 So what is Azure role-based access control, or RBAC for short? Well, this enables us to give different users of our Azure environment different roles based on the permissions that they need to operate within the environment. To make this a bit simpler, for example, you could have somebody who is an owner of an Azure subscription, or they would be assigned the owner role that gives them quite a lot of permissions. If they maybe just need to read stuff, they may just have the reader role, which means they can only read and the resources and the information. They can't update and change things. So giving people different roles gives you a much better security posture in the cloud because people only get access to what they need access to. Now, in Azure Active Directory where we define these roles, there are a bunch of built-in roles such as owner, contributor, reader, etc. And this is what most people use. But if you want some more granular control, you also have the option to create custom roles as well. So go over to Azure Active Directory in the portal and you can start getting familiar with this right away.