Azure-无法创建服务等的用户 [英] Azure - Users who cant create services etc

问题描述

我的经理刚刚问过我.

我们公司中有具有信用的人，他们可以创建服务等.如果有人只使用服务而不创建服务，该怎么办.如果另一个团队成员登录Azure并尝试创建服务会怎样?

---

Debbie

解决方案

Hello Debbie，

在Azure中，使用订阅来跟踪用于创建资源的功劳.因此，如果您具有订阅权限，则该用户将可以使用积分并创建服务.

示例:

用户A购买了一个订阅并将其链接到contoso.onmicrosoft.com租户.

如果用户B对订阅没有任何权限，那么他将无法创建任何新的资源/服务.

如果用户B在订阅上具有权限/角色(所有者/贡献者/读者)，则他可以相应地创建资源/服务.

您可以使用RBAC(基于角色的访问控制)来管理此权限.您可以了解有关RBAC的更多信息 这里.

参考:https://docs.microsoft.com/zh-cn/azure/role-based-access-control/rbac-and-directory-admin-roles

希望这会有所帮助！

Ive just been asked by my manager.

We have people with Credit in the company who can create services etc. What if someone is just using services and not creating them. What happens if another team member logs into Azure and try to create a service?

---

Debbie

解决方案

Hello Debbie,

In Azure, the credit used for creating resources is tracked using a subscription. So if you have permissions on the subscription then the user will be able to use the credit and create services. 

Example:

User A purchases a subscription and links it to the contoso.onmicrosoft.com tenant.

If user B does not have any permissions on the subscription then he cannot create any new resources/services.

If user B has permissions/role (owner/contributor/reader) on the subscription then he can create resources/services accordingly.  

You can manage this permission using RBAC(Role based access control). You can learn more about RBAC here.

Ref: https://docs.microsoft.com/en-us/azure/role-based-access-control/rbac-and-directory-admin-roles

Hope this helps!

这篇关于Azure-无法创建服务等的用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！