Azure custom administrator roles should be disabled

azure.active_directory
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Description

Avoid the use of custom administrator roles, as they are error prone. Instead, use Azure’s built-in least privilege ‘job’ roles. Audit and remove custom roles if at all possible.

Remediation

To remove a custom role in Azure using the portal, follow the steps below:

  1. Log into the Azure portal and navigate to Subscriptions.
  2. Select the specific subscription, then under Settings, click Access control (IAM).
  3. In the Roles section, find and select the custom role you want to remove.
  4. Click Delete and confirm by clicking Yes.

Note: Removing roles can impact access for users and groups assigned to these roles.