This document goes over how to configure Azure RBAC providing fine-grained access to Azure Resources and visibility in Prisma Cloud.   With Azure RBAC, you can create a role definition that outlines the permissions to be applied to Prisma Cloud app registrations. This article specifically addresses the application of Azure RBAC predefined roles to manage access to Azure resources.    Azure Resources offers two authorization systems such as Azure Role Based Access Control and an access policy model.    Azure RBAC has several built-in roles you can assign to service principals and managed identities.    Azure Resources authorized by access policy model  Azure Resources authorized by Azure RBAC (Recommended Authorization)   The Prisma Cloud role created for Azure ingestion with Terraform currently utilizes the access policy module, requiring the addition of permissions one at a time. Azure recommends leveraging role-based Azure RBAC, which enables configuring permissions for Prisma Cloud using pre-defined Azure roles containing a set of permissions. With Azure RBAC, any updates to the role's permissions automatically apply without the need for manual adjustments.