In Azure we have different roles types and as of now they are 3 types

  • Classic subscription administrator roles
  • Azure Active Directory (Azure AD) administrator roles
  • Azure role-based access control (RBAC) roles

Classic subscription administrator roles model

  • Account Administrator: user has full access
  • Server Administrator: user managing the services and assign Co-administrator role to user
  • Co-Administrator: Same as services administrator but with some limitations.

Azure Active Directory (AAD) administrator model Roles

  • Global Administrator: can manage all azure resources
  • Billing Administrator: Can Mange the Billing and Subscriptions
  • User Administrator: can add user inside the directory but outside the directory cannot add them.

Azure Role-Based Access Control (RBAC) model Roles

  • Owner Role: this meaning the user has full access to all resources and also can delegate role access for others users. It is same like Server administrator role in classic model roles.
  • Contributor Role: this user can create and manage resources but can’t delegate access to others users like owner role
  • Reader Role: this role means the users can view azure resources only.
  • User access administrator: Special account can access and manage all azure resources. And this account should be used by the azure admin only.
  • Built in Roles: we have more than 70 built in roles
  • Custom Role: administrator can custom some roles based on his needs using RBAC Services.

One thought on “Azure Subscription Administrator Roles Types

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.