• Define User Access - You can define specific user access to individual resources.
  • Minimum Access - RBAC can enable minimum access necessary to resources. This ensures only users with valid access can manage resources.
  • Target Specific Use Cases - Be very explicit about uses and access. For example, allow an application access to certain resources or allow a user to manage resources in a resource group.
  • Security Principal - An object representing an entity, such as a user or group, which can access the resource.
  • Role Definition - A collection of permissions, such as read, write and delete.
  • Scope - The resources the access applies to. Specify which role can access a resource or resource group