Dan
My feedback
-
357 votes40 comments · Azure Active Directory » Role-based Access Control · Flag idea as inappropriate… · Admin →
Hi folks,
Just a quick update here. We’re still actively working on support for custom roles (RBAC) across Azure AD. Stay tuned for more announcements in the next couple of months.You can have a look at what we’ve shipped thus far (custom roles for application registration management) here – https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/roles-custom-overview.
Regards,
Vince Smith
Azure Active Directory TeamAn error occurred while saving the comment -
223 votes
Custom RBAC is supporting the management groups scope with a few limitations. The MG team and Identity teams are working on removing these limitations but no timeline is available yet.
To keep updated please see https://docs.microsoft.com/en-us/azure/governance/management-groups/overview#custom-rbac-role-definition-and-assignment
An error occurred while saving the comment Dan
commented
The fact that we can't scope to mgmt group scope (or root scope for our tenant as a temporary workaround) is a huge blocker to moving on to significantly more productive work. Within my organisation we have 30-something subscriptions (and ramping up quickly), which translates to a lot of manual overhead when working with our custom roles (modifying assignable scope each time).
Hope this (or some kind of root-scope workaround) is coming soon!
Dan
supported this idea
·
Actively blocked by lack of support for this, and it looks like it has been in progress for seven months....