Role-Based Access Control (RBAC) allows you to segregate access and duties to other users within your Azure Portal.
It allows the ability to grant the amount of access your users need for specific Azure Resources by giving a user access to specific built-in roles.
There are three basic roles that apply to all resource types:
- Owner has full access to all resources including the right to delegate access to others.
- Contributor can create and manage all types of Azure resources but can’t grant access to others.
- Reader can view existing Azure resources.
An example that I had was that one of my developers needed contributor access to an Azure Logic App I created. With RBAC, I was easily able to do this.
Below are the steps that I took to grant RBAC to a specific Azure Resource (i.e. my Azure Logic App).
1. Select IAM from your Resource Group
2. Select the Role you want to give the user
3. Enter the email address, account of the user that you want to have this access and hit the save button
4. At this point, they will get an invite to be able to access that Azure Resource with the appropriate role.
Read more on Role-Based Access Control here.