Role-based access control in Azure Preview portal
Inlägg på den 10 september 2014
- Group-based role assignment: You can assign access to Azure AD groups that can be synced from your local Active Directory. This enables you to leverage the existing investments that your organization has made in tooling and processes for managing groups. You can also use the delegated group management feature of Azure AD Premium.
- Three new roles: You can use three new roles—Owner, Contributor, and Reader—to ensure that users and groups have permission to do only the tasks they need to do their jobs. We’ll add support for custom roles in a future release. Service administrators and subscription coadministrators are automatically Owners in the Azure Preview portal.
- Granular access to resources: You can assign roles to users and groups for a particular subscription, resource group, or an individual Azure resource such as a website or database. In this way, you can ensure that users have access to all the resources they need and no access to resources that they do not need to manage.