Exercise 1 – assigning access with RBAC
This section will assign access to the resource group with RBAC using the Azure portal.
The following subsections cover how to complete this exercise, segregated into tasks for ease of understanding.
Task – accessing the Azure portal
- Log into the Azure portal at https://portal.azure.com. Alternatively, you can use the Azure desktop app: https://portal.azure.com/App/Download.
Task – creating a new resource group that requires access
- In the assigning with RBAC:resource group requiring access, creating” search bar, type resource groups; click Resource groups from the results list.
- From the Resource groups blade, click + Create via the top toolbar.
- From the Basics tab, set the Project and Resource details as required.
- Click Next: Review + create.
- On the Review + create tab, review your settings; you may go back to the previous tabs and make any edits if required. Once you have confirmed your settings are as required, you can click Create.
- You will receive a notification that the resource group was created successfully.
- Click Go to resource group from the Notifications blade. Alternatively, navigate to the resource group instance.
Task – assigning access to a resource group
- From the created Resource groups blade, click Access control (IAM) from the left-hand side menu.
- From the Roles tab, review the built-in roles; under the Details column, you can click on View to see the permissions that role will grant.
- From the Role assignments tab, review the current assignments.
- From the Check access tab, please review the options for My Access and Check access, and then click Add role assignment.
- From the Role tab, click Owner or the role you wish to assign.
- Click Next.
- For this exercise, leave Assign access to set to the default of User, Group, or Service Principal.
- From Members, select the members to be assigned the role.
- Click Next.
- Click Next: Review + assign.
- You will receive a notification that the role assignment was added.
- Click the Role assignments tab from the Access control (IAM) blade and review the new assignment that was created.
In this exercise, we successfully created a resource group and assigned the RBAC role to a user for access. In the following exercise, we will look at creating a custom RBAC role.