Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

How can we improve Azure Active Directory?

← Azure Active Directory

Users must not delete resource groups if they are not allowed to delete the resources.

We created custom roles to allow another team to operate our environment. To avoid accidental deletion of data, we removed the delete action for several storage components, for example Data Lake Store Gen1.

Unfortunately when deleting a resource group, it completely ignores the permissions on resource level. For example, I do not have deletion rights on ADLS, but I can still remove it, by deleting the whole resource group.

Resource Groups are simple containers and restricting people on managing them on their own will have a huge impact. We will waste a lot of time to define processes and executing them. If we do not restrict usage of resource groups, we have no easy way to prevent people from deleting resources, which they must not delete.

This behavior looks broken to me and everyone I showed it. Please check on deletion of a resource group, if the resources may be deleted by the user.

30 votes

Christian Strempfer shared this idea · Apr 2, 2019 · Flag idea as inappropriate… · Admin →

under review ·

Azure AD Team responded · Aug 15, 2019

We are looking into it and will update you when we know more.

Arturo via Chen

1 comment

An error occurred while saving the comment

Mateos Alliaj commented · April 4, 2019 1:29 AM · Flag as inappropriate

Agree with Christian!

Submitting...

Azure Active Directory: Role-based Access Control

Searching…

No results.
Clear search results

Give feedback
- (General Feedback) 8,335 ideas
- Additional Services 353 ideas
- Analytics Platform System 21 ideas
- API Apps 0 ideas
- API Management 700 ideas
- Automation 543 ideas
- Azure Active Directory 6,313 ideas
- Azure Active Directory Application Requests 297 ideas
- Azure Advisor 38 ideas
- Azure Analysis Services 191 ideas
- Azure API for FHIR 17 ideas
- Azure App Configuration 54 ideas
- Azure Arc 27 ideas
- Azure Automanage 4 ideas
- Azure Backup 775 ideas
- Azure Blockchain Service 12 ideas
- Azure Bot Service 36 ideas
- Azure Certified Device 16 ideas
- Azure Cloud Shell 376 ideas
- Azure Cognitive Services 97 ideas
- Azure Communication Services 38 ideas
- Azure Confidential Compute 1 idea
- Azure Container Instances 180 ideas
- Azure Container Registry 103 ideas
- Azure Cosmos DB 292 ideas
- Azure CycleCloud 5 ideas
- Azure Data Explorer 250 ideas
- Azure Data Share 14 ideas
- Azure Database for MariaDB 19 ideas
- Azure Database for MySQL 78 ideas
- Azure Database for PostgreSQL 177 ideas
- Azure Database Migration Service 85 ideas
- Azure Databricks 338 ideas
- Azure Dev Spaces 11 ideas
- Azure Digital Twins 22 ideas
- Azure Event Grid 69 ideas
- Azure FarmBeats 14 ideas
- Azure Functions 261 ideas
- Azure FXT Edge Filer 1 idea
- Azure Governance 219 ideas
- Azure HPC Cache 0 ideas
- Azure IoT (Hub, DPS, SDKs) 342 ideas
- Azure IoT Central 167 ideas
- Azure IoT Edge 100 ideas
- Azure IoT Security 0 ideas
- Azure IoT Solution Accelerators 46 ideas
- Azure Key Vault 185 ideas
- Azure Kinect DK 72 ideas
- Azure Kubernetes Service (AKS) 333 ideas
- Azure Lighthouse 36 ideas
- Azure Management Groups 24 ideas
- Azure Maps 83 ideas
- Azure Marketplace 467 ideas
- Azure Media Services 266 ideas
- Azure Migrate 86 ideas
- Azure mobile app 378 ideas
- Azure Monitor 278 ideas
- Azure Monitor- Alert Management 166 ideas
- Azure Monitor-Application Insights 844 ideas
- Azure Monitor-Log Analytics 1,030 ideas
- Azure NetApp Files (ANF) 37 ideas
- Azure Object Anchors 0 ideas
- Azure Pack 298 ideas
- Azure Portal 2,296 ideas
- Azure Purview 236 ideas
- Azure Quantum 0 ideas
- Azure Red Hat OpenShift 17 ideas
- Azure Remote Rendering 10 ideas
- Azure Reservations 193 ideas
- Azure Resource Manager 568 ideas
- Azure Search 312 ideas
- Azure Security Center 345 ideas
- Azure Sentinel 149 ideas
- Azure Service Health 48 ideas
- Azure SignalR Service 19 ideas
- Azure Spatial Anchors 32 ideas
- Azure Sphere 81 ideas
- Azure Spring Cloud 3 ideas
- Azure Stack HCI 10 ideas
- Azure Stack Hub 206 ideas
- Azure Synapse Analytics 553 ideas
- Azure TCO Calculator 30 ideas
- Azure Time Series Insights 38 ideas
- Azure Web PubSub service 3 ideas
- Batch 44 ideas
- Batch AI 10 ideas
- Biztalk Services 14 ideas
- Blockchain 57 ideas
- Cache 45 ideas
- Change Tracking 14 ideas
- Cloud Services (Web and Worker Role) 277 ideas
- Cost Management 384 ideas
- Cross region move for Azure resources 11 ideas
- Customer Insights 13 ideas
- Customer Lockbox for Microsoft Azure 1 idea
- Data Catalog 181 ideas
- Data Factory 1,407 ideas
- Data Lake 358 ideas
- Data Science VM 24 ideas
- Diagnostics and Monitoring 206 ideas
- Event Hubs 58 ideas
- Global Infrastructure 44 ideas
- HDInsight 140 ideas
- Lab Services 397 ideas
- Logic Apps 2,029 ideas
- Machine Learning 258 ideas
- Mobile Engagement 19 ideas
- Networking 1,562 ideas
- Notification Hubs 38 ideas
- Project Bonsai 31 ideas
- Scheduler 44 ideas
- Scripting and Command Line Tools 104 ideas
- SDK and Tools 157 ideas
- Security and Compliance 112 ideas
- Service Bus 186 ideas
- Service Fabric 306 ideas
- Signup and Billing 1,833 ideas
- Site Recovery 307 ideas
- SQL Data Sync 70 ideas
- SQL Database 926 ideas
- SQL Managed Instance 163 ideas
- SQL Server 10,963 ideas
- SQL Server - Big Data Clusters 49 ideas
- Storage 1,081 ideas
- StorSimple 26 ideas
- Stream Analytics 276 ideas
- Support Feedback 281 ideas
- System Center Data Protection Manager 152 ideas
- Update Management 193 ideas
- Virtual Machines 1,743 ideas
- Web Apps 751 ideas
Microsoft Azure