How to create custom roles with specific permissions in Azure AD

Posted on 3. July 2024 by Armend

Creating Custom Roles with Specific Permissions in Azure AD

Entra IDCreating custom roles with specific permissions in Azure Active Directory (Azure AD) can be a useful way to grant users the exact level of access they need, without giving them unnecessary privileges. Here’s a step-by-step guide on how to do it:

 

Step 1: Understand Azure AD Roles and Permissions

Azure AD has a set of built-in roles, such as Global Administrator, User Administrator, and Security Administrator. These roles have predefined permissions that you can assign to users. However, if the built-in roles don’t meet your specific needs, you can create custom roles.

Step 2: Plan Your Custom Role

Before creating a custom role, it’s important to plan what permissions the role should have. Consider the tasks and responsibilities the users with this role will need to perform, and identify the specific permissions required.

Step 3: Create a Custom Role

  1. Sign in to the Azure portal.
  2. Navigate to Azure Active Directory > Roles and Administrators.
  3. Click on “New custom role” to create a new custom role.
  4. Provide a name and description for the custom role.
  5. In the “Permissions” section, select the permissions you want to grant to the custom role. You can search for specific permissions or browse the available permissions.
  6. Review the selected permissions and make any necessary adjustments.
  7. Click “Create” to save the custom role.

Step 4: Assign the Custom Role

  1. Navigate to Azure Active Directory > Roles and Administrators.
  2. Locate the custom role you just created and click on it.
  3. Click “Add assignments” to assign the custom role to users or groups.
  4. Select the users or groups you want to assign the custom role to, and click “Add”.

Step 5: Monitor and Manage the Custom Role

After creating and assigning the custom role, it’s important to monitor its usage and make any necessary changes. You can review the role’s assignments, permissions, and activity in the Azure portal.Remember, creating custom roles requires careful planning and consideration to ensure the appropriate level of access is granted to users. It’s also important to regularly review and update custom roles as your organization’s needs change.

About Armend

Hi there! I'm an IT professional with a passion for writing. My journey in the tech world began with a fascination for computers and technology, which eventually led me to a fulfilling career in IT. But beyond the world of codes and networks, I've always had a love for storytelling and the written word.
This entry was posted in Entra ID (Azure). Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *