So you need to understand access assignments, that is who has access to what and what actions they can perform.

Who can access your Azure resources and what they can do can be determined by assigning roles at various scopes, including management groups, subscriptions, resources groups and individual resources. 

Azure (RBAC) includes built-in roles that you can assign to users, groups, services principals and managed identities.

Skills: Bash, PowerShell, Active Directory (Entra ID), Virtual Networks, Azure Storage and Storage Accounts, Servers, Windows, Linux, Azure Monitor