Elaborated question: How to restrict multiple users access to specific subscription when they are a member of the management group ?
I am having a Multi-subscription which is organised by management group for easy governance and management under a single tenant. When i Say Multi-Subscription , i mean 500+ subscription under a single tenant, Now i have all 500+ subscription whose IAM is inherited with Management AD group that is created on Azure Active Directory .
I want to restrict few users from this Management AD group getting access to few subscription which has sentitive data. How to achieve this is my question ?