In Azure we have different roles types and as of now they are 3 types
- Classic subscription administrator roles
- Azure Active Directory (Azure AD) administrator roles
- Azure role-based access control (RBAC) roles
Classic subscription administrator roles model
- Account Administrator: user has full access
- Server Administrator: user managing the services and assign Co-administrator role to user
- Co-Administrator: Same as services administrator but with some limitations.
Azure Active Directory (AAD) administrator model Roles
- Global Administrator: can manage all azure resources
- Billing Administrator: Can Mange the Billing and Subscriptions
- User Administrator: can add user inside the directory but outside the directory cannot add them.
Azure Role-Based Access Control (RBAC) model Roles
- Owner Role: this meaning the user has full access to all resources and also can delegate role access for others users. It is same like Server administrator role in classic model roles.
- Contributor Role: this user can create and manage resources but can’t delegate access to others users like owner role
- Reader Role: this role means the users can view azure resources only.
- User access administrator: Special account can access and manage all azure resources. And this account should be used by the azure admin only.
- Built in Roles: we have more than 70 built in roles
- Custom Role: administrator can custom some roles based on his needs using RBAC Services.
DB Cloud TECH 
One thought on “Azure Subscription Administrator Roles Types”