Role-based Access Control (RBAC)
Ensure resources are compliant with a set of rules.
Authorization system to provide fine-grained access controls.
Policy is focused on the properties of resources.
RBAC focuses on what resources the users can access.
You specify a set of rules to prevent over-provisioning of resources.
You grant permission on what users can create.
By default, rules are set to Allow.
By default, all access is denied.
Policy within the resource group or subscription.
Grant access to users or groups within a subscription.
Both services work hand-in-hand to provide governance around your environment.
Azure Policy vs Azure Role-Based Access Control Resources: