Roles Based Access Control (RBAC) for Azure is now GA
Until now, to give people the ability to manage Azure you had to give them full control of an entire Azure subscription. Now, using RBAC, you can grant people only the amount of access that they need to perform their jobs. Download the generally available RBAC command-line management tools or use the Azure Management Portal (preview) to manage access for your production Azure workloads.
When it comes to identity and access, most organizations that are considering using the public cloud are concerned about two things:
Ensuring that when people leave the organization they lose access to resources in the cloud.
Striking the right balance between autonomy and central governance. For example, giving the project teams ability to create and manage virtual machines in the cloud, while centrally controlling the networks to which those virtual machines connect.
Azure Active Directory and Azure RBAC make it simple for you to accomplish these goals. Once you extend your Active Directory to the cloud, using Azure AD - your employees can purchase and manage Azure subscriptions using their existing work identity. These Azure subscriptions automatically connect to your Azure AD for single sign-on and access management. When you disable an AD account, it automatically loses access to all Azure subscriptions connected with your Azure AD.
Read more at source - http://blogs.technet.com/b/ad/archive/2015/10/12/azure-rbac-is-ga.aspx