![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 2%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELC%3C/text%3E%3C/svg%3E)
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
680 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Hi @Linares Carramolino, Maria Concepción
Thank you for posting this in Microsoft Q&A.
I understand you want to assign a policy to the tenant root management group from a new user account.
At least one of the roles - Owner, Resource Policy Contributor, or User Access Administrator must be assigned to the user account in order to assign policies to the tenant root management group.
For your reference: https://learn.microsoft.com/en-us/azure/governance/management-groups/overview#management-group-access
To Assign a policy to the tenant root management group follow the steps which mentioned in this document: https://learn.microsoft.com/en-us/azure/governance/policy/tutorials/create-and-manage#assign-a-policy
Hope this helps. Do let us know if you any further queries.
Thanks,
Navya.
If the answer is helpful, please click "Accept Answer" and kindly "upvote" it.
