I understand you can assign 'Contributor' RBAC role on the Subscription level to give a user permission to create Resource Groups.
However, is there a way to give that permission through AAD (Administrator role assignment)? Or any other way?
I am currently not able to create resource groups, and need to ask to be given the permission. I am trying to understand what are the various ways that can be done. (especially because there are no RBAC roles at all on the subscription, except 'classic administrators' and yet I see some resource groups have been created and owned by non-classic administrators)
Only other way to do it - assign user a global administrator, after that, that user can grant himself full permissions to everything inside the tenant.
Its under Azure AD blade >> properties >> Access management for Azure resources