Quickstart: View the access a user has to Azure resources
You can use the Access control (IAM) blade in role-based access control (RBAC) to view the access a user or another security principal has to Azure resources. However, sometimes you just need to quickly view the access for a single user or another security principal. The easiest way to do this is to use the Check access feature in the Azure portal.
View role assignments
The way that you view the access for a user is to list their roles assignments. Follow these steps to view the role assignments for a single user, group, service principal, or managed identity at the subscription scope.
In the Azure portal, click All services and then Subscriptions.
Click your subscription.
Click Access control (IAM).
Click the Check access tab.
In the Find list, select the type of security principal you want to check access for.
In the search box, enter a string to search the directory for display names, email addresses, or object identifiers.
Click the security principal to open the assignments pane.
On this pane, you can see the roles assigned to the selected security principal and the scope. If there are any deny assignments at this scope or inherited to this scope, they will be listed.
Send feedback about: