Which RBAC roles should Admin1 have for managing application groups in Azure Virtual Desktop?

To manage application groups in Azure Virtual Desktop, the role of Desktop Virtualization User is essential. This role provides the necessary permissions to perform tasks such as creating, updating, or deleting application groups and managing applications within those groups. It is designed specifically to support the operational functions of Azure Virtual Desktop, allowing users who hold this role to interact with the resources related to application deployment.

Individuals with the Desktop Virtualization User role can effectively manage user assignments to application groups, monitor the overall usage of the applications, and ensure that the application environment aligns with user needs. This targeted access makes it a suitable choice for administrators focused on application group management.

In contrast, other roles may not provide the specific permissions needed. For instance, the Desktop Virtualization Reader role allows read-only access, which would not enable any management actions. The Resource group Contributor role grants a wider range of permissions across all resources within a resource group but does not focus on the specifics of Azure Virtual Desktop application groups. The User Access Administrator role deals mainly with access permissions for users, which does not directly pertain to the management of application groups.

Overall, the Desktop Virtualization User role is tailored for the necessary management tasks within the Azure Virtual Desktop environment, making it the appropriate choice for Admin1