You can add an external user to your Azure subscription by inviting them through Azure Active Directory (Azure AD). This allows you to grant them access to specific resources within your subscription without giving them full administrative control.
Steps to Add an External User:
- Log in to the Azure portal: Go to https://portal.azure.com and sign in with your Azure account credentials.
- Navigate to Azure Active Directory: In the left-hand menu, click on Azure Active Directory.
- Select Users: Under Manage, choose Users.
- Add a new user: Click on New user and select Guest user.
- Enter user information: Fill in the required details, including the user's email address, first name, last name, and display name.
- Set user roles: Choose the appropriate role for the external user based on their required access level. You can select from a range of built-in roles or create a custom role with specific permissions.
- Review and create: Review the user information and click on Create to add the external user to your Azure subscription.
Key Points to Remember:
- Guest user accounts: External users are added as guest user accounts in Azure AD, which limits their access to resources within your subscription.
- Role-based access control (RBAC): You can control the level of access granted to external users by assigning them specific roles.
- Invitation email: Once you add the external user, they will receive an invitation email with instructions on how to access their account.
Example:
Let's say you want to grant access to a freelance developer to a specific Azure storage account. You can add them as a guest user and assign the Storage Blob Data Reader role, allowing them to access and download data from the storage account but not modify it.
Remember: Always follow best practices for security and ensure that external users have only the necessary access to perform their tasks.