Can we create a custom RBAC role that has permissions to a specific resource group name in all subscriptions under the same management group but not to anything else within the subscription
Can we create a custom RBAC role that has permissions to a specific resource group name in all subscriptions under the same management group but not to anything else within the subscription
In Azure, you can specify a scope at four levels: management group, subscription, resource group, or resource. Scopes are structured in a parent-child relationship. You can assign roles at any of these levels of scope.

(From the RBAC Guide)
If this answer was helpful to you, please remember to "mark as answer" so that others in the community with similar questions can more easily find a solution.
5 people are following this question.