This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 13%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)
I created an Azure Account for deployment and have a service Administrator role in side Home > My resource group > Access control (IAM) > Classic administrators, I am the only person using this account as an owner and do not have any co-administrator and another person who is accessing this azure account
I got a mail related to "Transition to role-based access control (RBAC) in Azure by 31 August 2024". Do I need to do any actions related to this and if yes please provide the solution?
if I don't take any action what will happen please guide me to that as well.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread.
Hi @Arpita Pathak ,yes, you do need to take action related to the transition to role-based access control (RBAC) in Azure by 31 August 2024.
RBAC is the recommended way to manage access to Azure resources, and it provides more granular control over permissions than the classic administrator roles.
To transition to RBAC, you will need to create custom roles that define the specific permissions needed for your users to perform their tasks. You can then assign these roles to your users or groups.
To get started, you can follow the steps outlined in this document.
If you don't take any action, your classic administrator roles will continue to work until 31 August 2024. After that date, any users or groups assigned to classic administrator roles will lose access to those roles, and you will need to transition to RBAC to manage access to your resources.
Please let me know if you have any questions and I can help you further.
If this answer helps you please mark "Accept Answer" so other users can reference it.
Thank you,
James
Thanks for reverting!!!!
But my question is I am the only Owner I do not have any co-administrator and the document you have sent me is all about the co-administrator role. I am attaching some images for the reference please guide me.
Thanks in advance!!!!
Thank You
Thank you for reaching out to us on this. I have looked at the screenshot that you have posted in previous comment.
I understand that you are the only service administrator in your tenant. The article that James has provided to you mentions only about co-administrators. However, the same applies to service administrators as well.In RBAC there is only have one owner role and one contributor role on subscription level. These roles are highest privileged role in RBAC on the subscription level. Other built-in roles are used to handle other resources like, VM's, storage etc.
Owner role is the one which is equivalent to service administrator and co-administrator role in classic subscription administrator role.
The rest of the built-in roles allow management of specific Azure resources. For example, the Virtual Machine Contributor role allows the user to create and manage virtual machines. For a list of all the built-in roles, see Azure built-in roles.
You refer below article,
For service administrator, you can have the same user account have owner role assigned on the subscription.
To replace service administrators with new role, you can follow below article,
Note: In the above article it is mentioned as co-administrators, but you can consider the same steps for service administrators as well.
Let me know if you have any further questions
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Thanks for the reply, but I am still confused about in -
The service administrator in the classic administrator is the same as the owner in RBAC
Thanks in advance!!!
Below are the highest privileged roles in Azure RBAC,
Usually, in classic model co-administrator is an account which has all permissions similar to service administrator. But Co-administrators do not have permission to remove service administrator.
We ask you to assign Owner role to co-administrator as well because there is no specific role similar to co-administrator with exact same permissions.
If you want, you can create a custom RBAC role with specific permissions that you want to assign to particular account.
https://learn.microsoft.com/en-us/azure/role-based-access-control/custom-roles
In RBAC there only 4 high privileged roles. You can refer above screenshot and assign any privileged role depending on what permission you want to give to co-administrator account.
Let me know if you have any further questions.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
@Arpita Pathak Just checking in to see if above information was helpful. If you have any further updates on this issue, please feel free to post back.