locked
Manage access for data lake storage Gen2 using Storage explorer RRS feed

  • Question

  • I have assigned the contributor role to the users and those users can access the storage account. My main concern is that if there are two users accessing the same storage account they should not be able to view or modify the each other's containers present in that storage account. Is that possible?
    Thursday, December 19, 2019 5:06 AM

All replies

  • I noticed that there are at least 2 places in the portal I could assign access.  One is on the storage account as a whole, the other is while viewing a specific container.
    Friday, December 20, 2019 2:06 AM
  • When Contributor role is been assigned to user they can perform:  You may manage everything except granting access to resources.

    • Create and manage resources of all types
    • Delete roles, policy assignments, policy definitions and policy set definitions.
    • Create roles, role assignments, policy assignments, policy definitions and policy set definitions
    • Grants the caller User Access Administrator access at the tenant scope
    • Create or update any blueprint assignments
    • Delete any blueprint assignments

    By design it's not going to have  Manage access , RBAC isn’t going work in this scenario.  You need to create different storage account. 

    Hope this helps! 

    Kindly let us know if the above helps or you need further assistance on this issue.
      ------------------------------------------------------------------------------------------

    Do click on "Mark as Answer" and Upvote on the post that helps you, this can be beneficial to other community members.

    Friday, December 20, 2019 11:08 AM
  • Is there any update on the issue?

    If the suggested answer helped for your issue, do click on "Mark as Answer" and “Vote as Helpful” on the post that helps you, this can be beneficial to other community members.

    Monday, December 23, 2019 1:18 PM