Assign RBAC Custom Role on Management Group Level

Recently i had to add custom roles to our management group and since this is not supported through the GUI i had to go through powershell.

Create the .json file first and set your management group in the assignable scope section.

  "Name": "Start VM on Connect",
  "Id": null,
  "IsCustom": true,
  "Description": "Allowed starting up VMs",
  "Actions": [
  "NotActions": [],
  "AssignableScopes": [

After that, run the following command specifying the json file you setup.

New-AzRoleDefinition -InputFile C:\temp\RBAC.json

Thats it 🙂