I'm sure this is a very basic question, but having found no answers elsewhere I'm sure someone here can help. We're new to Azure, having recently signed up for Office 365. I'm concerned to find that anyone with the directory role "User"
can log into portal.azure.com and browse our Azure resources including all users. A User also has access to UIs to create new VM's and sign up for Azure service plans. Maybe a User can't actually make any changes (I don't know for sure - I haven't
tried everything), but just to see these options there is disconcerting. I'm very concerned that any of our users or anyone on the Internet who obtains user credentials by whatever means has access to look around - or worse.
Is it possible to restrict Azure portal logins to just a specified set of users or just Global and Limited Administrators? If not, is it possible to make sure that anyone with the User role sees nothing upon logging into the portal? If neither of
those is possible how can I be assured that Users at least cannot make any changes? Thank you for any assistance.
↧
Restricting "User" access to Azure portal
↧