# Roles

# Create new role assignment

This will try to assign the assignee the owner role:

```
az role assignment create --assignee <user or service principal> --role "owner"
```

Resource: [https://www.xmcyber.com/privilege-escalation-and-lateral-movement-on-azure-part-1/](https://www.xmcyber.com/privilege-escalation-and-lateral-movement-on-azure-part-1/)