新增或變更管理訂用帳戶或服務的 Azure 系統管理員角色Add or change Azure administrator roles that manage the subscription or services

您可以變更管理您的 Azure 訂用帳戶或訂用帳戶中所使用 Azure 服務的 Azure 系統管理員。You can change the Azure administrator that manages your Azure subscription or manages the Azure services used in your subscription. 若要檢視 Azure 帳單資訊及管理訂用帳戶,您必須以帳戶管理員的身分登入帳戶中心。To view Azure billing information and manage subscriptions, you must sign in to the Account Center as the Account Administrator.

在 Azure 入口網站中新增訂用帳戶的 RBAC 擁有者管理員Add an RBAC Owner admin for a subscription in Azure portal

若要在 Azure 入口網站中將某人新增為訂用帳戶的管理員,我們建議您授與他 RBAC 擁有者角色。To add someone as an admin for a subscription in the Azure portal, we recommend giving them an RBAC Owner role. 擁有者角色可以管理您指派之訂用帳戶中的資源,但沒有其他訂用帳戶的存取權限。The Owner role can manage the resources in the subscription that you assigned and doesn't have access privilege to other subscriptions. 您透過 Azure 入口網站新增的擁有者不能管理 Azure 傳統入口網站中的資源。The Owners you add through the Azure portal can't manage resource in the Azure classic portal.

  1. 登入 Azure 入口網站中的訂用帳戶檢視Sign in to the Subscriptions view in the Azure portal.
  2. 選取您想讓管理員存取的訂用帳戶。Select the subscription that you want the admin to access.
  3. 在功能表中選取 [存取控制 (IAM)]。Select Access control (IAM) in the menu.
  4. 選取 [新增] > [角色] > [擁有者]。Select Add > Role > Owner. 鍵入您想要新增為擁有者之使用者的電子郵件地址,選取該使用者,然後選取 [儲存]。Type the email address of the user you want to add as Owner, select the user, and then select Save.

    顯示已選取 [擁有者] 角色的螢幕擷取畫面

新增或變更共同管理員Add or change Co-administrator

您只能將擁有者新增為共同管理員,Only an Owner can be added as a Co-administrator. 不能將角色為參與者和讀者等的其他使用者新增為共同管理員。Other users with roles such as Contributor and Reader cannot be added as Co-administrators.

  1. 如果您尚未新增,請遵循上述指示將某人新增為擁有者。If you haven't already, add someone as an Owner following instructions from above.
  2. 以滑鼠右鍵按一下您剛才新增的「擁有者」使用者,然後選取 [新增為共同管理員]。Right-click the Owner user you just added, and then select Add as co-administrator. 如果您沒有看到 [新增為共同管理員] 選項,請重新整理頁面或嘗試使用其他網際網路瀏覽器。If you do not see the Add as co-administrator option, fresh the page or try another Internet browser.

    新增共同管理員的螢幕擷取畫面

    提示

    如果使用者需要在 Azure 傳統入口網站中管理 Azure 服務,請將「擁有者」帳戶新增為共同管理員。You need to add the "Owner" account as co-administrator if the user needs to manage the Azure services in Azure classic portal.

    若要移除共同管理員權限,請以滑鼠右鍵按一下「共同管理員」使用者,然後選取 [移除共同管理員]。To remove the Co-administrator permission, right-click the "Co-administrator" user and then select Remove co-administrator.

    移除共同管理員的螢幕擷取畫面

變更 Azure 訂用帳戶的服務管理員Change the Service Administrator for an Azure subscription

只有帳戶管理員可以變更訂用帳戶的服務管理員。Only the Account Administrator can change the Service Administrator for a subscription. 根據預設,註冊時系統會將服務管理員與帳戶管理員設為同一人。By default, when you sign up, the Service Administrator is the same as the Account Administrator.

  1. 請參閱變更服務管理員的限制,確定您的情況是否受支援。Make sure your scenario is supported by checking the limits for changing Service Administrators.
  2. 以帳戶管理員身分登入帳戶中心Sign in to Account Center as the Account Administrator.
  3. 選取一個訂用帳戶。Select a subscription.
  4. 選取右側的 [編輯訂用帳戶詳細資料]。On the right side, select Edit subscription details.

    顯示帳戶中心裡 [編輯訂用帳戶] 按鈕的螢幕擷取畫面

  5. 在 [服務管理員 ] 方塊中,輸入新的服務管理員的電子郵件地址。In the SERVICE ADMINISTRATOR box, enter the email address of the new Service Administrator.

    顯示應變更服務管理員電子郵件之方塊的螢幕擷取畫面

變更服務管理員的限制Limitations for changing Service Administrators

  • 每個訂用帳戶都與 Azure AD 目錄相關聯。Each subscription is associated with an Azure AD directory. 若要尋找與訂用帳戶相關聯的目錄,請前往 Azure 傳統入口網站,然後選取 [設定] > [訂用帳戶]。To find the directory the subscription is associated with, go to the Azure classic portal, select Settings > Subscriptions. 請查看訂用帳戶識別碼來尋找目錄。Check the subscription ID to find the directory.
  • 如果您以公司或學校帳戶登入,可以將組織中的其他帳戶新增為服務管理員。If you are signed in with a Work or School account, you can add other accounts in your organization as Service Administrator. 例如,abby@contoso.com 可以將 bob@contoso.com 新增為服務管理員,但若想新增 john@notcontoso.com 為服務管理員,則 contoso.com 目錄中必須要有 john@notcontoso.com 才能這麼做。For example, abby@contoso.com can add bob@contoso.com as Service Administrator, but can't add john@notcontoso.com unless john@notcontoso.com has presence in the contoso.com directory. 以公司或學校帳戶登入的使用者可以繼續將 Microsoft 帳戶使用者新增為服務管理員。Users signed in with Work or School accounts can continue to add Microsoft Account users as Service Administrator.

    登入方法Sign-in Method 要將 Microsoft 帳戶使用者新增為安全性關聯 (SA) 嗎?Add Microsoft Account user as SA? 要將同一組織中的公司或學校帳戶新增為安全性關聯 (SA) 嗎?Add Work or School account in the same organization as SA? 要將其他組織中的公司或學校帳戶新增為安全性關聯 (SA) 嗎?Add Work or School account in different organization as SA?
    Microsoft 帳戶Microsoft Account Yes No No
    公司或學校帳戶Work or School Account Yes Yes No

變更 Azure 訂用帳戶的帳戶管理員Change the Account Administrator for an Azure subscription

若要變更訂用帳戶的帳戶管理員,請參閱將 Azure 訂用帳戶的擁有權轉移給另一個帳戶To change the Account Administrator of a subscription, see Transfer ownership of an Azure subscription to another account.

不確定帳戶管理員是誰嗎?Not sure who the Account Administrator is? 請遵循下列步驟:Follow these steps:

  1. 登入 Azure 入口網站中的訂用帳戶檢視Sign in to the Subscriptions view in the Azure portal.
  2. 選取您想要檢查的訂用帳戶,然後查看 [設定]。Select the subscription you want to check, and then look under Settings.
  3. 選取 [屬性] 。Select Properties. 該訂用帳戶的帳戶管理員會顯示在 [帳戶管理員] 方塊中。The account administrator of the subscription is displayed in the Account Admin box.

Azure 管理帳戶的類型Types of Azure admin accounts

帳戶管理員、服務管理員和共同管理員是 Microsoft Azure 中的三種系統管理員角色。Account Administrator, Service Administrator, and Co-administrator are the three kinds of administrator roles in Microsoft Azure. 下表說明這三個系統管理角色之間的差異。The following table describes the difference between these three administrative roles.

管理角色Administrative role 限制Limit 說明Description
帳戶管理員 (AA)Account Administrator (AA) 每個 Azure 帳戶 1 名1 per Azure account 這就是註冊或購買 Azure 訂用帳戶,且經過授權可存取 帳戶中心 及執行各種管理工作的那個人。This is the person who signed up for or bought Azure subscriptions, and is authorized to access the Account Center and perform various management tasks. 包括能夠建立訂用帳戶、取消訂用帳戶、變更訂用帳戶的計費方式以及變更服務管理員。These include being able to create subscriptions, cancel subscriptions, change the billing for a subscription, and change the Service Administrator.
服務管理員 (SA)Service Administrator (SA) 每個 Azure 訂用帳戶 1 名1 per Azure subscription 此角色經過授權,可管理 Azure 入口網站上的服務。This role is authorized to manage services in the Azure portal. 根據預設,新訂用帳戶的帳戶管理員也是服務管理員。By default, for a new subscription, the Account Administrator is also the Service Administrator.
Azure 傳統入口網站Co-administrator (CA) in the Azure classic portal 每個訂用帳戶 200 名200 per subscription 此角色的存取權限與服務管理員相同,但無法變更訂用帳戶與 Azure 目錄的關聯。This role has the same access privileges as the Service Administrator, but can’t change the association of subscriptions to Azure directories.

Azure Active Directory 角色型存取控制 (RBAC) 能讓使用者擁有多個角色。Azure Active Directory Role-based Access Control (RBAC) allows users to be added to multiple roles. 如需詳細資訊,請參閱 Azure Active Directory 角色型存取控制For more information, see Azure Active Directory Role-based Access Control.

深入了解資源存取控制和 Active DirectoryLearn more about resource access control and Active Directory

需要協助嗎?Need help? 請連絡支援人員。Contact support.

如果仍需要協助,請連絡支援人員以快速解決您的問題。If you still need help, contact support to get your issue resolved quickly.