Skip to content

Latest commit

 

History

History
116 lines (66 loc) · 3.91 KB

quickstart-assign-role-user-portal.md

File metadata and controls

116 lines (66 loc) · 3.91 KB
title description services documentationCenter author manager editor ms.service ms.devlang ms.topic ms.tgt_pltfrm ms.workload ms.date ms.author
Tutorial - Grant access for a user using RBAC and the Azure portal | Microsoft Docs
Use role-based access control (RBAC) to grant permissions to a user by assigning a role in the Azure portal.
role-based-access-control
rolyon
mtillman
role-based-access-control
tutorial
identity
11/30/2018
rolyon

Tutorial: Grant access for a user using RBAC and the Azure portal

Role-based access control (RBAC) is the way that you manage access to resources in Azure. In this tutorial, you grant a user access to create and manage virtual machines in a resource group.

In this tutorial, you learn how to:

[!div class="checklist"]

  • Grant access for a user at a resource group scope
  • Remove access

If you don't have an Azure subscription, create a free account before you begin.

Sign in to Azure

Sign in to the Azure portal at http://portal.azure.com.

Create a resource group

  1. In the navigation list, choose Resource groups.

  2. Choose Add to open the Resource group blade.

    Add a new resource group

  3. For Resource group name, enter rbac-resource-group.

  4. Select a subscription and a location.

  5. Choose Create to create the resource group.

  6. Choose Refresh to refresh the list of resource groups.

    The new resource group appears in your resource groups list.

    Resource group list

Grant access

In RBAC, to grant access, you create a role assignment.

  1. In the list of Resource groups, choose the new rbac-resource-group resource group.

  2. Choose Access control (IAM).

  3. Choose the Role assignments tab to see the current list of role assignments.

    Access control (IAM) blade for resource group

  4. Choose Add role assignment to open the Add role assignment pane.

    If you don't have permissions to assign roles, the Add role assignment option will be disabled.

    Add role assignment pane

  5. In the Role drop-down list, select Virtual Machine Contributor.

  6. In the Select list, select yourself or another user.

  7. Choose Save to create the role assignment.

    After a few moments, the user is assigned the Virtual Machine Contributor role at the rbac-resource-group resource group scope.

    Virtual Machine Contributor role assignment

Remove access

In RBAC, to remove access, you remove a role assignment.

  1. In the list of role assignments, add a checkmark next to the user with the Virtual Machine Contributor role.

  2. Choose Remove.

    Remove role assignment message

  3. In the remove role assignment message that appears, choose Yes.

Clean up

  1. In the navigation list, choose Resource groups.

  2. Choose rbac-resource-group to open the resource group.

  3. Choose Delete resource group to delete the resource group.

    Delete resource group

  4. On the Are you sure you want to delete blade, type the resource group name: rbac-resource-group.

  5. Choose Delete to delete the resource group.

Next steps

[!div class="nextstepaction"] Tutorial: Grant access for a user using RBAC and PowerShell