What is an Azure Role Definition?


What is an Azure Role Definition?

An Azure role definition, often just called a role, is a collection of permissions that can be performed in Azure, such as read, write, and delete. We strongly recommend that you grant access via the Principle of Least Privilege. Multiple Azure roles can be applied to the same user in Azure.

Azure provides built-in role definitions that you can import into Kion using the instructions here: Built-In Azure Role Definitions. You can also create your own custom role definitions using Kion, as explained here: Add an Azure Role Definition.

Kion helps you create, manage, and apply Azure role definitions more efficiently. When you use role definitions within the Azure portal, applying them across more than one account is a cumbersome manual process. With Kion, you create the role definition once and can easily apply it across accounts using cloud rules and cloud access roles. When you need to make a change, you can update the role definition in one place within Kion, and Kion will modify it in all of your accounts via cloud rules/cloud access roles.

What next?