view the effect of the assignment of the role.
In the next post we will connect to your Azure subscription by using Azure PowerShell