Azure AD | Azure RBAC | |
Description | An identity and access management service that helps you access internal and external resources. | An authorization system that manages user’s access to Azure resources including what they can do with those resources and what areas they can access. |
Focus | Grants permissions to manage access to Azure Active Directory resources. | Grants permissions to manage access to Azure resources. |
Scope | Tenant level | Specify at multiple levels (management group, subscription, resource group, and resource) |
Roles | Important Azure AD built-in roles:
Supports custom roles. You can assign multiple roles on a user. | Fundamental Azure RBAC built-in roles:
Supports custom roles in P1 and P2 licenses. You can assign multiple roles on a user. |
Role information | You can access the role information in the Azure Portal, Microsoft 365 admin center, Microsoft Graph, and AzureAD PowerShell. | You can access the role information in the Azure Portal, CLI, PowerShell, Resource Manager templates, and REST API. |
Pricing | Azure AD has three editions: Free, Premium P1, and Premium P2. For the P1 and P2 licenses, you are charged on a monthly basis. | Azure RBAC is free and included in your Azure subscription. |
Sources:
https://docs.microsoft.com/en-us/azure/role-based-access-control/rbac-and-directory-admin-roles
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis