THE SQL Server Blog Spot on the Web

Welcome to - The SQL Server blog spot on the web Sign in | |
in Search

John Paul Cook

In The Cloud: Owner Role and Security Administration

Azure uses Role Based Access Control (RBAC), which is something people generally don’t pay at lot of attention to when initially learning how to use the Azure portal. Take a close look at the screen capture shown below. The Delete button is disabled. There are definitely times you want to protect Azure resources from accidental deletion. That’s just basic good governance.


Figure 1. Delete button disabled for a Data Catalog resource.

The reason that the Delete button is disabled can be understood by going to subscription management.


Figure 2. In the Azure portal, click the arrow to show more services, then select Subscriptions.


Figure 3. Notice that I was in the User Access Administrator role which doesn’t have delete privilege.

The individual vertical sections in the Azure portal are called blades. Clicking the Add button causes the Add Permissions blade to appear. You need to select a role and then select the member(s) to add to the role.


Figure 4. The Add Permissions blade before selecting member(s) to add to the role.


Figure 5. The Add Permissions blade after selecting member(s). Click Save to make the RBAC change.


Figure 6. Notice that the Delete button is now enabled. It doesn’t immediately perform the deletion. It prompts you to make sure.


Figure 7. Prompt to make sure you really want to do this. Notice that the Delete button is disabled at this point.

Typing the resource group name is a pain. I always move the mouse over the resource group name in the warning, double-click, copy, and paste.


Figure 8. Use copy and paste to simplify the deletion process.


Figure 9. The Delete button is enabled after entering it into the box.


Figure 10. Deletion in progress.

Published Saturday, May 20, 2017 1:34 AM by John Paul Cook
Filed under: ,


No Comments
Anonymous comments are disabled

About John Paul Cook

John Paul Cook is a database and Azure specialist in Houston. He previously worked as a Data Platform Solution Architect in Microsoft's Houston office. Prior to joining Microsoft, he was a SQL Server MVP. He is experienced in SQL Server and Oracle database application design, development, and implementation. He has spoken at many conferences including Microsoft TechEd and the SQL PASS Summit. He has worked in oil and gas, financial, manufacturing, and healthcare industries. John is also a registered nurse recently completed the education to become a psychiatric nurse practitioner. Contributing author to SQL Server MVP Deep Dives and SQL Server MVP Deep Dives Volume 2. Connect on LinkedIn

This Blog



Privacy Statement