RBAC

• Define User Access - You can define specific user access to individual resources.
• Minimum Access - RBAC can enable minimum access necessary to resources. This ensures only users with valid access can manage resources.
• Target Specific Use Cases - Be very explicit about uses and access. For example, allow an application access to certain resources or allow a user to manage resources in a resource group.
• Security Principal - An object representing an entity, such as a user or group, which can access the resource.
• Role Definition - A collection of permissions, such as read, write and delete.
• Scope - The resources the access applies to. Specify which role can access a resource or resource group

References