Forum Discussion
Azure storage account RBAC
Is there a built-in Azure role(s) that will accomplish the following:
- Create any Azure resource
- Apply permissions to any Azure resource
- Not have read access to resources unless explicitly granted
Specifically, I am referring to a file share in a storage account. I would like to have a security "role" be able to do all of the above, but don't want them to be able to access the data in a file share unless they are explicitly granted permissions. There is a file share that would contain confidential documents that they security "role" should not be able to access, and yes I know that the "role" could easily just give themselves access to that share if they really wanted to.
Thanks for the help.
The Microsoft Learn community is for Learn and certification related questions. You can direct any questions relating to Azure here: Welcome to the Azure Community (microsoft.com)
