I'm looking to set up a virtual machine (VM) and want to give a subcontractor complete access, including the ability to turn it off and on. However, I don't want them to have access to any other resources in our subscriptions. Can anyone help with the following?
1. Where can they create a Microsoft login for me to assign permissions? They are an individual without a company account.
2. How do I set up the permissions for the VM to grant them access?
4 Answers
You’ll want to invite them as a guest user in your Azure Active Directory. Then, create the VM and put it in the same resource group. After that, give them VM rights using role-based access control (RBAC). That should work!
For more granular access, consider making them a power on/off operator plus a Reader on the resource group, and maybe use a bastion host for extra security.
You need to invite them as a guest in Azure Active Directory. Then assign them as a VM contributor on the specific resource or set detailed permissions based on what level of access you want them to have.
Absolutely! Just give them Remote Desktop access so they can connect, and make sure the VM starts on it. They’ll be able to shut it down from inside once they're logged in, and can simply reconnect whenever they need to get back in.
What do you mean by resource group and RBAC?