Azure provides authentication using Azure Active Directory for its resources. Once an identity has been authenticated, the resources the identity should be allowed to access should be decided. This is known as authorization. Authorization evaluates the permissions that have been afforded to an identity. Anybody with access to an Azure subscription should be given just enough permissions so that their specific job can be performed, and nothing more.
Authorization is popularly also known as RBAC. RBAC in Azure refers to the assigning of permissions to identities within a scope. The scope could be a subscription, a resource group, or individual resources.
RBAC helps in the creation and assignment of different permissions to different ...