Functionality and Usage of RBAC

Role Based Access Control

• Roles allow you to perform action(s)

• Role assignment is that for a certain identity, you can apply a role to a particular scope

• Scope + action + identity = Role assignment

• Enforced via the Azure Resource Manager (ARM)

• Inheritance is on and allows permissions to flow down

• Permissions are additive in nature and build on top of each other