Forum Discussion
Azure Storage RBAC
Is there a built-in Azure role(s) that will accomplish the following: - Create any Azure resource - Apply permissions to any Azure resource - Not have read access to resources unless explicitly...
The Azure role that meets these requirements is the "Contributor" role. The Contributor role has the permissions to create any Azure resource and apply permissions to any Azure resource. However, by default, the Contributor role also has read access to resources.
To meet the third requirement of not having read access to resources unless explicitly granted, you can customize the Contributor role by removing the "Reader" permission from it. This can be achieved by creating a custom role based on the Contributor role and removing the "Reader" permission. The custom role can then be assigned to users or groups who need to create and manage Azure resources without having read access to them.
To meet the third requirement of not having read access to resources unless explicitly granted, you can customize the Contributor role by removing the "Reader" permission from it. This can be achieved by creating a custom role based on the Contributor role and removing the "Reader" permission. The custom role can then be assigned to users or groups who need to create and manage Azure resources without having read access to them.