azure cloud azure-policy azure-rbac azure-role-environment

Is there a way to give the user Owner role in subscription scope, but deny/read access to resource groups not made by him?

I want to invite guest user in Azure with permissions that he could do whatever he wants in subscription scope with owner role, but he couldn't view other resource groups that he didn't make or just be able to read them.

Solution

currently that's not possible. Deny assigments are limited to a couple of resource types.

Azure Service Plan - Convert Consumption App to Premium App
No PK or FK when exporting SQL Server database
Assigning a Token Lifetime Policy to an application in Microsoft EntraID seems to have no effect
How to create a dataset for Azure custom speech using spx (speechCLI)
Azure App Service Autoscale Fails to Scale In
Azure Scale Out on Memory keeps flapping (not scaling in)
Setting a server minimum for Azure Web App when using automatic scaling, from Bicep
A keyvault created with access policy using BICEP creates compound identity
Azure Loadbalancer with public IP forward traffic to Container Apps
How to grant a Managed Identity permissions to an Azure SQL Database using IaC?
What means skipNegotiation in SignalR HubConnection?
Azure ClientCertificateCredential - Using SNI
Azure AI Search MultiIndex / Conditional Semantic search
MSAL Node service & The Partner Center API
Load Registered Component in Azure ML for Pipeline using Python sdk v2
Azure Blob:- How to automate Azure Archive Storage to Cool/Hot tier conversion, send download link once it's avaible , and re-archive after 72 hours?
Azure App Service Custom Backup to Firewall Enabled Storage Account not working as expected
How to take max value and replace it in drived column in data factory
Synapse/ ADF - How to Truncate table if dynamic config column is True in pre-copy script
Azure Cost Management - track costs associated with Databricks job
Error: "OrganizationFromTenantGuidNotFound" (even with Microsoft 365 subscription)
How to check Debug.Writeline() output in VS code?
C# API - Provide download of files from Azure Blobstorage
localhost:300/api is not working : "This page isn’t working"
Creating an Azure Linux VM with Ubuntu 20.04 with Terraform
Failed to deploy path that does not exist
Using Azure WAF for my server(not in Azure)
How and where to define an environment variable on Azure
Azure Data Factory - Unable to preview data
Azure yaml trigger pipeline every 14 days on a Saturday